|Our daily life now depends on a safe and resilient cyberspace. Stephen Cryan, former Executive Security Consultant of the Commomwealth Bank of Australia share with us his thoughts on the future trends of cyber security and the challenges he faced working in the banking industry.
He will present at the Cyber Security @ CeBIT Conference 2013 on 28 May at the Sydney Convention and Exhibition Centre.
He is presenting on Building and Security Buy-In for your Cyber Security Strategy.
1. Please briefly describe your role and responsibility at your organisation.
My role was to provide relationship management, security consulting and strategic advice/planning to defined business unit or units supported by CBA Enterprise Services by establishing and maintaining an effective relationship with the business unit CIOs and their leadership teams. One of the primary responsibilities as the aligned security executive is to ensure that there is easy and adequate engagement of the security organisation at appropriate points throughout both development and operational lifecycles.
2. What are you presenting at CeBIT Australia?
I will be presenting a brief look at how I have managed to successfully implement security controls and strategies with the support of the business units.
3. What do you think are the main issues that people are facing in cyber security?
There are many issues facing the modern cyber security professional and from experience the main challenge I have faced is ensuring the business and the security/risk professional are on the same page.
4. Can you describe a current project you’re working on and how the solution/product is helping business to adapt to the challenges of cyber security?
‘Kaching’ is the obvious example that leaps to mind from when I was working at CommBank. We very carefully considered the risks and controls between current banking process and the mobile banking processes with the end result we could re-use a significant number of the existing risk and security controls to ensure the solution was within the group’s risk appetite.
5. What do you see as the strengths for the Australian industry and how do these strengths compare globally?
I believe the strength of the Australian security industry compared to our global counterparts is the collaboration between security professionals. I was once told by a wise man that he doesn’t believe that security should be treated as intellectual property as damage to one bank will have a knock on effect to other.
6. What trends do you see as influencing cyber security?
The media is the greatest influencer of cyber security, an article in a major paper can have a majorly positive or negative effect on a security initiative.
7. What do you believe the future holds for cyber security?
My crystal ball tells me that we will still be outgunned and outnumber as defenders in the future and solutions like user aware firewalls will assist with containing breaches as well as enforcing chinese walls effectively. Obviously, the mobile area will be the new battlefield and I expect to see great controls in Google Play and the App Store to weed out malicious applications.
8. Anything else you would like to add.
I believe things will get worse before they get better but don’t despair, understand your business, support them and eventually something event will support your recommendations. Before which hill you decide to die on……
See Stephen Cryan, Former Executive Security Consultant, Commonwealth Bank of Australia, at the Cyber Security Conference @ CeBIT Australia 2013 in Sydney on 28 – 30 May 2013.