If you get into difficulty in a swimming pool, who do you want rescuing you? Someone who understands the rules on the sign at the entrance but who cannot swim? Or someone who is prepared to dive in?
Just as in water, if you are drowning in a cyberattack, theory is not your priority.
Companies are realising that they need to hire a new kind of information security leader – people who not only know the rules, but who also understand hacking, the criminal mind, and the value of creativity. Finding and attracting them will not be easy.
Many organisations get into trouble as a result of hacks and data breaches – crisis moments when operations go haywire and reputations hang in the balance. These often occur when risk and confusion are heightened in other ways – such as now, during the Covid-19 pandemic, when attacks have increased as hackers look to take advantage of this global crisis and the resulting surge in remote working.
Although it is invisible to the naked eye and does not produce smoke or fire, the online threat landscape is a battlefield where people exploit fear and fight over real assets through their computers.
Read More about cyberattacks
Historically, businesses have entrusted security leadership to theoreticians rather than practitioners. The typical chief information security officer, or Ciso, has had a lawyerly quality: fluent in terminology, strong on policy and strict on checklists.
But this stereotype must change. No rulebook or college certificate can repel a hacker armed with the latest weaponised malware or free a system hijacked by a state-backed gang. A Ciso without a grasp of gritty detail is like a lifeguard who cannot swim.
What must the new generation information security leaders look like?
First, they will need outstanding technical facility – especially, in the dark arts of hacking. It is vital that a Ciso knows where attacks come from, how they spread through networks and how to stop them. They should believe that “attack is the best form of defence”. Good Cisos will be those who roll up their sleeves to meet threats head-on rather than sitting in wait.
Second, they will need to understand assailants’ motives. Classifying threats in neat typologies obscures the diversity of the characters behind them. Hackers try to infiltrate systems for all sorts of reasons – from the criminal to the moralistic. Some do it just for fun. Understanding why an attack could be perpetrated often provides clues to defence and resolution.
Third, they will need to be creative. Those who stick to case studies and guidelines will stumble when unfamiliar threats emerge. In some crises, tried-and-tested methods will work. In others, risky improvisation may be the only alternative to catastrophe. Future Cisos will benefit from a maverick streak based on lateral technical thinking.
On top of all this, ideal security leaders will need to function effectively in corporate environments. Communication skills are critical. As digital perils proliferate, high-level executives – or the C-Suite – will require a dynamic map of the changing terrain. The Ciso must provide this, translating complicated jargon into plain language so that bosses can effectively balance risk against cost.
Unfortunately for businesses, candidates fulfilling this description will be tricky to find.
For one thing, elite technical talent is dispersed. The internet has created a cosmopolitan community of hackers, programmers and coders. Controlling for economic development, the concentration of people with exceptional computer skills in a given place is generally proportionate to population size. But sometimes, a company will require unique abilities which are unavailable locally. Tapping into a fluid global marketplace to find exactly the right candidate is a challenge employers must overcome.
Moreover, below the surface, the internet has a confusing culture of anonymity. This anarchic quality is what attracts many people. But it also creates problems for would-be recruiters who, without the help of highly customised tools, can get lost in the murky world they are sifting through.
Perhaps the most important question is why an elite hacker with a non-conformist personality would want to work for a business at all.
On the face of it, our ideal future Ciso might find adjustment to a life of meetings, conference calls and regular hours quite difficult. But it is wrong to think that there is no overlap.
The practice of “ethical hacking”, in which companies actively seek skilled hackers to expose weaknesses in their systems, points to a potential solution.
Most people who excel at hacking are not inherently opposed to working in corporate roles. It is just that many companies need a culture shift to make the most of their unorthodox talents
Manipulating computer code is not inherently bad – and in fact, in many cases, it is useful and beneficial. It is the destructive consequences of hacking that are bad, and these result from unaccountability and malign motives. Most people who excel at hacking are not inherently opposed to working in corporate roles. It is just that many companies need a culture shift to make the most of their unorthodox talents.
