If you get into difficulty in a swimming pool, who do you want rescuing you? Someone who understands the rules on the sign at the entrance but who cannot swim? Or someone who is prepared to dive in?
Just as in water, if you are drowning in a cyberattack, theory is not your priority.
Companies are realising that they need to hire a new kind of information security leader – people who not only know the rules, but who also understand hacking, the criminal mind, and the value of creativity. Finding and attracting them will not be easy.
Many organisations get into trouble as a result of hacks and data breaches – crisis moments when operations go haywire and reputations hang in the balance. These often occur when risk and confusion are heightened in other ways – such as now, during the Covid-19 pandemic, when attacks have increased as hackers look to take advantage of this global crisis and the resulting surge in remote working.
Although it is invisible to the naked eye and does not produce smoke or fire, the online threat landscape is a battlefield where people exploit fear and fight over real assets through their computers.
Historically, businesses have entrusted security leadership to theoreticians rather than practitioners. Getty Images
Historically, businesses have entrusted security leadership to theoreticians rather than practitioners. The typical chief information security officer, or Ciso, has had a lawyerly quality: fluent in terminology, strong on policy and strict on checklists.
But this stereotype must change. No rulebook or college certificate can repel a hacker armed with the latest weaponised malware or free a system hijacked by a state-backed gang. A Ciso without a grasp of gritty detail is like a lifeguard who cannot swim.
What must the new generation information security leaders look like?
First, they will need outstanding technical facility – especially, in the dark arts of hacking. It is vital that a Ciso knows where attacks come from, how they spread through networks and how to stop them. They should believe that “attack is the best form of defence”. Good Cisos will be those who roll up their sleeves to meet threats head-on rather than sitting in wait.
Second, they will need to understand assailants’ motives. Classifying threats in neat typologies obscures the diversity of the characters behind them. Hackers try to infiltrate systems for all sorts of reasons – from the criminal to the moralistic. Some do it just for fun. Understanding why an attack could be perpetrated often provides clues to defence and resolution.
Third, they will need to be creative. Those who stick to case studies and guidelines will stumble when unfamiliar threats emerge. In some crises, tried-and-tested methods will work. In others, risky improvisation may be the only alternative to catastrophe. Future Cisos will benefit from a maverick streak based on lateral technical thinking.
On top of all this, ideal security leaders will need to function effectively in corporate environments. Communication skills are critical. As digital perils proliferate, high-level executives – or the C-Suite – will require a dynamic map of the changing terrain. The Ciso must provide this, translating complicated jargon into plain language so that bosses can effectively balance risk against cost.
Job interview with candidate in modern office
Unfortunately for businesses, candidates fulfilling this description will be tricky to find.
For one thing, elite technical talent is dispersed. The internet has created a cosmopolitan community of hackers, programmers and coders. Controlling for economic development, the concentration of people with exceptional computer skills in a given place is generally proportionate to population size. But sometimes, a company will require unique abilities which are unavailable locally. Tapping into a fluid global marketplace to find exactly the right candidate is a challenge employers must overcome.
Moreover, below the surface, the internet has a confusing culture of anonymity. This anarchic quality is what attracts many people. But it also creates problems for would-be recruiters who, without the help of highly customised tools, can get lost in the murky world they are sifting through.
Perhaps the most important question is why an elite hacker with a non-conformist personality would want to work for a business at all.
On the face of it, our ideal future Ciso might find adjustment to a life of meetings, conference calls and regular hours quite difficult. But it is wrong to think that there is no overlap.
The practice of “ethical hacking”, in which companies actively seek skilled hackers to expose weaknesses in their systems, points to a potential solution.
Most people who excel at hacking are not inherently opposed to working in corporate roles. It is just that many companies need a culture shift to make the most of their unorthodox talents
Manipulating computer code is not inherently bad – and in fact, in many cases, it is useful and beneficial. It is the destructive consequences of hacking that are bad, and these result from unaccountability and malign motives. Most people who excel at hacking are not inherently opposed to working in corporate roles. It is just that many companies need a culture shift to make the most of their unorthodox talents.
The real challenge is therefore for companies to build a professional environment that appeals to the new generation of security leaders in the first place: by incentivising them to do what they do best for the right reasons, and not suffocating them within backward-looking work structures. This will take a new approach.
For companies in all sectors, the cost of installing the wrong kind of information security leader could be high. Those that have fallen victim to cybercrime even while the Covid-19 crisis rages around them have learnt this the hard way. But what are the benefits of doing it right? It could be the difference between sinking and swimming.
