Tamer El Refaey, the director of security monitoring and operations at Emirates Integrated Telecommunications spoke at RSA Conference APJ 2014 in Singapore. In this Q&A he talks about what excites him about information security and how he got to where he is today.
RSA Conference: Can you provide some background on how you got into the security industry and how you ended up where you are today?
El Refaey: It all started in 2000 when I was working in Vodafone Egypt as a technical support engineer. When the information security function was just being formed, I was selected to be part of it. Having the Microsoft Certified Professional certification favored me over other candidates.
In 2001, I obtained my CISSP certification, which helped me to understand information security in a totally different way.I started my engagements in the Gulf in August 2003 where I moved between Saudi Arabia, Bahrain, and finally UAE.
RSA Conference: What excites you the most about working in the security industry?
El Refaey: The new challenges that we face everyday. A different hole that we need to seal, a unusual technique that we need to fight against, a new target that we need to protect, etc. Actually, I feel very excited and full of adrenaline with every incident that we are able to thwart on time and with every use case that we think of and implement.
RSA Conference: What would you like to see change/happen in the industry over the next 12 months?
El Refaey: I would really like to see more collaboration between different information security providers. We need to realize that we are dealing with enemies that are cooperating with each other and moving ahead of us big time. Security companies need to start sharing intelligence they have among each other’s and work together in harmony. Organizations cannot afford to have different solutions working in silos anymore. Security solutions that work in silos leave cracks that make it easy for attackers to sneak into networks.
RSA Conference: If you could pick one thing that has made the most impact on your career and where you are today, what would it be?
El Refaey: My CISSP certification! It was absolutely a career and philosophy changer. It made me realize, very early in my career, that information security is not only about network security but goes to everything that we do every day. Its emphasis on ethics is key to security professionals, especially the new joiners of information security forces.
RSA Conference: Why do you think RSA Conference is important for security professionals to attend?
El Refaey: RSA Conference is a great opportunity to see different perspectives, share experiences, and network with peers from different parts of the world. It is also a very good meeting place with security companies where you can get to know, firsthand, what is new in the market.
RSA Conference: What has changed in the industry that would affect what you talked about at RSA Conference 2014?
El Refaey: Security analytics has become a true need rather than a hype for different organizations to be able to detect low and slow types of attacks including cyber attacks or insiders’ misbehavior.