Cyber Pro Spotlight. Vol 1
A conversation with Bobby Singh, CLX Forum’s Cyber Pro of the month.
Bobby Singh is an experienced Chief Information Security Officer and Technology Executive with extensive experience in leading the transformation and management of information security, data management, technology programs and organizations across diverse industry verticals. As a CISO and Global Head of Infrastructure, Bobby is responsible for delivering secure and highly available technology services across the Exchange. He is responsible for modernisation of one of the largest stock exchanges in the world, by deploying cutting-edge, scalable, fault-tolerant, and robust technology.
How did you get into cyber?
In 1990, when I was in university, I built my own 8086 computer. That was a milestone for me. I’d always had a knack for technology, but that was when I realized that I could put all the pieces together, that I was good at it, and that I was having fun. At that point, mobile phones and the internet were just starting to appear. My interest in these things fuelled my determination to learn and grow in the field. I took a lot of detours along the way, but all the time I was constantly adapting to the environment as it changed around me.
I worked hard. I did everything that was thrown at me, to the best of my ability. I did a lot of reading and research on my own, and I spent long hours learning about the technology. Moving into cyber required personal commitment. I also had the ability to take control of my career, and I had the vision to see what was coming down the track. These were the key things that helped me succeed in cyber.
How would you describe the current state of cybersecurity?
Technology is changing rapidly, and I do think it’s going to get more complex. I believe that CISOs, especially CISOs in the financial sector, need to work together and develop new approach and solutions to tackle cybersecurity. So far, our approach to cyber has been very reactive. We’re always trying to defend ourselves from the bad actors. We need to change the rules of the game and start thinking outside of the box to become more proactive. I believe that the future of defense-in-depth capabilities that we have in cyber will favor those organizations that are building preventive, rather than detective measures. I also believe that orchestration and automation, regardless of the technology, will become critical for rapid response and recovery from cyber incidents.
Which current technology trends do you see becoming mainstream?
There are many technologies emerging right now, but they won’t all integrate into our lives at the same rate. I don’t think we’ll see self-driving cars, at least not in the next few years! Artificial intelligence and machine learning are already making our lives better, and soon we’ll have robots that will do our mundane or repetitive tasks. We’ve also been dabbling with blockchain for nearly a decade now, and although it’s been a long journey, I predict that blockchain architecture will help improve business processes, in the financial sector and in supply chain management especially.
What advice would you give to the cybersecurity industry?
There are many security vendors that have emerged over the last few years and they help solve very specific security gaps. I’d like to see more homogeneous solutions, following more of a “Swiss Army Knife” concept, where a vendor can provide tools needed to solve multiple security gaps, instead of having many different products from many vendors, all needing individual management.
I’d also like to see companies spend more time on the integration and usability of solutions, rather than focusing on marketing concepts. Solutions are only usable if they can be integrated and play well with other distinct solutions in place.
Finally, I’d like to see the cyber community create more spaces where security folks can share ideas and best practices. I sometimes feel that the bad actors have many more resources than we do!
What advice would you give to individuals who want to work in the industry?
Build a solid background, learn the fundamentals first, and get lots of experience. There are lots of options for training and education now, but they still don’t come close to what you can do by yourself. I’d urge anyone getting into cyber to build a mini lab at home. Play around with it and test your solutions. Break the lab and build it again. Get hands-on practice. That’s vital for someone who’s trying to get into this field.
But the most important thing is having passion for technology. Technology is exciting, but it changes rapidly, and you need the energy that comes from passion to do this for the long term. For me, I like the uncertainty of cyber. There’s never a dull moment, and every day is different. It’s a high-risk, high-reward career, and it’s not for everyone, but I love it.
Check out the CLX Forum blog and follow the CLX Forum on LinkedIn and Facebook to keep up-to-date with the latest happenings in the world of cyber security.
Interested in becoming a contributor? If you’ve got a topic which you feel is important to your peers, we want to hear from you! Get involved today by visiting: https://www.clxforum.org/get-involved/
