In a Gartner report published in July, it says that only 65 percent of organizations have cybersecurity experts in spite of the increasing number of high-profile data breaches worldwide.
With cybercrimes on the rise, international regulating bodies are now requiring organizations to have their own cybersecurity team not just to mitigate, if not completely prevent, the effects of cyber attacks and protect user data.
Back End News wishes to highlight the importance of having resident cybersecurity experts in organizations and for them to fully comprehend the necessity and their responsibility to protect user, as well as corporate, data.
This month, we talked to Julius Suarez, manager of Sophos Security Solutions Engineering in Asean.
How did you get into the digital/information security?
Joining this company 13 years ago brought me into this path. As Sophos provides a wide array of cybersecurity support to IT professionals, including encryption, endpoint security, web, email, mobile and network security solutions, my job covers a broad area and allows me to learn about and work on the different ways we can be of service to organizations.
Is it something that you really wanted or just fell on your lap?
Cybersecurity is an exciting area for me. With its growing relevance amid businesses’ growing dependence on digital technologies and the evolving cyber threat landscape, working for a company like Sophos encourages me to keep learning. While I try to invest as much time and effort as I can, I am enjoying the process as well.
What exactly are your tasks as a security expert?
I play different roles in Sophos. My main role is to help our customers appreciate our technologies and how these can help them secure their environments. Even if they are familiar with certain technologies, if they are not taught how to implement them properly, then these won’t work, no matter how powerful or how advanced the tools are.
Beyond this, I also take time to work with our customers’ IT teams so that they can better understand the evolving cyber threat landscape, analyze the nature of attacks they may be encountering, and fine-tune their security policies accordingly. We even help them train their employees — or in the case of schools, their faculty and students – on cybersecurity best practices.
Lastly, I also work with partner-resellers so they are kept abreast of the latest technology updates and the ways they can reach out to our customers nationwide.
What is a day like for security experts like you?
By 6.30am, I am already checking emails that came through at night. These can include product updates, processes, company announcements, among others. I have this good/bad habit of reading all emails. I reply with some prioritization. By 9 a.m., depending on the day of the week, I would be in conference calls with internal teams. Given the scope of work I oversee, I also support other countries in the Asean region to plan or prepare for upcoming activities. Sometimes, I visit customers and get invited to events and training as a resource expert.
What is the most challenging, in terms of duties, in your job?
There is quite a number, but let us limit it to the context of interacting with customers. It can be challenging to influence their expectations or understanding of how security technologies work. A classic misconception is, “If I have an anti-virus, I am all protected. I don’t need a firewall or apply patches on my workstations.” Instead of discussing next-generation technologies and advanced threats, we will first have to correct their fundamental understanding. We will then educate them about how cybercrime today is evolving and how exploits are becoming more sophisticated so that they will be able to better understand the need for the predictive deep-learning technologies that Sophos is offering.
Another challenging part would be on the use of technologies. For some IT teams, because they have a lean manpower or inadequate resources, they are more likely to neglect to monitor their security solutions once they have them implemented. Their technology might be stopping attacks, but as no one is analyzing the actual nature of the threats, they are unable to establish if it is a common malware found on most executables or is it already part of a multi-component threat.
What is the most rewarding?
It is definitely rewarding to be part of a global company that is truly making a difference in the cybersecurity space. More than 100 million users in 150 countries, including the Philippines and others in the ASEAN region, rely on Sophos’ complete security solutions as the best protection against complex threats and data loss. Many of these remain loyal to Sophos even after they have changed employment. It’s a privilege to meet long-time customers, especially IT executives who had previously benefited from Sophos security solutions in their previous companies are coming back to us.
It is also nice answering exploratory questions raised by audiences in an event where I’m speaking at, learning that the technology you had helped implement, prevented a company from an attack (after the fact), and engaging in deep conversations where you are able to share your experience/knowledge on the subject matter to an end user.
These may seem simple, but they are very powerful in validating that we are able to perform our job.
What is your most challenging experience?
Accepting the fact that some customers may not be ready for the technology solution you are proposing or that they have different requirements from what you are offering.
What is your most rewarding experience?
Simple appreciation from a customer/partner – for whatever reasons. Being appreciated as a trusted advisor.
Why do you think having a cybersecurity expert is important for an organization?
IT is now a key component of most organizations to function properly and be productive in today’s digital era. Our reliance on our digital devices and data, as well as the increase in and growing complexity of cybercriminal activities, reinforce the need for next-generation technologies. There are many ways that IT and cybersecurity can affect the productivity of an organization – issues on apps getting infected, failure to comply on some regulations due to certain aspects not being followed, the effect of a security breach, failure in communications internally/branches/business partners, etc.
Having someone who can help analyze your company’s capacity and capability against certain areas where a cyber threat can cause productivity issue — will definitely help.
What do you think is the most important characteristic of a security expert?
It’s a combination of characteristics – the ability to properly inquire, to balance between security and productivity, to be creative in finding solutions/workaround (despite the limitations at hand), ability to tell the story in both ways (technical and non-technical) and to convince stakeholders of different units/departments. This is assuming that the person already has updated technical skills.
What frame of mind should security experts have?
Cybercrime is increasing but it’s been said that there are not enough cybersecurity experts. Why do you think so?
That is somewhat true. In most countries, it could be the lack of specific educational courses for this field of cybersecurity. To be considered an expert, it means you need to have gained considerable experience, and you will only be able to build that experience if your current company is practicing cybersecurity.
How far do we, as a country, have to go in taking cybersecurity as a serious concern?
The various news we are hearing or reading about, both locally and globally, are raising awareness for the importance of incorporating cybersecurity practices in our organizations’ everyday operations. The fact that there is already legislation, companies designating security officers, the increasing demand for anti-exploit technologies, and the growing public discussion; are positive proof points that we are progressing as a country.
What advice can you give to people who want to become experts in this field?
Take advantage of the huge amount of materials coming from cybersecurity experts that are being shared on the internet. Sophos’ Naked Security Blog and websites like Back End News can help you learn about what’s happening both in the Philippines and around the world. While you may be overwhelmed at first, choosing wisely and following experts that publish materials that are not just educational, but are also enjoyable to read, can take you far.