Proactive Approach to Security Challenges

As a CIO, my role is to continually challenge our team to build a better, faster, and smarter technology portfolio to meet the evolving needs of the business. Being in the security industry and operating at a global level, I help the company move in lockstep with evolving local and international legal and regulatory laws. These types of challenges keep me up at night but they also invigorate me.

That said, you can have all the technology in the world, but if you don’t have the right people in place, if people aren’t trained and using the appropriate cyber security procedures, you’re still going to have problems. And I’m not just talking about your IT personnel. Everyone in the company is at the endpoint— marketing, finance, sales, HR, etc. As such, everyone needs to be trained and mindful of proper security behavior. So don’t put all your eggs into the technology basket alone. It’s still a person who, unfortunately, is going to click on that link in an email from someone they thought they knew, or open up that attachment that provides access for a hacker.

Most cybersecurity technologies today rely on Indicators of Compromise (IoCs) to block “known bads.” The challenge is that IoCs go stale fast, which is largely why we have a problem of silent failure in the industry. At CrowdStrike, our solution is fully cloud-based, and instead of IOCs, we focus on Indicators of Attack (IOA) so that you can take a more proactive approach to security and not be so reactive. IOAs mean you are looking for patterns or the effects of what an adversary is looking to accomplish. There are incredible advantages that the cloud drives for endpoint security, including the ability to keep tabs on and learn from attackers as they test attack strategies, crowdsource threat intelligence, and provide seamless upgrades.

Role of IT in Driving Digital Transformations

Technology should not only be a business enabler but also a force multiplier, driving effectiveness, better communication and collaboration. At its core, CrowdStrike’s business is about real-time exchange of information, analysis, and alerts. We need our IT backbone and future strategy to reflect that.

Today, most businesses depend on the CIO to drive digital transformations that enable the organization to do things faster and better through technology. Coming into Crowd Strike, I was fortunate because I was a customer of the Crowd Strike Falcon platform before I joined the company. This enabled me to witness first-hand the value of the technology and how it solves real-world problems. As a result, many of our customers and prospects want to hear from me directly as they consider doing business with us.

What’s unique about the cybersecurity industry is that many CIOs have to educate Boards of Directors (BoDs) or C-level business leaders about the organization’s security challenges and risks. This is a relatively new paradigm shift in the field, which I believe will elevate the role of the CIO even further. At the same time, CIOs need to understand the value and work on their communication skills for translating technology issues into business issues that BoDs can easily grasp and understand.

Future of Cyber security and Emerging Technologies

CIOs will continue to play an important role in security decisions. Many of my peers are actively engaged in re-architecting their technology strategy to incorporate a security vision that breaks down siloes, protects data seamlessly, and blocks epidemic threats lurking within networks, endpoints, or devices. CIOs working collaboratively with the CSO or CISO can help more effectively prepare all facets of their operations for better security hygiene—processes, technology, and people—to limit exposure to cyber threats.

Don’t be afraid to embrace emerging technologies and take chances on innovative approaches. This will help you push your company ahead of the competition and adapt more easily to next-generation trends. And again, emphasize the ability to speak in business terms to execs and BoDs.