Filter articles

Interviews 21.08.2024

Five Minutes With: A CISO

What keeps Cyro Cyber’s CISO up at night? Here’s a spoiler…it’s people!

Author: Eleanor Dallaway

Alec Warriner joins the line of security experts declaring AI one of the biggest unresolved cyber challenges. He advocates for more knowledge sharing, worries about environmental impact, and craves the speaker circuit’s bright lights. Here’s your opportunity to get to know Cyro Cyber’s CISO

What was your route into cybersecurity?

I came from an advertising and business development background but met Paul Rose (Cyro’s CSO) while playing rugby in Dubai. He persuaded me to make the leap to cyber, and since then, I’ve never looked back. I started with Paul at Six Degrees as their information security officer. Now, we’re raising the bar together at Cyro Cyber.

Dream job?

When I was younger, I always wanted to be a firefighter… but I’m not very good with heights so that quickly stopped that dream!

What keeps a CISO awake at night?

There are lots of things that could keep me awake at night, but the one that does, and one I always press upon my colleagues, is human error, specifically the execution of malware or vulnerability exploitation due to human error or phishing. You can apply as many layers of security as you like, but there isn’t a fix for human error.

If you could hire anyone, who would it be and why?

I’m a big F1 fan, so I would hire Adrian Newey! He’s currently the CTO at Red Bull Racing and is one of the greatest designers and engineers in F1 history. A mind like that could do brilliant things in cyber.

What’s the biggest misconception about cybersecurity?

That you have to be technical to work in cyber. This isn’t true at all. There are many roles and opportunities within cyber that aren’t overly technical and just as important as the more technical ones. My background and early career weren’t technical, and it was the perfect launch pad for me; I have since skilled up and gained the technical understanding that my role demands, but my foundation is in governance, regulation and compliance.

What’s the best thing about your job?

Continuous learning. Nearly every day, there is something that will test your understanding of cyber and give you the opportunity to ask questions and further your knowledge.

And the worst?

Pressure. There’s a lot asked of CISOs. I enjoy the pressure, as this is when it counts, and you demonstrate why you have the role, but equally, I prefer calm and business as usual.

What advice would you give to industry n00bies?

Jump right in. Ask lots of questions, and don’t be afraid to get it wrong. I did all my learning and progressed the most in the deep end. It wasn’t without mistakes, but as long as you have people around you that you trust and give good guidance, you’ll be absolutely fine.

Will the increased levels of legal accountability for CISOs deter people from aspiring to that role?

I really hope not! The CISO role does come with responsibility and accountability, but it also comes with brilliant opportunities to influence your company and the industry. As long as these responsibilities are measured and understood, it should only increase people’s desire to pursue a role like CISO.

“The biggest unsolved problem in cybersecurity is the unregulated use of AI”

What’s the biggest as-yet-unsolved problem in cybersecurity?

Today, it’s the unregulated use of AI. ISO has only just released standards on AI and how to manage information security alongside AI. But the threat it poses increases daily, and I believe we’re only at the start of what it can do.

What industry or sector do you think cyber could learn from?

Industries and sectors that focus heavily on environmental impact. With the development of AI and the power demand, there will be a much larger environmental impact. It’s important that we work to minimise this as best we can.

If you could change one thing about the industry, what would it be?

Increased knowledge sharing. Given the sensitivity required in this industry, it can be tricky, and it does exist in pockets through some really good forums, but I’d like to see the availability of knowledge and opportunities to share with peers increase.

What’s your one (as yet) unfulfilled career ambition?

I would like to give a keynote address at a major conference. This year, I spoke at Cyro Cyber’s InfoSec event, which was my first taste of real public speaking, and I loved it.

And finally…tell us a guilty secret?

Well, who’s reading this…? Ha! A guilty pleasure of mine is pop music – nothing beats a good sing-along to a really good pop song!

Alec Warriner is the CISO at Cyro Cyber. With nearly seven years of experience in the cybersecurity field, Alec not only leads Cyro Cyber’s internal security efforts but also delivers top-tier consultancy services to a diverse range of clients in various sectors.

Alec is a certified ISO27001 and ISO22301 lead auditor with deep expertise in implementing and auditing information security and business continuity management systems. He is well-versed in frameworks and regulations such as NIST, GDPR, DPA, and TSA, making him a trusted authority in the industry. His professional interests include incident response and threat remediation, where he excels in identifying, responding to, and mitigating cyber threats.

Topics

Latest articles

Be an insider. Sign up now!