Crypto.com Chief Information Security Officer Jason Lau was recently appointed to the ISACA Board of Directors for 2023-2024. Infosecurity spoke with Lau about what this new appointment means to him, as well as his role as chief information officer at one of the biggest players in the cryptocurrency market today.
Infosecurity Magazine: You joined Crypto.com in 2018 as Chief Information Security Officer. What was the most amazing part of your CISO journey?
Jason Lau: The most surprising thing about my journey is the rapid evolution of risks in the cryptocurrency industry. This sector has become a prime target for cybercriminals due to the potential financial gain. The dynamic nature of the cryptocurrency threat landscape requires constant vigilance, industry partnerships for risk analysis, and the ability to adapt to new threats. However, despite all these challenges, the persistence, dedication and passion of our cybersecurity team has created a security-centric culture within the company that allows us to better protect and protect our assets and customers, and strengthen our trust. It generates more than 80 million users. the world.
IM: What inspired you to join Isaka and become a board member?
JL: I have been an active member of ISACA for many years. I hold many of the most important ISACA certifications in my cyber-professional journey, allowing me to learn and validate my knowledge and experience with my references.
I am impressed by ISACA's global commitment to improving IT governance, risk management and overall trust in digital technologies, as well as its unwavering commitment to promoting professional development. The growing pace of our field requires the constant development of knowledge resources for our members, and my appointment to the ISACA Global Board of Directors provides me with an important opportunity and opportunity to serve the ISACA community.
IM: What are you most excited about in your new role at ISACA?
DL: I look forward to sharing my experience and knowledge from exploring the emerging technology landscape. I can provide highly strategic information and ask questions to better understand the organizational challenges facing such a dynamic industry.
Rapid developments such as artificial intelligence, blockchain, fintech and digital transformation have revolutionized the way we perceive and respond to new risks, threats and challenges. Membership on the ISACA Board of Directors will allow me to leverage this experience and contribute to the development of innovative strategies, solutions and content for our members.
I.M.: You are also a member of the Innovation and Technology Committee. What topics are you most interested in in this field?
DL: I am fascinated by the topic of new technologies and their impact on various industries. The dynamic nature of digital transformation affecting businesses worldwide means that organizations must constantly innovate and adapt to new technologies, which is no easy task. Each new technology application has its own unique risks that require careful exploration.
It is important to understand how these new trends can be turned into opportunities while mitigating potential risks. At ISACA, we strive to ensure that our members not only keep pace with these changes, but also support them and use them to strategic advantage. Internally, we are looking for ways to implement these technological advances to improve our operations, membership offerings and overall value. The challenge and excitement is to make the most of these opportunities and enable our members to do the same in an age of unprecedented digital transformation.
IM: As CIO of Crypto.com, what are your top cybersecurity priorities?
DL: My top priorities are protecting the assets and personal information of our business and users, ensuring the integrity of our systems, and building security awareness. To this end, we invest in the latest security technologies and follow strict data security procedures. We strive to ensure transparency through independent third-party audits, building digital trust with regulators, partners and customers worldwide. This helps support Crypto.com's overall strategy of growing with security, compliance and regulatory approval to continue our mission as the cryptocurrency in every wallet .
IM: What is your biggest concern with cybersecurity today?
JL: The rate at which cyber threats are occurring is alarming. Criminals are becoming increasingly sophisticated and are using advanced techniques such as artificial intelligence and machine learning to carry out attacks. With the significant increase in the number of IoT devices expanding the attack landscape, we face a complex cybersecurity landscape. In addition, the current global shortage of qualified cybersecurity professionals is another major challenge that calls into question our ability to adequately defend against these threats.
IM: What is your biggest concern with cybersecurity today?
JL: The rate at which cyber threats are occurring is alarming. Criminals are becoming increasingly sophisticated and are using advanced techniques such as artificial intelligence and machine learning to carry out attacks. With the significant increase in the number of IoT devices expanding the attack landscape, we face a complex cybersecurity landscape. In addition, the current global shortage of qualified cybersecurity professionals is another major challenge that calls into question our ability to adequately defend against these threats.
IM: What do you think is the biggest advancement in the cybersecurity industry right now?
DL: The cybersecurity industry has made significant advances in several key areas. Over the years, thanks to big data and machine learning, the industry has made significant progress in developing sophisticated detection and response strategies, fundamentally changing the way we manage and respond to security issues. We are seeing a dramatic increase in the sharing of threat intelligence. This enhanced collaboration will strengthen our collective capacity to mitigate and respond to threats, thereby increasing the overall resilience of our digital ecosystem.
It is noteworthy that there is a growing awareness and understanding of the importance of cyber security at the board and executive level. This represents a shift in mindset as cyber security is now recognized as a critical business challenge rather than a technical issue. This shift in thinking has had a significant impact by improving the overall security posture of organizations by ensuring that strategic decision-making and resource allocation are aligned with cybersecurity best practices.
IM: If you could give one piece of advice to other CIOs, what would it be?
DL: My advice to my cybersecurity colleagues has three parts. First, recognize CISO burnout. Given that our jobs are high-pressure and stressful, burnout is extremely dangerous not only for us, but also for our teams. It's important to find a balance between being proactive and creating a sustainable work environment. This means encouraging regular breaks, encouraging work-life balance and using mental health support resources. When the leader is good, the positive ripple effect on the team is high.
Second, most CSOs I know are very humble and understand that even though we all come from different backgrounds, it's important to encourage open communication and sharing of experiences because all of our journeys to becoming a CISO have many ups and downs. and socks. And it falls. The experience of these visits provides valuable information for other CIOs.
Finally, I recommend promoting a culture of growth through knowledge and learning. In an ever-changing field, lifelong learning is not an option, but a necessity. Encourage your team members, especially the younger generation, to improve their skills and expand their knowledge. For example, ISACA certifications such as CISM, CISA and CRISC are great opportunities for individual and team empowerment. By fostering a culture that values health and sustainability, you can increase your organization's resilience and adaptability to new cyber threats.