The New CISO Podcast Episode 92: The Power of Automation: Which Tools Can Help Your Security Team? with guest Peter Frochtenicht
Podcast Transcript | Air Date April 20, 2023
Listen to Steve and Peter discuss why automation is a critical component of security tools and how the threat landscape has changed globally:
Meet Peter (1:36)
Host Steve Moore introduces our guest today, Peter Frochtenicht, who has worked at NEC for nine years.
Before NEC, Peter started his career as a systems engineer twenty years ago. Peter has worked in Africa and Australia and has worked his way up through different organizations.
Catching Up (5:21)
Ten years ago, the CISO role in Australia would be rare. Steve presses Peter as to why.
Since the Australian population is smaller than the states with fewer big-name organizations, it took Australia longer to catch up in the security industry.
Australia’s Biggest Threats (9:37)
From a defense perspective, Australia is doing much business with the states, especially with submarines. From a threat perspective, they border China and some of the eastern countries, which makes a security threat from those countries more imminent.
Increased Attacks (13:17)
The most typical security attack that Peter witnesses is phishing, which affects organizations and citizens. According to Peter, it is human nature to be curious about an email link and click on said link. For outside threats, financial benefits and access to information are to be gained.
AI has also advanced quickly, which can contribute to increased threats since you can mimic someone’s voice. Organizations should be prepared to use AI for good but also be prepared for when there are more insidious reasons for using this new technology.
The Benefits of AI (18:05)
Steve presses Peter on what defense benefits he predicts will come from AI.
Peter shares the automation tools his team uses that help reduce his analysts’ headcount and save time. Chat GPT may help you personally, but Peter believes in partnering with known vendors that can help limit human error.
What To Look For (21:11)
Peter shares what CISOs should or should not look for when choosing AI tools. Analytic tools are standard and can save much time and effort. As a result, organizations can save money and trust that there will be an increase in accuracy.
If tools can help CISOs detect abnormalities with less effort, that would be of service. Of course, abnormal actions may not be malicious but could be a mistake by a well-meaning person.
Investing In Employees (28:32)
Peter believes in training his people to bring the best out of them. People don’t always have the right skills at the right time, but you build a strong team when you invest in your employees and their relationship with your vendors.
Adding Skillsets (31:05)
Steve asks Peter what skillsets he had to add, besides technical abilities, to perform his role. Peter discusses his career journey, including his transition into leadership.
Peter had to gain a governance mindset and consider policies and when to update said policies. It’s challenging to ask for money to pursue your endeavors, but if you have a budget, you must spend it.
Sound Advice (38:56)
Looking up back at his career, Peter wouldn’t change much. But Peter recommends getting training and certifications to keep yourself up to date. You don’t need to wait for your company to suggest it to take on a new challenge.
The New CISO (42:41)
To Peter, being a new CISO means supporting the business and business structure. The biggest challenge for a CISO is adapting fast to new security changes while asking for money as needed.