TRENDING:

Governance & Risk Management , IT Risk Management , Video

Steps to Build a Good Operational Framework

CISO Angel Redoble on Focusing on Attack Entry Points, Zero Trust Suparna Goswami (gsuparna) • April 13, 2023    
Angel Redoble, group CISO, PLDT Group

While most organizations carry out risk assessments and cybersecurity audits, security practitioners need to go beyond these manual processes to ensure proper protection from attackers, according to Angel Redoble, group CISO, PLDT Group.

See Also: Managed File Transfer: Move Files Efficiently and Securely

"Cybersecurity operations is a different animal. It cannot be manualized. And that is why I advocate on creating a good operational framework," Redoble said.

When Redoble joined the company, he quickly realized that the existing environment was complex and would have taken a year or more to completely understand. Instead, he focused on identifying all of the potential attack entry points.

"I first determined the number of attack entry points we have," he said. "The next question I asked was: What security controls do we have currently, and what are the attacks or attack techniques that can be launched against every attack entry point? And with that, in just a matter of a few months, we were able to fortify our defenses against cyberattacks."

In this video interview with Information Security Media Group, Redoble also discusses:

  • How to create a good operational framework;
  • How a zero trust strategy helps in designing the best operational framework;
  • Why the theoretical approach doesn't always work.

Redoble, a first vice president responsible for cybersecurity at PLDT Group, Smart Communications and ePLDT Group, is a member and former vice chairman of the National Advisory Group for Police Transformation and Development. He is currently chairman and founding president of the Philippine Institute of Cyber Security Professionals and chairman of the MVP Group Cybersecurity Council.

Previous
HHS Wants HIPAA Changes to Protect Reproductive Health Info
Next
Cryptohack Roundup: GDAC, Yearn Finance, SushiSwap

About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.



Around the Network

What's Behind Disturbing Breach Trends in Healthcare?
What's Behind Disturbing Breach Trends in Healthcare?
Using AI to Separate the Good Signals From the Bad
Using AI to Separate the Good Signals From the Bad
Generative AI: Embrace It, But Put Up Guardrails
Generative AI: Embrace It, But Put Up Guardrails
Why Connected Devices Are Such a Risk to Outpatient Care
Why Connected Devices Are Such a Risk to Outpatient Care
How Generative AI Will Improve Incident Response
How Generative AI Will Improve Incident Response
Critical Considerations for Generative AI Use in Healthcare
Critical Considerations for Generative AI Use in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare
Threat Modeling Essentials for Generative AI in Healthcare
The State of Security Leadership
The State of Security Leadership
Why Entities Should Review Their Online Tracker Use ASAP
Why Entities Should Review Their Online Tracker Use ASAP
Addressing Security Gaps and Risks Post-M&A in Healthcare
Addressing Security Gaps and Risks Post-M&A in Healthcare

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.