4 Key strategies for leveraging AI against cyber threats
Discover four critical ways that AI can be integrated into cybersecurity operations to improve threat detection, enhance threat intelligence, and speed up recovery after an attack.
Read More“The most important thing is to have a good team – where people not only complement each other but where their knowledge also overlaps. You then have the opportunity to listen to opinions on topics you are not an expert in.”
We asked BHMEA23 speaker Wojtek Swiatek (VP and CISO at Dassault Systèmes) how he got into cybersecurity. With a background in academia, he brings a scientific perspective to his work. But although studying physics has helped shape his career, he doesn’t think every aspiring CISO needs to be an academic first.
Instead, Swiatek emphasises the importance of diverse experiences within one team.
“I had an unusual career path, starting with Academia (studies and PhD in Physics), then discovered the world of IT and managed several operations across EMEA, and finally fell in love with cybersecurity when it was still a rather obscure part of technology.
“It was a wild ride from there on, witnessing the rise of large-scale threats, the cloud and the uberisation of cyber criminality.”
“That there is truly a 80/20 rule (or even a 95/5 one) and that by seriously assessing your risks and addressing the main threat vectors you can really get a head start.
“That this is not going to be comfortable because these needs will impact all technical teams and their processes.
“That there are really good and really bad vendors, and that none will have the ‘all-in-one’ solution they often advertise. That ROI in cybersecurity is a joke.
“Cybersecurity is often seen as either a role where you annoy everyone, or technical wizardry. It is however primarily a communication job where you aim to bridge real-life risks with the objectives of your organization.”
“Bringing security as close to the data as possible and integrating Zero Trust wherever possible (and avoiding the buzzword malediction).
“The main challenge is that computers and networks, generally speaking, were never designed with security in mind. This means that there have been innumerable additions and layers put on top to try to bring in security to places where it was not expected. This itself created a chain of vulnerabilities and we have the world as we know it.
“It is time to completely rethink how we consume information and acknowledge that hyper-connection means that everything we were brought with (firewalls, DMZs, ...) is not tailored anymore for the age of communication.”
“It was a happy collateral discovery. During my stay at CERN I discovered the world of Unix and quickly started to manage the Unix cluster at my University. This scaled up with my activities at IBM and finally led me to large international companies such as Motorola, and now Dassault Systèmes.
“Physics (and science in general) is wonderful to instill a sense of rationality and tenacity in what you do. It also helps to understand data and make correct decisions based on them. I would say it is a great base to learn on.”
“Either can work, it depends a lot on the companies. Some of them expect a traditional career path and others will look at different factors.
“Since the work of a CISO varies considerably between companies and industries you may be better off with a specific set of qualifications (formal or informal) but I strongly believe that a CISO must have a strong technical understanding of the threats in order to set priorities. And among these priorities, the truly important ones.
“The most important thing is to have a good team – where people not only complement each other but where their knowledge also overlaps. You then have the opportunity to listen to opinions on topics you are not an expert in.”
“Besides the traditional technical advances in cybersecurity, I look very much forward to informally meeting my peers to openly share ideas and experiences. The cybersecurity world is a specific one, where we are all in the same boat and working together is beneficial for everyone. I cannot wait to meet you all there in November!”
Thanks to Wojtek Swiatek at Dassault Systèmes. Learn more at Black Hat MEA 2023.
Join the newsletter to receive the latest updates in your inbox.
Discover four critical ways that AI can be integrated into cybersecurity operations to improve threat detection, enhance threat intelligence, and speed up recovery after an attack.
Read MoreWe explore four kinds of AI threats that are putting societies at risk: social engineering attacks, deepfakes, automated malware, and weaponized AI systems.
Read MoreNew research reveals that cybersecurity has become an afterthought for many manufacturing and transportation organisations as they rush to embrace new technologies and fresh opportunities.
Read More