Can you tell me a bit about your background and your current role?
I am an experienced Cyber Security professional having 10+ years of experience in the area of Cyber Security, Information Security Governance, Risk, and Compliance & Cyber Security Operations. Currently working as a Head of Information security. Academically holds Bachelor of Engineering (B.E.) in Computer & Information Systems from NED University of Engineering & Technology. I am also Certified IBM QRADAR professional, Cyber Security Nexus Professional, Certified Ethical Hacker, Certified Forensic Investigator and ISO 27001 Lead Implementer. I am also a trainer for cyber security especially for SOC and have been pioneer for SOC training in Pakistan. I have been selected as a member of central steering committee of Cyber Security & Crimes by the Federation of Pakistan Chamber of Commerce & Industry (FPCCI) in 2020 & 2021 as well.
I have represented Pakistan in European Digital week (September 2020) as a Cyber Security Speaker in International Cyber Security Conference, African Digital week 2021 as a Cyber Security Speaker in International Cyber Security Conference, Women In Cyber Security Cross borders 2021 as a Cyber Security Speaker in International Cyber Security Conference, Asia Digital week 2021 as a Cyber Security Speaker in International Cyber Security Conference, Women in Cyber Security Middle East 2020 as a Cyber Security Speaker in International Cyber Security Conference, also became the first female speaker at ISACA UAE Chapter.
I have been selected as a Board Member for Cyber Security by CGSS (Centre of Global Strategic & Studies).
I have been also selected as a Vice president – women in Cyber Security Pakistan affiliate as a newly bud chapter introduced in the South Asia region.
What is SOC in Cybersecurity?
A Security Operation Center (SOC) is a centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents. It is an emerging field now in cyber security all over the world.
What is the concept of traditional SOC & next-generation SOC?
Security operations centers streamline the security incident handling process, and are used to triage and resolve security incidents efficiently and effectively. The concept of the SOC was invented to enable ease of collaboration among security personnel in a time when cyberattacks were primarily manual in nature. Nowadays, machine-based, automated cyberattacks are the norm and are challenging the SOC models that worked years ago. As the internet has grown over the past decade, a number of problems have surfaced in the way traditional SOCs operate. A next-generation SOC brings the concept of SOAR (Security Orchestration Automation and Response) combines automated data gathering, security automation, case management and analytics to provide organizations the ability to easily implement sophisticated defense-in-depth capabilities based on internal and external data sources.
What is the key to good Cybersecurity?
In an organization, implementing the best information security governance is the key to bring cybersecurity in an effective manner.
Do smaller businesses face the same risks today as the larger companies we are seeing being hacked in the headlines?
Yes. This is mainly because most of the organizations have digital footprint. Cyber risk are the same for a medium, large or low footprint organization. No matter the size of your business, the threat posed by hacking and other cyber-attacks is very real and should be considered in your business planning and technological investments.
How do you foresee future cybersecurity?
Cybersecurity experts predict that in 2021 there will be a cyberattack incident twice than the past year. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. In order to keep pace with an evolving economy that requires more digital transformation, organizations must place cyber resilience at the top of their priority list.