Decryption of the Cyber Security for the business and IT leaders

3. What are the important factors could help make the cyber security initiative successful?

Frankie: There might be many success factors, but in many organizations across industries, there might be 2 common baseline factors to make project success, they are PEOPLE and CULTURE. People is the most valuable asset and culture is the best oil of the organization. When two of them come together, the united power will be amplified to enable the business growth in the safe & sound manner. I’m fortunate to be able to work with a lot of smart and great leaders and experts in the cybersecurity domain so far. One great character about them is promoting the strong & positive people connection and inclusive culture. They are able to understand the organization’s business thoroughly from strategy to execution. Understand where and how critical business assets and processes are running. Thinking and talking like a business partner is key to get support from the business side for cyber security professionals. It’s about connecting the people in the inclusive way, so that the cyber security risk could be well articulated in the business world. We could use the cyber thread landscape, data analytics, and risk appetite as the elements to the tell the story that could be understood and adopted. Remember, talking in the jargon could only be understood within our limited cyber security teams, but not the wider business partner teams. People need to be connected and included and after that, the project run by people could be successful.

4. Anything would make you excited for the future of the Cyber Security space?

Frankie: There’re enough talks in the industry about technological trends like cloud computing, Artificial Intelligence, Machine Learning, etc. I will not repeat these buzzwords here, but would like to share that Quantum computing is one of emerging technologies I would encourage to take a look. Quantum computing might disrupt the foundation of today’s data encryption / protection algorithm we have rely on heavily for many years in the cyber security world.

In 2019, Google announced that its Sycamore quantum computer had completed a task in 200 seconds that would take a conventional computer 10,000 years. If the commercialization and mass production of quantum computing arrives in the long run, today’s encrypt key might be not able to claim secure any more. As the cybersecurity practitioners, we should keep the eye closely on these disruptive technologies, see how they will impact us and if any emerging solution coming up, how we could leverage.

5. Cyber Security leaders in the enterprise not only need hard skills on the technical expertise and knowledge, but also soft skills like aligning with business priority, communicating well with non-tech stakeholder, etc. Any other soft skills cyber security leaders could consider to improve?

Frankie: Totally agree here. I just shred one thing as the example, it’s too common that people might overlook, but it’s very important for all the stakeholders -- this is same language. Sometimes, people might assume something for granted and it will cause confusion if not everyone is on the same page even on the same topic. Let me share one real life example of same language, it’s stock exchange’s stock price color code. In US, Europe and Singapore, we know the green color means the stock price is up and red color means the stock price is down. But if you go to exchanges in China, Taiwan and Japan you will find they are following the other way that red color means the stock price is up and green color means going down. And if you go to Korea’s exchange, you will find, for them red color means going up but blue color means going down. So same color might have the complete opposite meanings in different countries. So let’s use the same language with the same meaning to avoid the confusion.