Cyber Security Challenges – views from the CTOs

Will we ever gain back full control of the Internet and our IT networks?

Additional information: A CTO guide: The main challenges facing the cyber security industry

We discuss the main challenges facing the cyber security industry, with insights on how to overcome them:

Technological and human

  • "The security industry needs to find ways to either empower the users to defeat cyber threats, to automate around human inabilities, or to eliminate the human from the equation." - Avishai Wool, CTO of Algosec

Big data stores create new security challenges

  • "…the data that was previously siloed and not delivering intelligence becomes a data compliance challenge and elevated security risk when correlated with personally identifiable data." - Scott Gnau, CTO of Hortonworks

Keeping up with changing technologies

  • They (customers) are struggling with skills – not just regarding hiring the right kinds of people – but in keeping up with the changing technologies. How do you keep up with the best practices?” - Sridhar Muppidi, CTO of IBM Security

The growing cyber skills gap

  • “There’s no shortage of young people capable of pursuing a career in cyber security. But, the trick is to ensure we nurture their skills and guide them towards using their talents for good, rather than acting as black hat hackers.” - Jason Hart, CTO at Gemalto

Security needs a ‘multi-pronged’ approach

  • “You have to teach people who create anything, whether it’s new software, or whether it’s integrations, or whether it’s new APIs, the basic principles of security by design.” - Uri Sarid, CTO of MuleSoft

Working on a basis of ‘assumed compromise’

  • “Organisations need to understand and have a pragmatic view that if a hacker really wants to get into your network, they probably will. You have to work on a basis of assumed compromise, that you’re going to get breached at some point.” - Michael Wignall, CTO at Microsoft UK


Dr. Lukas Ruf

Dr. Lukas Ruf is founder and CEO of Consecom AG.

Consecom is specialized in Strategic ICT Security Consulting, and offers support by concept (design), implementation and review (security testing, reviewing and auditing) services.

Lukas completed his master and Ph.D. studies the Swiss Federal Institute of Technology (ETH) Zurich in electrical engineering.

For more than two decades, he has been working as a consultant, architect and auditor in the areas of governance and organization, processes, and technology.

Among others, he is a well-known specialist for end-to-end security, identity and access management as well as information security management.

John Graham-Cumming

John Graham-Cumming is CTO of Cloudflare and is a computer programmer and author. He studied mathematics and computation at Oxford and stayed for a doctorate in computer security. As a programmer, he has worked in Silicon Valley and New York, the UK, Germany, and France. His open source POPFile program won a Jolt Productivity Award in 2004.

He is the author of a travel book for scientists published in 2009 called The Geek Atlas and has written articles for The Times, The Guardian, The Sunday Times, The San Francisco Chronicle, New Scientist and other publications.

Zeki Tuerdi

Zeki Turedi has extensive experience working within Private Sector, Law Enforcement and Government, consulting on Incident Response, Endpoint and Network cyber security throughout Europe, Middle East and Africa. In his current role as a Technology Strategist for CrowdStrike, Zeki works with organisations to incorporate and streamline Threat Intelligence and Endpoint Protection. Zeki has also contributed to several publications and research papers including “Issues in Cybercrime, Security and Digital Forensics”.