ET Edge Insights recently engaged in a compelling discussion with David Chow, Global Chief Technology Strategy Officer at Trend Micro. Chow shared profound insights on the dynamic landscape of cybersecurity, shedding light on India’s emergence as a centre of excellence in this crucial domain, and delving into anticipated future trends. David is an alumnus of the Harvard Business School and was a member of the US President’s Executive Office, with more than two-decade-long stint with the US Federal Government.
Interview excerpts
What are the anticipated cybersecurity trends for the year 2024, and what challenges are expected to confront CISOs during this period?
Since 2022, we have witnessed a surge in ransomware attacks, prompting President Biden to issue an executive order emphasizing the adoption of a zero-trust architecture. I believe this will continue to be a major topic in 2024. In 2023, everyone was talking about Artificial Intelligence, and this trend is likely to continue into 2024. The reason cybersecurity is so crucial is because of global issues causing gaps in the supply chain, which we are seeing now.
The main challenge for Chief Information Security Officers (CISOs) predominantly revolves around cybersecurity, where cybercriminals target information extraction, influence, or monetary gains. The persistent conflicts, notably the ongoing situation between Russia and Ukraine, alongside ongoing complexities in the Middle East, are anticipated to remain prominent topics in the cybersecurity landscape throughout 2024.
Given your extensive experience in federal government IT modernization and cybersecurity, what key insights can you share about the evolving cybersecurity landscape?
Before the Russia and Ukraine war happened, Russia tried to attack Ukraine infrastructure, critical infrastructure to disable it, as well as its financial systems. With an increasing dependence on the internet and online information, as well as operational technology capabilities, there’s a heightened focus from nation-states on launching attacks within these realms. The same methodology will be followed in all kinds of attacks- whether small or big. This would be the major factor to curtail and guard against. It becomes imperative for all companies to proactively engage in threat analysis, identify vulnerabilities, and address security gaps to effectively guard against such threats.
How do you stay informed about emerging cybersecurity threats and technologies, and how do you apply this knowledge in your work?
Many of us actively stay informed by regularly updating ourselves with the latest information. This involves replenishing our knowledge through news sources, watching news broadcasts, and engaging with content on platforms like YouTube and podcasts. However, during my tenure as the Chief Information Officer (CIO) for a US government agency, my primary method of staying informed was through direct interaction with fellow C-level executives, including CIOs and RSLs (Regulatory and Standards Leaders). We facilitated this exchange of information through monthly CIO council meetings, where we discussed a range of pertinent issues. We had monthly CIO council meetings where we talk about relevant issues. It’s not just I.T issues, we talk about cyber security threats, we spoke about what affects the whole structure.
So, when you have a support group like that, a lot of time that you get firsthand information and from real life experience for those individual at the ground level that they have dealt with a situation or they are dealing with a situation, so it becomes more relevant. It becomes more personal as well, because, you know, these people that you’re engaging with.
On a personal note, I believe that every cybersecurity or IT professional should cultivate a support network, consisting of trustworthy individuals, having people that you can rely on-could be partners, your vendor partners – they are someone you can trust and have the relevant experience that they can easily share.
