About the interviewee: Abdulatif Alrushaid is leading Cyber Security in Engie Saudi Arabia, overseeing IT/OT operations, and ensuring facilities compliance to national and international regulations. Abdulatif holds a master’s degree in Information Security from Georgia Tech University.
1.Could you share with the Cyber Security community, your top three lessons in securing businesses in the past one year, especially when it to protecting critical infrastructure.
Answer:
> Humans are the weakest link in any organization, you always need to keep investing on training employees and increase their awareness on cybersecurity
> There is no “one magical solution” you can depend on, each solution has its strengths and weaknesses, and that’s why defend in depth through multiple solutions and different vendors is essential
> “ICS network is isolated” is a myth, there is always a way to reach that network, so IT & OT teams must have an open communication channel to ensure the security of their critical infrastructure
2. Given the rapidly evolving threat landscape, and an even rapidly evolving and innovating technology sector, how can CISOs convince their business leaders to adopt a top bottom approach when implementing cybersecurity framework?
Answer: Cybersecurity is more of a corporate culture than the work of two or three departments, implementing cybersecurity will require full commitment from the top management to be cascaded to all other departments, and will also require the appropriate budget to achieve it. I always compare cybersecurity to safety and how it’s always a priority when it comes to industrial world, with the rise of digital era, protecting the cyber space is becoming as important as protecting the physical space.
3. As a panelist at the upcoming CyberX Saudi Summit, what can our attendees expect from your session?
Answer: Our panel will discuss the appropriate ways for CISOs and Cybersecurity leaders to communicate with their top managements and how to translate technical assessments into board level risks. The panelists come with strong experience and attendees can expect to take away actionable insights on fostering a top bottom cybersecurity culture, on building strong compliance programs, and prevention metrics to tackle their blind spots.
Join Abdulatif Alrushaid on Monday, 4 October 2021 from 14:35 – 15:30, Arabian Standard Time (GMT +3) for an interesting and informative discussion on ‘How and when to bring cybersecurity into the Boardroom”. To register for the session, please visit: www.cyberx-saudi.com
Comments