The real challenge is therefore for companies to build a professional environment that appeals to the new generation of security leaders in the first place: by incentivising them to do what they do best for the right reasons, and not suffocating them within backward-looking work structures. This will take a new approach.
For companies in all sectors, the cost of installing the wrong kind of information security leader could be high. Those that have fallen victim to cybercrime even while the Covid-19 crisis rages around them have learnt this the hard way. But what are the benefits of doing it right? It could be the difference between sinking and swimming.
Nathan Swain is the chief information security officer at ADS Securities in Abu Dhabi
Tips to keep your car cool
- Place a sun reflector in your windshield when not driving
- Park in shaded or covered areas
- Add tint to windows
- Wrap your car to change the exterior colour
- Pick light interiors - choose colours such as beige and cream for seats and dashboard furniture
- Avoid leather interiors as these absorb more heat
Key facilities
- Olympic-size swimming pool with a split bulkhead for multi-use configurations, including water polo and 50m/25m training lanes
- Premier League-standard football pitch
- 400m Olympic running track
- NBA-spec basketball court with auditorium
- 600-seat auditorium
- Spaces for historical and cultural exploration
- An elevated football field that doubles as a helipad
- Specialist robotics and science laboratories
- AR and VR-enabled learning centres
- Disruption Lab and Research Centre for developing entrepreneurial skills
UAE currency: the story behind the money in your pockets
Benefits of first-time home buyers' scheme
- Priority access to new homes from participating developers
- Discounts on sales price of off-plan units
- Flexible payment plans from developers
- Mortgages with better interest rates, faster approval times and reduced fees
- DLD registration fee can be paid through banks or credit cards at zero interest rates
Tearful appearance
Chancellor Rachel Reeves set markets on edge as she appeared visibly distraught in parliament on Wednesday.
Legislative setbacks for the government have blown a new hole in the budgetary calculations at a time when the deficit is stubbornly large and the economy is struggling to grow.
She appeared with Keir Starmer on Thursday and the pair embraced, but he had failed to give her his backing as she cried a day earlier.
A spokesman said her upset demeanour was due to a personal matter.
MATCH INFO
Rugby World Cup (all times UAE)
Final: England v South Africa, Saturday, 1pm
The%20specs
%3Cp%3E%3Cstrong%3EEngine%3A%20%3C%2Fstrong%3E6.5-litre%20V12%3Cbr%3E%3Cstrong%3EPower%3A%20%3C%2Fstrong%3E725hp%20at%207%2C750rpm%3Cbr%3E%3Cstrong%3ETorque%3A%20%3C%2Fstrong%3E716Nm%20at%206%2C250rpm%3Cbr%3E%3Cstrong%3ETransmission%3A%20%3C%2Fstrong%3E8-speed%20dual-clutch%20auto%3Cbr%3E%3Cstrong%3EOn%20sale%3A%20%3C%2Fstrong%3EQ4%202023%3Cbr%3E%3Cstrong%3EPrice%3A%20%3C%2Fstrong%3EFrom%20Dh1%2C650%2C000%3C%2Fp%3E%0A
Day 3, Dubai Test: At a glance
Moment of the day Lahiru Gamage, the Sri Lanka pace bowler, has had to play a lot of cricket to earn a shot at the top level. The 29-year-old debutant first played a first-class game 11 years ago. His first Test wicket was one to savour, bowling Pakistan opener Shan Masood through the gate. It set the rot in motion for Pakistan’s batting.
Stat of the day – 73 Haris Sohail took 73 balls to hit a boundary. Which is a peculiar quirk, given the aggressive intent he showed from the off. Pakistan’s batsmen were implored to attack Rangana Herath after their implosion against his left-arm spin in Abu Dhabi. Haris did his best to oblige, smacking the second ball he faced for a huge straight six.
The verdict One year ago, when Pakistan played their first day-night Test at this ground, they held a 222-run lead over West Indies on first innings. The away side still pushed their hosts relatively close on the final night. With the opposite almost exactly the case this time around, Pakistan still have to hope they can salvage a win from somewhere.
EA Sports FC 25
Developer: EA Vancouver, EA Romania
Publisher: EA Sports
Consoles: Nintendo Switch, PlayStation 4&5, Xbox One and Xbox Series X/S
Rating: 3.5/5
THE DETAILS
Solo: A Star Wars Story
Director: Ron Howard
2/5
Brief scoreline:
Burnley 3
Barnes 63', 70', Berg Gudmundsson 75'
Southampton 3
Man of the match
Ashley Barnes (Burnley)
Roll of honour 2019-2020
Dubai Rugby Sevens
Winners: Dubai Hurricanes
Runners up: Bahrain
West Asia Premiership
Winners: Bahrain
Runners up: UAE Premiership
UAE Premiership
Winners: Dubai Exiles
Runners up: Dubai Hurricanes
UAE Division One
Winners: Abu Dhabi Saracens
Runners up: Dubai Hurricanes II
UAE Division Two
Winners: Barrelhouse
Runners up: RAK Rugby
COMPANY PROFILE
Founders: Sebastian Stefan, Sebastian Morar and Claudia Pacurar
Based: Dubai, UAE
Founded: 2014
Number of employees: 36
Sector: Logistics
Raised: $2.5 million
Investors: DP World, Prime Venture Partners and family offices in Saudi Arabia and the UAE
Bahrain%20GP
%3Cp%3EFriday%20qualifying%3A%207pm%20(8pm%20UAE)%3C%2Fp%3E%0A%3Cp%3ESaturday%20race%3A%207pm%20(UAE)%3C%2Fp%3E%0A%3Cp%3ETV%3A%20BeIN%20Sports%3C%2Fp%3E%0A
STAY%2C%20DAUGHTER
%3Cp%3E%3Cstrong%3EAuthor%3A%20%3C%2Fstrong%3EYasmin%20Azad%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EPublisher%3A%20%3C%2Fstrong%3ESwift%20Press%3C%2Fp%3E%0A%3Cp%3E%3Cstrong%3EAvailable%3A%20%3C%2Fstrong%3ENow%3C%2Fp%3E%0A
The specs
Engine: 2.0-litre 4-cyl turbo
Power: 201hp at 5,200rpm
Torque: 320Nm at 1,750-4,000rpm
Transmission: 6-speed auto
Fuel consumption: 8.7L/100km
Price: Dh133,900
On sale: now
UK-EU trade at a glance
EU fishing vessels guaranteed access to UK waters for 12 years
Co-operation on security initiatives and procurement of defence products
Youth experience scheme to work, study or volunteer in UK and EU countries
Smoother border management with use of e-gates
Cutting red tape on import and export of food
McLaren GT specs
Engine: 4-litre twin-turbo V8
Transmission: seven-speed
Power: 620bhp
Torque: 630Nm
Price: Dh875,000
On sale: now
Profile
Co-founders of the company: Vilhelm Hedberg and Ravi Bhusari
Launch year: In 2016 ekar launched and signed an agreement with Etihad Airways in Abu Dhabi. In January 2017 ekar launched in Dubai in a partnership with the RTA.
Number of employees: Over 50
Financing stage: Series B currently being finalised
Investors: Series A - Audacia Capital
Sector of operation: Transport
If you go...
Fly from Dubai or Abu Dhabi to Chiang Mai in Thailand, via Bangkok, before taking a five-hour bus ride across the Laos border to Huay Xai. The land border crossing at Huay Xai is a well-trodden route, meaning entry is swift, though travellers should be aware of visa requirements for both countries.
Flights from Dubai start at Dh4,000 return with Emirates, while Etihad flights from Abu Dhabi start at Dh2,000. Local buses can be booked in Chiang Mai from around Dh50
