A Tech Leader's Take on Cybersecurity: Insights from Our CTO

In celebration of Cybersecurity Awareness Month, we had the privilege of engaging in an insightful interview with GERALD SIMILA , the esteemed Chief Technology Officer at Konvergenz Network Solutions . With an extensive tenure spanning over 16 years in the realm of cybersecurity, Gerald has accumulated a wealth of experience and expertise in safeguarding digital landscapes. His valuable insights shed light on the ever-evolving landscape of cybersecurity and offer invaluable guidance to both professionals and enthusiasts in this field. Let's delve into his perspectives and expertise on cybersecurity.

What is the importance of Cybersecurity Awareness Month, and why should individuals and businesses pay attention to it?

Cybersecurity Awareness Month emphasizes the importance of cybersecurity by creating targeted messages aimed at creating awareness of the impact of cybersecurity incidents and what can be done to minimize the impact. Businesses and individuals should pay attention so as to stay abreast of the new emerging threats and ways to mitigate them. The cybersecurity landscape is evolving faster than the rate at which existing controls are improving thus it's important for us to stay abreast and find compensating controls that can cover the gaps in our existing controls that may not be very effective against emerging threats.

Are there any emerging technologies or trends that are making it easier or more challenging to maintain cybersecurity in the modern world?

Yes, advances in AI, automation, and cloud are making it increasingly challenging to secure our critical digital assets. With cloud offerings like ransomware as a service or bots as a service, we find ourselves fighting against machines that have been programmed to wreak havoc and compromise the confidentiality, integrity, and availability of our critical digital assets.

What are the 3 best practices for businesses to ensure the security of their data, systems, and customer information?

Adopting cybersecurity first principles strategies such as:

1. Zero trust security
2. Building controls and capabilities mapped to the cyber kill chain
3. Having robust business resilience strategies

As we continue to rely on connected devices and the internet, how do you see the future of cybersecurity evolving, and what should individuals and businesses prepare for?

With the adoption of Internet of Everything technologies, cybersecurity will become increasingly challenging. Businesses should prepare for more attack surface exposure across multiple fronts and should invest in more robust cybersecurity controls and capabilities, especially in areas such as secure software development, detection and response capabilities, and general cyber hygiene and security awareness.

What resources or tools do you recommend for those looking to educate themselves further about cybersecurity and stay informed about the latest threats and best practices?

Following the latest podcasts on cybersecurity and also actively following cybersecurity social media channels on Twitter, LinkedIn, Facebook, Youtube, etc

How can organizations balance the need for robust cybersecurity with the desire for innovation and agility in a rapidly changing technology landscape?

Taking a proactive approach by embedding cybersecurity in the development process of new innovations rather than making it an afterthought (reactive).

In your experience, what are the most critical mistakes organizations make when it comes to cybersecurity, and how can they avoid them?

Taking a reactive whack-a-mole approach to cybersecurity which has been proven to be very ineffective and a waste of resources. Organizations should be more intentional and proactive when it comes to matters of cybersecurity by adopting a shift left security approach by incorporating security best practices at the onset of the design and development process rather than after the rollout of a product. Organizations should also conduct regular risk assessments to ascertain their cybersecurity posture from a risk perspective which creates a direct correlation to the business operations thus easier to communicate the importance of cybersecurity to the non-technical business leadership

Finally, what message would you like to convey to our audience during Cybersecurity Awareness Month regarding the importance of cybersecurity and what steps they should take to protect themselves and their organizations?

Borrowing the famous words of Bruce Schneier: "You can't defend, you can't prevent, the only thing you can do is detect and respond". Organizations should create a healthy balance between preventive and detective security capabilities and shift away from legacy perimeter-centric cybersecurity controls by adopting zero-trust security principles.

As we conclude this interview, Gerald's perspectives remind us of the ongoing necessity to remain vigilant, adaptive, and proactive in the face of emerging cyber threats. His wisdom is a testament to the importance of continuous learning and preparedness in safeguarding our digital world.