In the latest instalment of our IT security industry executive interview series we spoke to Cathal Judge, CEO at CISO Assurance Global, about regulatory compliance in the cloud, exploration of Zero-Knowledge Proof, understanding privacy as a basic human right and the potential of quantum key distribution…

Tell us about your company, products and services.

CISO Assurance Global is a best in class security services provider, covering v-CISO, GRC, v-DPO, Cloud Security Architecture, Penetration Testing, and more. Our clients include Fortune 500s as well as SMEs.

What have been the biggest challenges the IT security industry has faced over the past 12 months?

We have been particularly focused on meeting regulatory compliance requirements within complex cloud architecture environments, enabling our client’s ‘Telco cloud-first’ digital transformation goals. A first in the industry. We work with regulators in areas that are not yet fully defined – specifically around encryption key management, to ensure absolute privacy and security of customer data, yet high availability as per business demand.

And what have been the biggest opportunities?

The opportunities to reduce risk and boost privacy are endless. We are exploring Zero-Knowledge Proof, AI and other areas as we build solutions to meet the various challenges facing our industry today.

What is the biggest priority for the IT security industry in 2023?

To continuously educate and shift the culture across all countries, to be more risk-conscious, to better understand privacy as a human right, to be more customer-centric, and to continually improve. We cannot overlook any area, by focussing too much on another area. Every organisation’s threat and risk profile is unique.

The new NIS2 Directive will have an impact on our clients, and we are perfectly positioned to embrace these Network Security requirements with our Security Architecture managed service offering.

What are the main trends you are expecting to see in the market ?

More uptake of AI, as digital transformation continues to accelerate. More data, wider attack surface, bigger risks, bigger breaches.

Better technology solutions incorporating encryption and key management, ZKP solutions and crypto security continue to evolve at a rapid pace. Advances in quantum cryptography.

What technology is going to have the biggest impact on the market this coming year?

That has to be Artificial Intelligence. As much as it is stealing the limelight, it is justified. Hackers will use AI, defences will use more AI. AI shifts the goal-posts dramatically.

In 2025 we’ll all be talking about…?

Quantum cryptography solutions coming to market, especially quantum key distribution going mainstream. AI being weaponized more, and AI defences becoming the go-to for organisations.

Which person in, or associated with, the IT security industry would you most like to meet?

Vitaly Buterin comes to mind. I would like to discuss the deeper philosophical views he may have around true decentralisation and security, for the people.

What’s the most surprising thing you’ve learnt about the IT security sector?

Imagine a world where quantum computers are able to crack any modern encryption with ease. The modern world would collapse… Upon researching quantum encryption, I came to realise that secrecy is built into the very fabric of our universe… On a quantum level, confidentiality is assured, because quantum states cannot be cloned or copied without changing the data itself. This means we can detect a hacker and instantly rotate the keys.

You go to the bar at the Security IT Summit – what’s your tipple of choice?

A ‘boring’ healthy fruit juice. If on a Friday I’ll order a tin cup with a steel umbrella shaped like a radar!

What’s the most exciting thing about your job?

Coming up with creative ideas to solve our client’s real world challenges, and then working with them from start to finish, building friendships along the way.

And what’s the most challenging?

I particularly enjoy challenges, so bring them on, whatever they may be!

What’s the best piece of advice you’ve ever been given?

Going back more than a decade, my mentor Julia taught me about the importance of embracing positive security awareness as a means of cultural transformation. This principle is still the most important – 80% of our consulting focuses on education and cultural transformation. When people truly understand ‘why’, the rest falls into place. Our core services are about empowering our customers, to take responsibility and ownership of Security and Privacy from the ground up, and the top down.