Nathan Swain is the chief information security officer at ADS Securities in Abu Dhabi
UAE currency: the story behind the money in your pockets
SolarWinds supply chain attack: Came to light in December 2020 but had taken root for several months, compromising major tech companies, governments and its entities
Microsoft Exchange server exploitation: March 2021; attackers used a vulnerability to steal emails
Kaseya attack: July 2021; ransomware hit perpetrated REvil, resulting in severe downtime for more than 1,000 companies
Log4j breach: December 2021; attackers exploited the Java-written code to inflitrate businesses and governments
Goalkeepers: Ali Khaseif, Fahad Al Dhanhani, Mohammed Al Shamsi, Adel Al Hosani
Defenders: Bandar Al Ahbabi, Shaheen Abdulrahman, Walid Abbas, Mahmoud Khamis, Mohammed Barghash, Khalifa Al Hammadi, Hassan Al Mahrami, Yousef Jaber, Salem Rashid, Mohammed Al Attas, Alhassan Saleh
Midfielders: Ali Salmeen, Abdullah Ramadan, Abdullah Al Naqbi, Majed Hassan, Yahya Nader, Ahmed Barman, Abdullah Hamad, Khalfan Mubarak, Khalil Al Hammadi, Tahnoun Al Zaabi, Harib Abdallah, Mohammed Jumah, Yahya Al Ghassani
Forwards: Fabio De Lima, Caio Canedo, Ali Saleh, Ali Mabkhout, Sebastian Tagliabue, Zayed Al Ameri
Who's who in Yemen conflict
Houthis: Iran-backed rebels who occupy Sanaa and run unrecognised government
Yemeni government: Exiled government in Aden led by eight-member Presidential Leadership Council
Southern Transitional Council: Faction in Yemeni government that seeks autonomy for the south
Habrish 'rebels': Tribal-backed forces feuding with STC over control of oil in government territory
65 - Henrik Stenson (SWE), Sebastian Soderberg (SWE), Adri Arnaus (ESP), Victor Perez (FRA), Jhonattan Vegas (VEN)
66 - Phil Mickelson (USA), Tom Lewis (ENG), Andy Sullivan (ENG), Ross Fisher (ENG), Aaron Rai (ENG), Ryan Fox (NZL)
67 - Dustin Johnson (USA), Sebastian Garcia Rodriguez (ESP), Lucas Herbert (AUS), Francesco Laporta (ITA), Joost Luiten (NED), Soren Kjeldsen (DEN), Marcus Kinhult (SWE)
68 - Alexander Bjork (SWE), Matthieu Pavon (FRA), Adrian Meronk (POL), David Howell (ENG), Christiaan Bezuidenhout (RSA), Fabrizio Zanotti (PAR), Sean Crocker (USA), Scott Hend (AUS), Justin Harding (RSA), Jazz Janewattananond (THA), Shubhankar Sharma (IND), Renato Paratore (ITA)
If you go...
Flying
There is no simple way to get to Punta Arenas from the UAE, with flights from Dubai and Abu Dhabi requiring at least two connections to reach this part of Patagonia. Flights start from about Dh6,250.
Touring
Chile Nativo offers the amended Los Dientes trek with expert guides and porters who are met in Puerto Williams on Isla Navarino. The trip starts and ends in Punta Arenas and lasts for six days in total. Prices start from Dh8,795.
Favourite breed of dog: All of them. I can’t possibly pick a favourite.
Favourite place in the UAE: The Stray Dogs Centre in Umm Al Quwain. It sounds predictable, but it honestly is my favourite place to spend time. Surrounded by hundreds of dogs that love you - what could possibly be better than that?
Favourite colour: All the colours that dogs come in
For first two Test in India Joe Root (captain), Jofra Archer, Moeen Ali, James Anderson , Dom Bess, Stuart Broad , Rory Burns, Jos Buttler, Zak Crawley, Ben Foakes, Dan Lawrence, Jack Leach, Dom Sibley, Ben Stokes, Olly Stone, Chris Woakes. Reserves James Bracey, Mason Crane, Saqib Mahmood, Matthew Parkinson, Ollie Robinson, Amar Virdi.
Emirates flies from Dubai to Seattle from Dh5,555 return, including taxes. Portland is a 260 km drive from Seattle and Emirates offers codeshare flights to Portland with its partner Alaska Airlines.
The car
Hertz (www.hertz.ae) offers compact car rental from about $300 per week, including taxes. Emirates Skywards members can earn points on their car hire through Hertz.
Parks and accommodation
For information on Crater Lake National Park, visit www.nps.gov/crla/index.htm. Because of the altitude, large parts of the park are closed in winter due to snow. While the park’s summer season is May 22-October 31, typically, the full loop of the Rim Drive is only possible from late July until the end of October. Entry costs $25 per car for a day. For accommodation, see www.travelcraterlake.com. For information on Umpqua Hot Springs, see www.fs.usda.gov and https://soakoregon.com/umpqua-hot-springs/. For Bend, see https://www.visitbend.com/.
