Adarma Cyber Insiders Vol 3 Digital spreads FINAL 2 - Flipbook - Page 8
Paul Midian discusses the best
ways to articulate cybercrime to
the business and how to avoid
security being viewed as “the
department of no” and many
more insights gathered over his
25 years working in information
security.
Paul’s Journey into
Cybersecurity
When asked what led him to his
chosen field, Paul admits that
following his graduation, he was
driven mainly by the need to find a
job. Yet, underlying that drive was
a curiosity to take things apart and
figure out how they worked, “I like
to see what I can make things do,
rather than what they’re supposed
to do,” he says. Paul attributes the
start of this interest in aviation and
how things work to a Ladybird Book
about airports he read as a child.
Fast-forward two decades,
equipped with a degree in electronic
engineering from Brunel University
London, Paul has since become an
accomplished cybersecurity leader
with an impressive track record.
Notably, he’s spearheaded security
transformation programmes at PwC
for clients and actively participated
in industry leadership roles,
including advisory positions within
the Crest Executive and as the chair
of the Crest Senior Advisory Panel.
Balancing Security Versus
Enabling the Business
CIOs and CISOs have the challenging
task of balancing security, innovation,
and business enablement. With the
rapid advancement of technology,
new tools are emerging that can
significantly improve efficiency
and growth.
However, security teams are often
cautious of untested solutions,
which can unfortunately lead to
the perception of them being the
“department of no.” Paul suggests
that a categorical “no” is not always
helpful for business dynamics and
“LIKE ANYTHING IN LIFE, ONCE
YOU CAN COMMUNICATE
AND EMPATHISE WITH EACH
OTHER’S REQUIREMENTS, YOU
CAN FIND COMMON GROUND
AND A MUTUALLY BENEFICIAL
COMPROMISE THAT WORKS
FOR BOTH PARTIES.
8
|
ADARMA CYBER INSIDERS
