Three jobs in cybersecurity you’ve probably never heard of
Cybersecurity offers diverse job opportunities for professionals with a wide range of skills and experience. Discover three specialist roles in cybersecurity.
Read More“It is well known that our adversaries share intelligence, so we are at a disadvantage if we aren't sharing information too.”
Gram Ludlow (SVP, CISO at Marriott Vacations Worldwide) has built information security programs and managed global security teams – as well as mentoring the next generation of industry professionals. He takes a wide view of his own role in defending organisations right now, and enabling the teams who’ll defend them in the future.
He’ll be sharing his wisdom at Black Hat 2023. So we asked what types of threat he’s seeing a lot of right now, and why information sharing between CISOs is crucial to resilience.
“Since a young age I have been fascinated with puzzles of all types. As I matured, I also gained a strong sense of right/wrong and wanted to do something creative and beneficial for the world.
“But everything really came together for me as a young adult when an early mentor of mine gave me a nudge in the security direction. Everything clicked! The combination of challenge (technical, human, organisation) with the chance to protect people drew me quickly in and led me to where I am today.”
“For-profit hacking is definitely the biggest threat I see. There has been a proliferation of organised, but ‘basic’ spam-type threats that broadly target huge groups, and only need a small chance of success to be profitable. They are targeting individuals, businesses, governments, really anyone or anything where they can monetize. With automation and scale, it is relatively easy to carry out these attacks at low cost.”
“While there are some basic security capabilities every company needs, my perspective is that each company is unique, and needs its own, customer security infrastructure.
“Based on industry, threat levels, and even specific technology platforms, different approaches and supporting technologies are needed to adequately protect a company.
“This is why security architecture, as a function, is so important for a complex entity.”
“It is well known that our adversaries share intelligence, so we are at a disadvantage if we aren't sharing information too.
“Sharing security best practices, threat intelligence, and other, non-proprietary information between companies and industries lifts us all up and helps individual organisations and economies grow and prosper.
“Respecting confidential information is important in this sharing, but there are many mechanisms now to be able to share for security while maintaining confidentiality.”
“Keeping up with the dynamic landscape of security is a challenge for all security professionals. As a CISO, I seek out opportunities to hear from thought leaders and security practitioners so that I can bring a fresh perspective into my own security program.
“Black Hat MEA gathers so many industry experts, security visionaries, and experts into one place with extraordinary content and collaboration. Attending Black Hat MEA will help me better guide my security program and enable my company to best manage cyber security risk.”
Thanks to Gram Ludlow. Learn more from him at Black Hat MEA 2023.
Join the newsletter to receive the latest updates in your inbox.
Cybersecurity offers diverse job opportunities for professionals with a wide range of skills and experience. Discover three specialist roles in cybersecurity.
Read MorePasswordless authentication expert Umer Khan explains how passwordless security works, and why it’s more useful than existing authentication strategies, including MFA
Read MoreResearchers have found a new chatbot attack that uses prompt injections to steal personal data from users.
Read More