Keep it fun and engaging
Stuart Ritchie, director of wealth advice at AES International, says children cannot learn something overnight, so it helps to have a fun routine that keeps them engaged and interested.
“I explain to my daughter that the money I draw from an ATM or the money on my bank card doesn’t just magically appear – it’s money I have earned from my job. I show her how this works by giving her little chores around the house so she can earn pocket money,” says Mr Ritchie.
His daughter is allowed to spend half of her pocket money, while the other half goes into a bank account. When this money hits a certain milestone, Mr Ritchie rewards his daughter with a small lump sum.
He also recommends books that teach the importance of money management for children, such as The Squirrel Manifesto by Ric Edelman and Jean Edelman.
Timeline
2012-2015
The company offers payments/bribes to win key contracts in the Middle East
May 2017
The UK SFO officially opens investigation into Petrofac’s use of agents, corruption, and potential bribery to secure contracts
September 2021
Petrofac pleads guilty to seven counts of failing to prevent bribery under the UK Bribery Act
October 2021
Court fines Petrofac £77 million for bribery. Former executive receives a two-year suspended sentence
December 2024
Petrofac enters into comprehensive restructuring to strengthen the financial position of the group
May 2025
The High Court of England and Wales approves the company’s restructuring plan
July 2025
The Court of Appeal issues a judgment challenging parts of the restructuring plan
August 2025
Petrofac issues a business update to execute the restructuring and confirms it will appeal the Court of Appeal decision
October 2025
Petrofac loses a major TenneT offshore wind contract worth €13 billion. Holding company files for administration in the UK. Petrofac delisted from the London Stock Exchange
6.30pm: Sheikh Zayed bin Sultan Al Nahyan Jewel Crown Prep Rated Conditions (PA) Dh 125,000 (T) 2,200m. Winner: Somoud, Richard Mullen, Jean de Roualle.
7pm: Wathba Stallions Cup Handicap (PA) Dh 70,000 (T) 1,600m. Winner: AF Arrab, Tadhg O’Shea, Ernst Oertel.
Thu Mar 15 – West Indies v Afghanistan, UAE v Scotland
Fri Mar 16 – Ireland v Zimbabwe
Sun Mar 18 – Ireland v Scotland
Mon Mar 19 – West Indies v Zimbabwe
Tue Mar 20 – UAE v Afghanistan
Wed Mar 21 – West Indies v Scotland
Thu Mar 22 – UAE v Zimbabwe
Fri Mar 23 – Ireland v Afghanistan
The top two teams qualify for the World Cup
Classification matches
The top-placed side out of Papua New Guinea, Hong Kong or Nepal will be granted one-day international status. UAE and Scotland have already won ODI status, having qualified for the Super Six.
Thu Mar 15 – Netherlands v Hong Kong, PNG v Nepal
Sat Mar 17 – 7th-8th place playoff, 9th-10th place playoff
So what is Spicy Chickenjoy?
Just as McDonald’s has the Big Mac, Jollibee has Spicy Chickenjoy – a piece of fried chicken that’s crispy and spicy on the outside and comes with a side of spaghetti, all covered in tomato sauce and topped with sausage slices and ground beef. It sounds like a recipe that a child would come up with, but perhaps that’s the point – a flavourbomb combination of cheap comfort foods. Chickenjoy is Jollibee’s best-selling product in every country in which it has a presence.
Race card
6.30pm: Al Maktoum Challenge Round-3 Group 1 (PA) US$100,000 (Dirt) 2,000m
6.30pm: Shahm, 7.05pm: Well Of Wisdom, 7.40pm: Lucius Tiberius, 8.15pm: Captain Von Trapp, 8.50pm: Secret Advisor, 9.25pm: George Villiers, 10pm: American Graffiti, 10.35pm: On The Warpath
First Job: Abu Dhabi Department of Petroleum in 1974
Current role: Chairperson of Al Maskari Holding since 2008
Career high: Regularly cited on Forbes list of 100 most powerful Arab Businesswomen
Achievement: Helped establish Al Maskari Medical Centre in 1969 in Abu Dhabi’s Western Region
Future plan: Will now concentrate on her charitable work
Men's draw: Victor Scvortov and Khalifa Al Hosani, (both 73 kilograms), Sergiu Toma and Mihail Marchitan (90kg), Ivan Remarenco (100kg), Ahmed Al Naqbi (60kg), Musabah Al Shamsi and Ahmed Al Hosani (66kg)
