The secret to being a good technology expert and then a good leader is to collaborate with everyone in your organisation and with your peers in the industry
This is an exclusive interview conducted by the Editor Team of CIO News with Aman Malhotra, Security Global Black Belt at Microsoft
How did you plan your career path to be a successful technology leader?
I have always had a strong inclination towards knowing the latest trends in the tech space, be it during my engineering or MBA days or while I was working. During the initial years of my career, I got the chance to work with some of the top tech companies in India and around the globe and get a first-hand view of what it’s like to work with the best minds in business.
My first stint with security and cloud domains was after completing my MBA, when I joined a tech company. Knowing that security was one of the new emerging trends in the industry, I wanted to explore the field in detail, but I honestly did not know in that moment that I would end up building a career path in security.
As security and cloud adoption and transformation increased exponentially, it demanded professionals adapt, learn, and keep themselves updated on the latest advancements in the domain. To stay in sync with the same and build upon my knowledge and experience, I not only invested time and effort in the learning aspect of growth but also ensured active collaboration with subject matter experts and other aspirants like me. One thing that has helped me a lot in this journey so far is the immense pool of knowledge available across the security community, and this support is something that I strive to give back to the community as much as possible.
What challenges you faced in your career path and how did you overcome them?
The most common challenge in the cybersecurity domain has been keeping up with the industry’s rapid growth and the emergence of new technology, demands, and skill sets. The technological advancements that we have witnessed in the cybersecurity field in the last 7–9 years have been overwhelming for everyone.
It wouldn’t be right if I said I had been untouched by this same feeling. But that’s where the challenge is: accepting, adapting, and changing.
It might feel difficult and confusing to start with, but once you acknowledge the rocky road ahead, it gets a whole lot easier. Each time I have been hit with this fog of uncertainty, I have gone back to the basics, which are nothing fancy but a simple will to adapt and learn. I strongly believe that each challenge comes with its own basic solution, and all we need to do is introspect, take a deep breath, and find out what works best for ourselves to not only tackle the challenge, but to learn from it and grow from it.
While working in the security industry, I faced my fair share of challenges and uncertainties, which forced me to make some informed and some uninformed decisions. Some paid off, some didn’t, but at the end, what stayed with me were the lessons that have been my north star. When I started my journey, the key focus was around information security, network and firewall security, antivirus tools, and data loss prevention. However, the marketplace has changed due to advancements in tools, an increase in new day attacks, new solutions in response to zero-day attacks, GDPR and other compliance enforcements, COVID affecting all aspects of life overnight, newer use cases and demands across work from home, growing BYOD scenarios, data on the cloud, digital transformations, the convergence of IT and OT ecosystems, and so on. This required not only a certain level of expansion from me as an individual, but also a lot of changes in the way my team works and how we can all work together to meet the needs of our customers.
What are the challenges faced by technology leaders today while implementing digital technologies?
As rewarding as the implementation of digital technologies for business outcomes is, data and cyber security are one of the key challenges faced by leaders across industries while on the path of digital transformation. Ensuring different security solutions (across devices, users, identities, data, applications, and cloud or network infrastructure) integrate and work together seamlessly is a daunting task.
Another prevalent challenge is verifying the security levels, capabilities, and use cases of each third-party platform and tool. This is increasingly important because the quick adoption and rushed implementations, without proper use case definition and testing, are making organisations vulnerable to increased cybersecurity risks. Additionally, leaders need to ensure that their people and processes are in sync with technology adoption and implementations.
Other non-technical yet prominent challenges are talent availability to implement and maintain tech solutions, limits on budgets leading to choosing the cheapest solution, choosing the right mix of tools that work together and not in silos, proper definition of compliance and risk metrics, and ensuring a robust cyber resilience framework to fall back on in case of a cyber-attack.
How can technology leaders overcome the challenges they face?
Technology, being a field with fast evolutions and continuous demand from changing business models, is not a field with shortcuts. With a new set of challenges coming to the forefront, leaders need to be appraised of the industry trends, market demands, technology landscape, and operational improvements, to name a few. Cross-domain experience with various security tools and industry knowledge sharing is the primary tool that has always come in handy for me while addressing any unknowns along the way. Additionally, it is very important to focus on the overall security program instead of one of its pillars. You can be a subject matter expert on threat hunting or security operations, but you also need to be aware of and knowledgeable about other pillars like risk, compliance, resilience, etc. Having a bigger picture helps you grow your thought process as a leader.
Additionally, a shortage of talent is also one of the biggest challenges I have faced. Needless to say, a leader is only as good as his or her team. To address this shortage, personally, I prefer hiring people based on their character and attitude, even if they might not be a 10-on-10 on the skills needed. The advantage of having people with the right attitude and character is that they can quickly adapt to and learn from the growing advancements of the tech industry. Also, a leader needs to focus on the growth and retention of talent, and having a culture of learning and development can help promote retention.
Any best practices, industry trends, or advice you’d give to fellow technology leaders to help them succeed professionally?
Apart from learning and staying on top of all developments, I think the secret to being a good technology expert and then a good leader is to collaborate with everyone in your organisation and with your peers in the industry. With collaboration, you can learn from others and share your experiences as well. You can borrow best practises and learn from others’ mistakes. Collaboration makes you grow exponentially.
Any other points that you would like to highlight?
With so much digitalization happening around us, for example, online marketplaces and transactions, UPI, an increase in the usage of smart phones, working from home, etc. Security is not a choice anymore; it’s a necessity. It is very important to educate your family and friends about security, too. I am sure you have heard about scams happening on chat, social media, SMS, calls, websites, etc. It is very important for all individuals to practise security and follow a zero-trust approach to unknown identities.
CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics