How do you describe your job to average people?
The joy of my job is to look after 600 highly intelligent consultants. This is also my major security challenge, as our consultants travel significantly, spending five days a week on client sites.
Why did you get into IT security?
The dangers from the loss of confidential information were always clearly apparent. As the market has grown and developed, so has my passion and interest in information security. While now a CIO, the majority of my time is dedicated to protecting the company's and clients' information assets.
What is one of your biggest challenges?
To publicly demonstrate a commitment to protecting information, our board agreed to obtain ISO 27001. I recall stating, “Be careful what you wish for!” I promised I would attain this standard for the company within the year. However, once gained it has to be maintained, and I do not underestimate this challenge.
What keeps you up at night?
Memory sticks. Our consultants work closely in joint teams with clients. The need to share information and large files, often in locations without reliable internet connection, results in the constant use of memory sticks. We supply encrypted sticks, but I still am concerned about an exposure or loss.
Of what are you most proud?
Seeing the behavioral change and improved awareness across the back office, as well as within projects, to accept and support the need for enhanced information security. I believe bring-your-own-device (BYOD) and other new initiatives will also benefit now from the improved company culture.
For what would you use a magic IT security wand?
To have a behavior/attitude indicator on our monitoring dashboard so we could help consultants even before they know they need help.