TRENDING:

Governance & Risk Management , IT Risk Management , Video

Steps to Build a Good Operational Framework

CISO Angel Redoble on Focusing on Attack Entry Points, Zero Trust Suparna Goswami (gsuparna) • April 13, 2023    
Angel Redoble, group CISO, PLDT Group

While most organizations carry out risk assessments and cybersecurity audits, security practitioners need to go beyond these manual processes to ensure proper protection from attackers, according to Angel Redoble, group CISO, PLDT Group.

See Also: How to Balance Simplicity and Scale in Cybersecurity

"Cybersecurity operations is a different animal. It cannot be manualized. And that is why I advocate on creating a good operational framework," Redoble said.

When Redoble joined the company, he quickly realized that the existing environment was complex and would have taken a year or more to completely understand. Instead, he focused on identifying all of the potential attack entry points.

"I first determined the number of attack entry points we have," he said. "The next question I asked was: What security controls do we have currently, and what are the attacks or attack techniques that can be launched against every attack entry point? And with that, in just a matter of a few months, we were able to fortify our defenses against cyberattacks."

In this video interview with Information Security Media Group, Redoble also discusses:

  • How to create a good operational framework;
  • How a zero trust strategy helps in designing the best operational framework;
  • Why the theoretical approach doesn't always work.

Redoble, a first vice president responsible for cybersecurity at PLDT Group, Smart Communications and ePLDT Group, is a member and former vice chairman of the National Advisory Group for Police Transformation and Development. He is currently chairman and founding president of the Philippine Institute of Cyber Security Professionals and chairman of the MVP Group Cybersecurity Council.

Previous
HHS Wants HIPAA Changes to Protect Reproductive Health Info
Next
Cryptohack Roundup: GDAC, Yearn Finance, SushiSwap

About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.



Around the Network

How AI Can Help Speed Up Physician Credentialing Chores
How AI Can Help Speed Up Physician Credentialing Chores
Joe Sullivan on What CISOs Need to Know About the Uber Trial
Joe Sullivan on What CISOs Need to Know About the Uber Trial
How State Governments Can Regulate AI and Protect Privacy
How State Governments Can Regulate AI and Protect Privacy
How Biden's AI Executive Order Will Affect Healthcare
How Biden's AI Executive Order Will Affect Healthcare
Why Hospitals Should Beware of Malicious AI Use
Why Hospitals Should Beware of Malicious AI Use
AI in Healthcare: The Growing Promise - and Potential Risks
AI in Healthcare: The Growing Promise - and Potential Risks
Stopping Cloud Workload Attacks
Stopping Cloud Workload Attacks
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Getting a Tighter Grip on Vendor Security Risk in Healthcare
Good Governance: 'It's All Hygiene'
Good Governance: 'It's All Hygiene'
Mapping Access - and Attack - Paths in Active Directory
Mapping Access - and Attack - Paths in Active Directory

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.