Security Leader Q&A – Pete Gibson, former Chief Information Officer, Friendly’s Restaurant

by | Aug 10, 2022 | Guest writers

As part of a series of Q&A discussions with senior security leaders, we spoke to Pete Gibson, former Chief Information Officer at Friendly’s Restaurant, whose responsibilities include protecting its 130 outlets across the U.S.

 

Q – What are the biggest areas of security concern for CIOs in the next 6-12 months?

 

A – I don’t tend to take an approach to cybersecurity based on singular issues – I believe it’s more important and effective to take a holistic brand protection stance. This means covering the entire spectrum of challenges and opportunities, so everything from network architecture to user training represents because they are all vital components of an effective leadership strategy.

 

Q – Does cybersecurity get sufficient buy-in from the boardroom?

 

A – Not always, and that’s something that needs to change. For example, some boardrooms will only wake up to the importance of cybersecurity when they have been attacked, and many security leaders do an extremely effective job despite a lack of engagement from the top. And don’t forget, cybersecurity isn’t just about prevention – today’s CISOs must also be able to guide their organizations through a crisis because when a problem arrives, senior leadership is then very focused on addressing the business impact.

 

Q – How has the role of CISO changed since the onset of COVID-19?

 

A – In many ways, it’s been extremely challenging – CISOs and their teams often have to monitor huge IT estates with only a few people to cover it all. On the other side, adversaries are trying to find the one vulnerability that will give them the leverage they require, but that’s all it takes.

 

Personally, I have become a big advocate of zero trust and the positive impact it can have on both external and internal threats. As more organizations focus on this as a core part of their cybersecurity philosophy, we’re likely to see it improve the ability of CISOs to protect their networks, users and data.

 

Q – To what extent do the major, headline-making incidents such as Solarwinds, Kaseya, Colonial, the Biden Executive Order and new legislation have a practical impact on the way CISOs approach security strategy?

 

A – There are some useful and important developments coming out of government strategy and from our legislators in general, but they need to take advice from security leaders to make sure there is a good balance between effective protection and laws that are too onerous. For example, the CCPA represents an important set of rules for consumers, but some of the requirements can be very challenging for organizations to meet. Take the issue of former employees that are also consumers of products or services from the place they used to work – meeting a request to remove all their data from systems can be extremely difficult to achieve, despite their importance in law and for the rights of individual citizens.

 

Q – If money was no object, where should organizations, in general, be increasing their cybersecurity investments?

 

A – Invest in building a really solid and robust cybersecurity team that reports to the CIO. These teams should then focus on knowledge-based goals. For example, ransomware protection is not just about buying an appliance, it’s also about how the organization reacts once they have been breached and how they can defeat it. Ideally, each business should be able to push a button and restore, and by treating cybersecurity as a strategic play, businesses can make much more effective investments that can help them overcome today’s wide-ranging risks.

 

Related

What is Glasswall CDR?

Embedded Engine

CDR Platform

Solutions

REST APIs

Email Security

Threat Intelligence

Plug-ins

CDS Plug-in

ICAP Plug-in

Menlo Plug-in

Palo Alto Plug-in

apps

Apps

Clean Room

Desktop

Why CDR?

We believe people should be free to open their files without fear. Glasswall CDR takes a proactive approach to automatically remove all Zero-day threats from files, without sacrificing productivity.

Use Cases

Secure Email

File Uploads and Downloads

Malware Risk Removal

Metadata Removal

Cybersecurity Crisis Response

Cybersecurity Crisis Prevention

Cloud Native Integrations

Data Migrations

SDK Integration

Resource Library

Blog

Events

support lines

Support

Glasswall CDR Portfolio

Reactive cybersecurity is failing - it’s time for a better way. Traditional detection-based security methods play catch up with new threats. Find out how your organization can take a proactive approach to cybersecurity.

strategic alliances

About our Partner Program

Our Partners

Become a Partner

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People

Careers

communication

Contact Us

support lines

Support

Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.