As a CISO, our work should involve recognizing and preventing the unlawful outflow of digital assets, control of cyber incidents, management, and implementing new security practices, and keeping higher staff updated with the security team’s current practice
This is an exclusive interview conducted by Santosh Vaswani, Content Writer & Editor at CIO News with Subho Halder, Co-founder and CISO of Appknox, on his Professional Journey
When asked how he planned his career path to be a successful Co-founder and CISO, Subho Halder, Co-founder and Chief Information Security Officer (CISO) of Appknox, in an exclusive interview with CIO News, said, around 2014 a lot of companies were doubling on the mobile side of growth and were going mobile-first. We could see a trend where Mobile will become the primary way of consuming internet services. In my previous organisation I was managing the digital security initiative. Looking at the tremendous growth and potential, I started my entrepreneurial journey and started Appknox. I started interacting with a lot of CISOs of different Fortune 500 companies and BFSI sectors in India, Southeast Asia, and the Middle East. Having interaction with CISOs almost on a daily basis gave me an insight on what are the different challenges which are faced by them. This gave more insights on how to help CISO and how to implement best security practices itself in Appknox.
When asked about challenges he faced in his career path and how he overcame them, he said, my career path followed a trajectory from Developer to Security Researcher, followed by implementing security practices in Appknox. We all know that Security is a rapidly changing landscape, and being a CISO, it is very important to be up-to-date with the latest threat and security practices. One of the challenges which we faced was during COVID-19 was to shift to the Work-From-Home model within a few days, and that became a security nightmare. Thankfully, we were prepared with systems in place and implemented newer security practices at Appknox at a very fast pace.
When asked about challenges faced by other CISOs while implementing digital technology, he said:
- Managing Data Protection,
- Work to uphold the principle of transparency,
- Keep a tight grip on data flows,
- Getting the right type of talent,
- How to provide in-house digital and IT skill training to employees,
- Preparing for emerging Technologies.
When asked how CISOs can overcome the challenges faced, he said:
- Clear Communication: The importance of clear communication cannot be overstated. CISOs need to ensure that all parties are on the same page with regard to the threat landscape, security policies, and procedures.
- Data Encryption: Encryption is the best way to ensure that data in the company remains secure. Not only does encryption protect files while they are in transit, but it also ensures that only the user has access to the information.
- Strong data breach policies: CISOs need to include strong data breach policies as part of their security solution. The policies should list specific steps for when data is breached and what administrators need to do in response.
When asked about industry trends/best practices/his advice that he would like to suggest for successful professional journeys of other CISOs, he said, As a CISO, our work should involve recognizing and preventing the unlawful outflow of digital assets, control of cyber incidents, management, and implementing new security practices, and keeping higher staff updated with the security team’s current practice. The key responsibility of CISO is to maintain the overall security of the organization.
From my past learning, below are the four robust steps For CISOs to build cyber resilience:
- High Degree of Visibility
- Employ a proficient Team or Unit
- Have a security centred approach
- Have a proactive approach to eradicate the possibilities of breaches
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topic