Tasheel Finance CISO: Cybersecurity is a business issue

Mohamed Al Doseri, CISO of Saudi Arabia-based Tasheel Finance, says that cybersecurity is not just a tech problem. Security professionals bring business policy and tech procedures together as threat levels change.

mohamed al doseri
Mohamed Al Doseri

When he took on the role of CISO at Tasheel Finance in June 2020, at the height of the pandemic, Mohammed Al Doseri stepped up to a leadership position and quickly moved to enable the financial services organization to function by, among other initiatives: selecting secure software for meetings and discussions; creating a crisis management team; and securing VPN connections with multifactor authentication (MFA). Just as important, Al Doseri’s team supported ongoing digital transformation implementation, helping to introduce the company’s Digital Journey service for customers, which allows them to apply for a new loan or complete purchases wherever they are located, without visiting physical offices.

In this Q&A, Al Doseri explains that cybersecurity is not just about technology —it has become a business issue.

CIO Middle East: How do you lead a security strategy within the organisation?

Companies can no longer delegate the headaches of cybersecurity to the IT department, as it has become a business issue as well. This is especially important as businesses become more digitized, exposing them to an increasing number of threats if security risks are not properly managed. The types of threats that businesses face are also changing. Hacking software is becoming more powerful, allowing hackers to have a greater impact on a business. On top of previous threats such as data theft, extortion, and vandalism, cyberhackers are moving to more sophisticated agendas such as espionage, disinformation, market manipulation, and infrastructure disruption. To be able to mitigate these threats, businesses must not only consider cybersecurity as a business risk, but also act on it. To successfully protect a company, it must consider what these cyberrisks mean for the company as a whole and for its customers.

Facing cybersecurity as a business risk, rather than just a technology risk, is not as frightening as it sounds. Simple guidelines can assist a business in accomplishing this. Businesses require a strategy that incorporates cyber security into all aspects of their operations, from the IT department to employee training to security policies.

To continue reading this article register now

Download CIO's Roadmap Report: 5G in the Enterprise