Do you have what it takes to become a Chief Scientist in the infosec industry>
Help Net Security – Zeljka Zorz
Igor Baikalov, Chief Scientist at security analytics firm Securonix, is a trained scientist: he spent over 16 year working on various aspects of Structural Biology, developing new methods for determining the structure of basic building blocks of life: proteins, DNA, and their interactions. Baikalov was fortunate to accumulate the âessential ingredientsâ for the Chief Scientist role during his earlier career: he has a good understanding and deep appreciation of the scientific method from academia, a broad knowledge of information security challenges and innovative solutions from his R&D work at the bank, and a hands-on experience in transforming ideas from the back of the napkin into a product. âWhile it is not a must-have requirement for the role, I consider application development experience a big plus, as it allows me to focus companyâs efforts on actionable insights instead of chasing unrealistic expectations. I see a significant synergy between information security and application development: to protect systems, one has to know how they are built, and to build secure systems, one has to know how they can be broken,â he pointed out. Baikalov advises those aspiring to fulfil the role one day to stay inquisitive (both on and off the clock) and to try to understand the reason behind every phenomenon. âKeeping an open mind and engaging in critical thinking is very important. For a scientist, thereâs nothing more dangerous than entrenched and unacknowledged bias, so be honest with yourself,â he counsels. A Chief Scientist also has to be able to manage risk. Baikalov doesnât subscribe to the notion that a successful innovation program has to have over 90% failure rate, but he says that it has to be managed to constantly produce results while maintaining a competitive edge. Baikalov says heâd most like to see three fundamental advances in securing users, resources and data: ⢠Real soon: Expanding support and rollout of password-less authentication based on the WebAuthn specification by W3C and FIDO Alliance. ⢠Hopefully soon: Broad adoption of network micro-segmentation with embedded analytics to support a zero-trust model. ⢠Eventually: Transforming âdumbâ data into âsmartâ data by wrapping a chunk of it into protective container that carries additional metadata (ownership info, encryption key, etc.).
Link: https://www.helpnetsecurity.com/2018/07/18/chief-scientist-infosec/