As part of Cyber Management Alliance’s exclusive Insights with Cyber Leaders series, Amar Singh interviewed Sandro Bucchianeri, formerly CISO of Investec and currently Group CSO at the National Bank of Abu Dhabi, one of the leading banks in UAE.
For Sandro, it’s been a long journey and believes a key contributor to his success has been consulting, a great stepping stone to understanding what a business’s needs are. Most of us in these CISO/CSO roles have a technical capability but transferring those technical abilities into understanding what a business wants is important. A company is buying your expertise, but not just on a technical level.
A love of IT has been a mainstay of Sandro’s life – he says he’s a true geek! But as his career progressed, he left behind the technical programming side and moved into consulting and led him to moving around the world.
Understanding the technical challenges for a business, what are the problems they are facing and be pragmatic about what are the business’s requirements. Always have an alternative solution, but without compromising skills.
Your team is important, believes Sandro, and the structure is an element that is considered when hiring new people – it depends on the role, i.e. identity management is process heavy, whilst vulnerability management is very technical, and how far down the career path that person is willing to go if they are gifted with a particular technical ability. Sandro also considers their level of training and where that person wants to specialise their skills, and their passion.
To Sandro, passion for their work is very important in a person; he himself is very passionate about what’s happening in the vulnerability space and how it affects risk. Together with an understanding of what’s important, taking the risk-approach, is a key aspect.
Threat intelligence is key to dealing with the 1% of threats, the APTs. Detecting threats on your network helps you with prevention and incident response. Sandro believes that if you know what the potential threats are to your network, it will be easier to identify when your intelligence has been compromised, where you are vulnerable and raising awareness. For Sandro, awareness is going to be the biggest challenge any CISO/CSO will face. You can implement all the technology, all the process and spend millions but if you can’t improve people awareness, the human threat, then all of it will fall down.
Is there too much focus on protection? For Sandro, threat intelligence feeds your threat prevention, which leads to threat detection and ultimately into incident response. It is a continuous circle. But he has an issue with incident response; everyone wants the ‘silver bullet’ approach, i.e. the great worded document in how to deal with incidents, but you should follow the chain of custody, maintain the chain of custody and preserve the evidence; it’s vitally important. Incident response should be everybody’s response.
The process in cyber is very important to Sandro but if it is too hard to follow, to implement, it will not apply practically, no matter how good it looks on paper. The aim is to design a process that is good, solid framework and then implement the process that meets the company’s needs, and what the business wants to achieve. Not all organisations are designed the same way.
Two years ago, the buzz word was cloud but that faded away; now it’s information security which has grown in to cyber security and how it’s being addressed. For Sandro, his biggest challenge is third party risk, the age of access, service desks, outsourcing. Do due diligence on your third parties, understand how they will deal with your data, how they protect your environment on multiple levels.
Sandro believes intelligence sharing is vitally important, the key that binds us together. Hackers share information without compliance, without regulations. He believes that the only way to be successful against these people is if we share information, helping everyone to better protect their environments.
Sandro shares his insights in to his career, the challenges he believes the cyber security space is facing and what is in the future. Watch Sandro’s exclusive Insights for Cyber Leaders interview to learn more.