Note: This article is a summary of interview questions. Responses have been edited for brevity and clarity by Anthony Chatfield, Argyle Editorial Team.
Madjid Nakhjiri, the Jump Security Lead for Uber, will participate in a panel at the Cybersecurity Leadership Forum in San Francisco on March 19, 2020. He will discuss the current cybersecurity regulations in place around data collection, data protection, and more.
Madjid will join Gopal Bhat, Former CIO and CISO of Rakuten Rewards and Brian Costello, VP Data Access Strategy and Strategic Solutions for Envestnet, Inc. to discuss current cybersecurity laws and regulations, the solutions companies are utilizing to ease the burden of compliance, and the importance of implementing systems to protect all confidential data from potential cyberattacks.
Nakhjiri currently analyzes Uber Micro-mobility (for Jump bikes and scooters), including hardware, firmware and backend infrastructure for cybersecurity, privacy and compliance risk. He is pivotal in designing solutions for mitigation of these risks and connects product teams with the proper cybersecurity teams when needed. He is also a member of the overall Uber security team, helping to establish the security roadmap for his department while working on fundamental projects for improving overall Uber security infrastructure.
We recently discussed the current state of cybersecurity regulations and emerging threats with Nakhjiri. He identified three areas in which CIOs and Cybersecurity professionals are currently struggling, including identification and credential management for workloads at hyper-scale, handling and analysis of logs, and breadth vs depth of security professionals. The last point, in particular, is relevant to his most frequent recommendations for companies attempting to supplement and address the risk associated with cyber threats and attacks.
While he recommends the “old tried and true PKI philosophy applied in new ways,” he is also a proponent of expertise crowdsourcing, with a “guidance committee delegating parts of a hard problem to different teams”.
“Culture needs to empower taking initiative and providing tools for collaboration across teams. No team can do it alone. It’s important to articulate security through published technical standards within the company and enforce adherence to the standards, or force business leaders to accept risk through well-documented exceptions.”
For organizations addressing increased risk in 2020 and beyond, he offers one important piece of advice. “Let your go-getters make a difference in security.” By elevating your top performers and ensuring their expertise is leveraged to identify and address new issues, companies can scale more effectively.
Learn more about Nakhjiri’s team-based approach to cybersecurity and what it means in the context of new and emerging regulations, what solutions large organizations like Uber are utilizing to stay ahead of these challenges, and how to protect all confidential data in your organization. Reserve your place at the Cybersecurity Leadership Forum in San Francisco on March 19, 2020.
Visit Argyle Executive Forum's CIO LEADERSHIP FORUM - New York City in New York, NY on May 05, 2020