All Articles

First 90 Days Of CISO: Navigating Organizational Dynamics;Insights into Business Strategy& Data Management By Bikash Barai and Matthew Ireland

Posted by Gaya M on May 12, 2024 at 7:54pm in Blog

First%2090%20Days%20Of%20CISO%20Navigating%20Organizational%20Dynamics%3BInsights%20into%20Business%20Strategy&%20Data%20Management.png?profile=RESIZE_710x

 

In this insightful discussion, two cybersecurity professionals, Matthew and his colleague, delve into the intricacies of understanding organizational dynamics and navigating challenges within the cybersecurity landscape. The conversation touches upon various aspects, including the importance of comprehending an organization's business culture and strategy, the challenges of data management, and the influence of mentorship and continuous learning in career development.

 

 

 

 

Here is the verbatim discussion:

So um jumping on linkedin who do i know that works there or who do i know that used to work there why did someone leave especially if they're in the executive leadership capacity um you know things change and move movement around organizations is not uncommon but i start to really understand looking at the company's website what does their business do uh what what um investment tools do they have where where do they get their revenue from things like that really helps me start to understand what their business culture and business strategy looks like it at least what's available for on the public domain yeah and that's a very important part right i mean without knowing the organization and the business it's very hard to go and then uh figure out how to uh move around  absolutely and matthew you brought up some very interesting points and i found some of those to be a very interesting ones like for example you mentioned about the um inventory right so one of the challenges which i have uh noticed i don't know if you have seen um or face the same or not just knowing where data is who all has got data and how does the data flow i don't know kind of any organization who has kind of nailed this any large organization who has nailed this this such a hard problem right i mean there are of course many asset discovery  understand their language and that will help us to communicate a lot lot better so so great points uh matt which you made and um let's um close with a a few small things um interms of you you had been in the industry for a very very long time right so which which are some of these books or some of the podcasts or some of the people who really influenced you in your journey in in the cyber security field yeah i would say um what the the pivoting point in my career uh came from a mentor it's probably been 10 -15 years ago john petrie who's now the counselor to the ciso at ntt holdings in japan uh he was a manager of mine as a when he was a cso several companies ago  we used to as in the security industry we used to be afraid of or hunting down the shadow i.t organizations because shadow it was doing things in a non-standard way they may have intentionally been hiding and sliding around and preventing security controls that were this department of block right data is another challenge that we have and it's it's probably more our current challenge but there's a lot of lessons that i think we should have learned from shadow i t days and that is shadow data buckets right.

 

 

Highlights:

Understanding Organizational Culture: Matthew emphasizes the significance of researching an organization's business culture and strategy, highlighting the value of tools like LinkedIn and the company's website. This understanding forms the basis for effective navigation within the organization and alignment of security initiatives with broader business goals.

Challenges in Data Management: The conversation shifts to the challenges of data management within organizations, including the complexity of knowing where data resides, who has access to it, and how it flows. Both professionals acknowledge this as a significant and difficult problem, with Matthew suggesting that even large organizations struggle to address it effectively.

Importance of Effective Communication: Matthew underscores the importance of communicating security concepts in a language that business stakeholders understand, emphasizing the need to align language with their priorities to facilitate better communication and collaboration.

Influence of Mentorship and Learning: Matthew reflects on the pivotal role of mentorship in his career journey, citing the influence of his mentor, John Petrie, who helped shape his perspective on cybersecurity. He also highlights the lessons learned from past experiences, such as dealing with shadow IT, and emphasizes the importance of continuous learning and adaptation in the cybersecurity field.

 

 As the discussion concludes, it leaves cybersecurity professionals with valuable insights into navigating organizational dynamics effectively. By understanding organizational culture, addressing data management challenges, and embracing mentorship and continuous learning, cybersecurity professionals can enhance their effectiveness in safeguarding organizational assets and addressing evolving cybersecurity threats. This conversation serves as a reminder of the importance of adaptability, collaboration, and continuous improvement in the cybersecurity field.

 
 
Speakers:
 

Bikash Barai is credited for several innovations in the domain of Network Security and Anti-Spam Technologies and has multiple patents in USPTO. Fortune recognized Bikash among India’s Top 40 Business Leaders under the age of 40 (Fortune 40-under-40).Bikash is also an active speaker and has spoken at various forums like TiE, RSA Conference USA, TEDx etc.

Earlier he founded iViZ an IDG Ventures-backed company that was later acquired by Cigital and now Synopsys. iViZ was the first company in the world to take Ethical Hacking (or Penetration Testing) to the cloud.

 

https://twitter.com/bikashbarai1

https://www.linkedin.com/in/bikashbarai/ 

Matthew Ireland serves as the Chief Information Security Officer (CISO) at NTT Research, where he leads cybersecurity initiatives to safeguard the organization's digital assets and infrastructure. With a wealth of experience in cybersecurity, Matthew brings expertise in aligning security practices with business objectives and fostering collaboration across diverse teams. As CISO, he is dedicated to implementing robust security measures and staying ahead of emerging cyber threats to protect NTT Research and its stakeholders. serves as the Chief Information Security Officer (CISO) at NTT Research, where he leads cybersecurity initiatives to safeguard the organization's digital assets and infrastructure.

With a wealth of experience in cybersecurity, Matthew brings expertise in aligning security practices with business objectives and fostering collaboration across diverse teams. As CISO, he is dedicated to implementing robust security measures and staying ahead of emerging cyber threats to protect NTT Research and its stakeholders.

https://www.linkedin.com/in/mdireland/

 

 

 
 
 
Views: 25
Tags: bikash barai, matthew ireland, ciso, first 90 days of ciso
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)