19 Sep Q&A: Speaker at CyberX Saudi -Mohammed Al Doseri, Tas’heel Finance
Mohammed Al Doseri will be speaking on the topic of how and when to bring cybersecurity into the boardroom at CyberX Saudi, which is taking place virtually on October 4-5.
You joined Tas’heel Finance right in the middle of a pandemic. In the past 15 months, what would you say have been your top 3 challenges, and top 3 achievements in this role?
I joined Tas’heel Finance in June 2020, with a strong interest in cyber security and as a CISO, to put regularity and best practices in place and to keep Tas’heel Finance as a model in financial services in Ester regain in Saudi Arabia. Challenges I faced during the pandemic were communication with vendors and other stakeholders, as well as remotely implementing security solutions. Plus the time consumed to deliver the hardware because of a logistic issue during the pandemic. Achievements we obtained during the pandemic was raising staff awareness, moving the maturity level of implementing security controls, and implementing the SAMA framework from 1.97 to 3.58 in 15 months, and establishing the cybersecurity department by implemented main cybersecurity control pillar in the place.
Businesses are increasingly reconsidering their approaches towards cyber risk management. How is the explosion of IoT devices in banking and finance changing the cybersecurity landscape?
IoT devices are vulnerable in large part because they lack the necessary built-in security to combat threats. Aside from the technical aspects, users also contribute to the vulnerability of the devices to threats.
Device flaws enable cybercriminals to use them as a base for their attacks, emphasising the importance of security from the design phase. Threat actors can move laterally by using vulnerable devices, allowing them to reach critical targets. Attackers can also use vulnerabilities to target devices and weaponize them for larger campaigns, spread malware across networks, or use IoT botnets for DDoS attacks.
Saudi Vision 2030 is a pioneering agenda for the advancement of the country, and technological innovation is at the heart of it. What would it take for CISOs to stay ahead of the curve in the future? How can CISOs ensure business stakeholders continue to stay ahead as well?
The main focus of Saudi Arabia’s 2030 vision is to Empower the Kingdom in Cyber Security, invest in Saudi Youth by creating new jobs in cybersecurity and IT, and train Saudis to be cybersecurity leaders ranging from cybersecurity analysts to CISO positions. And, as CISO, having passion and motivation will ensure that cybersecurity initiatives empower business and technology.
As a panellist at the upcoming CyberX Saudi Summit, what can our attendees expect from your participation?
During our participation in the Cyberx Saudi Summit, the audience will hear and learn how CISOs work, what areas they focus on to maintain a company’s security, and what board members expect from CISOs. The panel discussion will be interactive between the panellists and the audience. I’m really looking forward to meeting you all and learning from each other.
Mohammed Al Doseri is the Chief Information Security Officer for Tas’heel Finance, responsible for defining and executing information security and cybersecurity strategy. Besides his role at Tasheel Finance, Mohammed has been appointed as Chairman of SAMA Cybersecurity Committee for Financial Sector, Saudi Central Bank-SAMA. He is also an Advisory Board Member in CISO Forum and International Advisory Board member for CCISO in EC-Council.