Rhys MacFarlane, Chief Security Officer – Luxury Escapes

Experienced Chief Security Officer – skilled in Physical Security, Loss Prevention, Risk Management, Internal Investigations, Leadership and Network Security. Strong military and protective services professional with a Bachelor of Arts – BA focused in Security, Terrorism and Counterterrorism from Murdoch University.

  • What do you feel are the biggest challenges IT security leaders are currently faced with within their business?  

I feel one of the biggest challenges IT security leaders will be facing in 2019 and beyond will be a shortage of suitably qualified and experienced IT security professionals. Ours is a rapidly growing field and I believe we will see far more small to mid-range companies employing full time IT security teams from now on, as a result of the escalating threat and new regulations. This could lead to a very competitive recruitment market and subsequently the level of cyber security experts in the field will be spread very thinly.

As an IT leader, what do you feel businesses continue to get wrong when it comes to their IT security strategy?

I believe when it comes to IT security most businesses have more focus on the software and technical aspects of security than they should. It is my belief that a solid IT security strategy should be far more focused on end-user development and training. By no means am I saying the technical aspects are not important, as they definitely are. However, I believe that if you’re able to upskill your workforce they will be able to identify threats; recognise potential vulnerabilities in their current workflow; and ultimately aid in your ability to quickly respond to any potential issues or avoid them altogether.

What are the latest trends and behaviours you predict will be surfacing on the market over the coming 12 months?

I believe we will see a solid increase in the sophistication and number of credential theft attacks. I believe we will also see this being focused far more on those roles who have high level access to valuable data, i.e. human resources, accounts payable and those responsible for large data sets of PII information. I base this on the current levels of income being generated by the illegal sale of sensitive data, as the same dataset can be sold numerous times for a relatively large amount. Such high levels of income will be highly appealing to threat actors and will mean they are able to organize themselves to present a sophisticated threat.

What is one key takeaway you hope our IT audience leaves with after hearing your presentation on site?

My hope is that people leave the seminar with a realistic understanding of the current threat; and a sense of optimism in our ability to meet this threat. We are operating at a threat level that is unprecedented and this threat continues to grow, change and improve on an almost daily basis. New technologies are being deployed by threat actors that are incredibly sophisticated and I believe this will continue to advance at a rapid pace, with tech such as machine learning only in its infancy. However, I also think we are at a time of opportunity. I believe that most executives are now far more engaged with security than ever before and that there is large interest in the development of new and improved IT security technologies. If we are able to capitalise on this we will be able to develop our abilities, training and technology in-order to meet these new threats, and save ourselves from falling further behind.

Interview with John Kouroutzoglou, Information Security & Compliance Manager – Domain Group

John Kouroutzoglou has been involved in physical and cyber security for over 15 years. He has worked in government and in the private sector at large global firms such Alcatel-Lucent, HP and EY. He is currently the Information Security & Compliance Manager at Australia’s leading real estate technology firm – Domain Group. John’s areas of expertise include: Assurance, Security Awareness Training, 3rd Party Due-Diligence, Privacy and Personal Security.

What do you feel are the biggest challenges IT leaders are currently faced with within their business?

From a cyber security perspective I would say managing privacy obligations with GDPR and Australia’s Mandatory Data Breach Notification legislation. There is an incomplete understanding of what compliance actual entails, and furthermore confusion with what needs to be done when a breach occurs.

As an IT leader, what do you feel businesses continue to get wrong when it comes to their IT strategy?

I have had discussions with IT leaders where the common complaint with security being it’s under-funded or under-resourced – this is a recurring theme. We keep seeing in the media regular announcements of businesses being breached – I would say quite simply that security might not be the top priority at these firms.

What are the latest trends and behaviours you predict will be surfacing on the market over the coming 12 months?

Machine Learning (ML) and Artificial Intelligence (AI) are all the rage in security at the moment and this will continue for the next 2 to 3 years. There is an expectation that ML and AI will lead to cost reduction and operating efficiencies. Time will tell if these benefits are realised.

What is the best piece of advice you have received within your job over the years?

It’s not what you know, but who you know – learn to network.

What is one key takeaway you hope our IT audience leaves with after hearing your presentation on site?

Security threats have evolved and they are closer to organisations, and much more damaging. Threats such as insiders and 3rd parties have long been deemed to be low risk, simply because associated risks were not understood and incidents weren’t published. I hope our audience come out with a deeper understanding of how vulnerable they are, and a better understanding of how to address these evolving risks.

X

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed a leo quis purus feugiat facilisis. Interdum et malesuada fames ac ante ipsum primis in faucibus. Aliquam quis elit tristique, efficitur enim viverra, consequat odio. Duis porta ipsum ut magna dignissim vestibulum. Ut finibus augue nec mi maximus, nec laoreet arcu sagittis. Fusce pellentesque ipsum non lobortis bibendum. Sed consectetur dolor et ligula venenatis facilisis.

https://ohsleaders.com.au/

X

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed a leo quis purus feugiat facilisis. Interdum et malesuada fames ac ante ipsum primis in faucibus. Aliquam quis elit tristique, efficitur enim viverra, consequat odio. Duis porta ipsum ut magna dignissim vestibulum. Ut finibus augue nec mi maximus, nec laoreet arcu sagittis. Fusce pellentesque ipsum non lobortis bibendum. Sed consectetur dolor et ligula venenatis facilisis.

https://ohsleaders.com.au/

X
x
x
Top of Page