On the lighter side of things we ask Sherif El Nabawi, Vice President Sales Engineering Asia Pacific and Japan, CrowdStrike, about what makes him tick.
What would you describe as your most memorable achievement?
Back in 2010, I was given the challenge of building a security consultancy practice from the ground up focused around incident response and strategic security. We built the team to include more than 20 talented incident responders. We stopped numerous major cyberbreaches and helped our customers across Europe, the Middle East and Africa to prevent business damage. This point in my career really prepared me for where I am today. Witnessing the practice’s positive impact on the security posture of our customers was unforgettable – it was certainly a career highlight.
What first made you think of a career in technology?
I was inspired by my father. He’s an academic professor in automatic control and during my childhood I was fortunate to travel to many different countries he taught in. Seeing his authentic passion and the way he would carefully plan each of his classes was inspiring. Naturally I gravitated towards an engineering role. Back then, the field was dominated by communications engineering, satellite and personal mobile communication so I pursued a Bachelor of Science in that area. Later I completed my Masters in satellite communications. The combination of the communications industry’s rapid transformation and my father’s passion for engineering influenced me to focus on technology as a career and I haven’t looked back.
What style of management philosophy do you employ with your current position?
My management style is empathetic, collaborative and results-driven. I like to support the individuals in my team in what they want to achieve for the future and enable their growth. It’s about listening and understanding their professional needs. In terms of collaboration, I encourage my team to bring forward ideas, carry them out and receive credit for their hard work. Lastly, business milestones are not visible unless you can measure them. This is where a results-driven approach to management comes into play. You can be empathetic, you can be collaborative, but I find that people often lose focus without the right metrics in place.
What do you think is the current hot technology talking point?
The multiple use cases of Artificial Intelligence (AI) are really interesting. At CrowdStrike, we’re using AI to predict attacks, stop potential breaches from happening around the world and to patch vulnerabilities before a threat actor has the chance to exploit them. Beyond cybersecurity, predictive AI is increasingly being used to disrupt traditional industries like health, real estate and automotive. It fascinates me the way that companies like Tesla are creating autonomous vehicles, using AI to predict human requirements and facilitate those needs in order to get from A to B.
How do you deal with stress and unwind outside the office?
A core value in my life will always be my family – whether it’s sports activities, spending time at home or just being close to my kids, I unwind by spending time with them. In terms of my mental health, I try to fully disconnect from electronics and mute my notifications when I can.
On the exercise front, I can’t start my day without going to the gym, running or swimming. If I don’t start the day with some form of physical activity, I feel the difference. Prior to COVID, travel was also something I really enjoyed with my family which we have swapped for fun, interesting activities and discovering places closer to home. I recently took my kids go-cart-racing. It was a lot of fun and made me realize that one of the positives to come out of the pandemic is that we’re exploring what’s in our own backyard.
If you could go back and change one career decision what would it be?
If I had the choice again, maybe I would have chosen a different pathway and ventured down the architectural engineering route. This may surprise some, but I would have been an architect. I love engineering but have a major soft spot for architecture – it fascinates me.
What do you currently identify as the major areas of investment in your industry?
The breaches from supply chain attacks and accelerated technology adoption have led to higher risks in both home and office networks. Devices, networks, data and the management of all of these are no longer an easy-fix problem. With the uncertainty of the pandemic meaning most people won’t return to the office any time soon, a secure remote workforce will remain a priority investment area.
E-Crime is a huge threat and the industry is aware of the need to invest in best-in-class talent and software. Cyberattacks are putting enormous strain on the availability of services around the world, from online and mobile banking to disrupted healthcare. It is expected that in 2021, some actors will evolve their ransomware attacks towards double extortion threat models.
As a leading provider of threat intelligence, CrowdStrike’s Falcon Intelligence team is at the forefront of cybercrime intelligence gathering and has developed a dedicated service for customers which provides detailed mapping of eCrime adversaries, their motivations and likely next targets.
What are the region-specific challenges when implementing new technologies in APAC?
Post-COVID, many local authorities and government bodies are open to discussing the level of assurances needed to protect data and move to the cloud. Both public and private enterprises are aware of the need to ensure security and retain data sovereignty. It’s not one or the other.
Disclosure remains a challenge but we are seeing changes to cybersecurity legislation and data protections coming into effect. Some customers in the region do not give the same level of importance to a threat or security issue that a customer in a different region might, which is an issue. Rapid disclosure, accountability and remediation tools are critical because governance and policies vary from country to country.
Geopolitical tensions are also having a lasting effect on cybersecurity. To defend against the threat of nation-state espionage, some countries have already introduced foreign intelligence measures which determine where critical technologies can be imported from. This trend will likely continue in APAC, with some countries banning particular technologies and investment.
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?
Managing teams spread geographically during COVID-19 has required an additional level of effort and connectivity, and I’ve enjoyed the challenge. I envisage a change after COVID, where we will have to adopt a new balanced approach around cultivating a team culture that spans across office and remote interactions.
From a technology perspective, the adoption of the cloud model has accelerated. In the past, it was sometimes challenging to convince customers of the value, importance and speed of cloud-based services but now, COVID-19 has advanced these discussions by five and even 10 years. Cloud is becoming the new default for every business.
What advice would you offer somebody aspiring to obtain a C-level position in your industry?
My advice would be to have a clear career plan and a good mentor. Without creating a plan at the start of your career, you may lose direction. Create mid and long-term career goals so that you have something to effectively measure against, change these accordingly, stay motivated and show real progress.
Remember to always learn from others too. Find someone who you respect and who inspires you. Ask them for advice on your career journey. When it comes time, become a mentor too. You can learn so much from others but if you’re not giving back to the people in your team, then you’re not doing your part.
Finally, I’ll share some advice from a previous manager and one of the greatest mentors I’ve had: ‘the key is authenticity’. Be true to yourself, stick to your core values and have a career plan wrapped around that.
Finally, if you’re in information security, continue knowledge sharing with your peers on a daily basis because the sophistication of the tools, techniques and procedures being used by attackers will never stop evolving.Click below to share this article