S1 - Episode #14: Ali Haider - Senior Threat Intelligence Analyst - UBS
Subscribe:
About Ali:
Ali Haider is a Senior Threat Intelligence Analyst at UBS, a Swiss multinational investment bank and financial services company founded and based in Switzerland. He started his career in security services in 2003 and has been in the industry for over 18 years.
Starting his career in Lebanon, Ali was a security consultant for a prime minister. He went on to offer private consultancy to companies and his careers has worked with many well known organisations, gradually expanding his work to take on international clients. Prior to joining UBS, Ali also did a master's in computer security and forensics.
Synopsis:
In this episode of The Technology Leadership Podcast, Ali Haider discusses the need to strengthen information security practices in companies and the most significant challenges they face in this area. By digging deeper into the different security attacks we’ve seen in the past, Ali explains how to overcome the known and unknown roadblocks to securing information transfer and how to stay in line with the latest technology. He also touches on the eight disciplines of information security, how they differ in terms of implementation for big and small companies and ways to help small businesses create enhanced security controls by investing smartly.
Key Takeaways:
Learn about the greatest challenge in information security - staying up to date with emerging technologies.
Understand the benefits of security for small business and how despite the financial investment required it can start to set information security practices from the ground up.
Find out about the best place for small businesses to invest in security.
Hear about the eight disciplines of information security: security architecture, regulation and compliance, identity management, forensics, incidence responses for threat intelligence, penetration testing, dev ops, and application security.
Find out about hiring people with a good understanding of security controls to avoid mismanagement and why this is so beneficial.
Get advice on the importance of establishing architectural and business workflow documents to support implementation of security systems for small-to-mid-sized organisations.
Understand the connection between 5G and cyberattacks and the reason for greater exposure to DDoS attacks.
Learn the maths behind encryption and decryption
Episode Outline:
[00:47] Meet Ali
[02:48] The biggest challenge Ali has ever faced in his career
[04:40] Ali shares the most significant achievements from his career so far: keeping people safe and securing a job at one of the best organisations in the world
[06:32] Some general security measures every company can take - email encryption tips and sharing confidential information
[12:13] Security tips for a small-to-mid-sized companies
[16:30] How to optimise authentication, authorisation, and accountability practices in your company
[19:52] The eight disciplines of security: security architecture, regulation and compliance, identity management, forensics, incidence responses for threat intelligence, penetration testing, DevOps, application security.
[27:12] Planning and investing in security for start-ups
[29:11] The costs associated with setting up security for small companies
[32:34] Common misunderstandings that small business owners face
[37:44] The repercussions of not handling cybersecurity properly in the initial stages of setting up your company
[41:55] Steps you can take to get security issues resolved quickly
[44:34] Ali’s views on the need for a security specialist for your company
[45:43] The most common attacks happening in the tech space today and how to prepare for them
[50:13] Different ransomware families, the ways they attack and how to avoid them
[53:58] Remote access attacks
[57:21] Explanation of quantum computing
[01:02:59] The security considerations for self-driving vehicles
