Cyber security is not about the technology

Samuel Mungadze
By Samuel Mungadze, Africa editor
Johannesburg, 08 Jun 2023

Talent crunch and emerging technologies came under sharp scrutiny this week at ITWeb’s 18th annual Security Summit in Johannesburg, as experts unpacked the latest developments in cyber security threats and how to counteract them.

At the annual gathering of cyber security experts, decision-makers, and solution providers, key themes included the use of artificial intelligence (AI) and machine learning (ML) to detect and respond to cyber threats more effectively. 

On the opening day, discussions focused on the challenges of hiring and retaining proficient cyber security talent, as speakers and panelists reflected on the future of the industry.

Prof Elmarie Biermann, director and founder of the Cyber Security Institute, chaired a panel discussion on building cyber security leaders and teams of the future. It explored measures that should be implemented to ensure a culture of continuous learning and staying up-to-date with the latest cyber security threats and trends.

You have to go back and understand security is not about the technology.

Prof Elmarie Biermann, director, Cyber Security Institute.

The panelists were Lineo Racoco, group CISO of Coca Cola Beverages Africa, Venisha Nayagar, group CISO of Life Healthcare, Suren Naidoo, group CISO of TFG, and Rashika Ramlal, public sector country leader at AWS South Africa.

According to Prof Biermann, leadership in cyber security is battling a very dynamic environment, and collaborative efforts to re-think strategies are needed to cushion the sector from emerging shocks.

She said: “I think we saw it this morning, with a lot of speakers focusing on artificial intelligence and all the stuff the cyber criminals are going to embark on. In terms of training, and what is happening within organisations, essentially you have to go back and understand security is not about the technology.

“The technology is there to assist us, but it is understanding that the battle is not between the organisation and cyber criminals. It’s against the organisation and an increasing cyber-crime ecosystem. That is where our problem is.”

Nayagar spoke about the changing role of cyber security leader and argued that upskilling to match the fast-changing technology environment and emerging thratst is important for cyber security leaders.

She sais that traditionally, cyber security leaders had a strong technical background and often came from an IT-related field. “Typically a network or infrastructure manager, probably with certification of qualification within IT, and they just kind of moved into a cyber security or CISO role, and traditionally that was enough."

However, Nyagar said the role of cyber security leader has expanded significantly and is now much more business-oriented and aligned with business goals. As a result, the skill sets and capabilities required of current leaders in this field are more focused on business rather than purely IT.