Paul Hadjy is one of the reputed names in information security. As the CEO of Horangi, a company that offers cybersecurity solutions, Paul is tirelessly working to make cyberspace safer. Prior to Horangi, Paul worked at Palantir Technologies, where he was instrumental in expanding Palantir’s footprint in Asia Pacific. He has built over a decade of experience and expertise in Anti-Money Laundering, Insider Threat, Cybersecurity, Government and Commercial Banking.
In a conversation with CISO MAG, Paul discusses his journey with Horangi, the menace of insider threats, and much more.
You have been at the helm of Horangi for almost three years now. How has the journey been so far?
It has been an exciting experience growing a cybersecurity company with the rapid evolution of the industry landscape, regulations, and greater understanding of end users. There is certainly a lot of room to grow in terms of cybersecurity maturity, and we will continue to be at the forefront of this effort. Horangi has grown tremendously, and I am proud of what we have managed to achieve in just three years.
During its relatively short journey so far, Horangi has helped a number of SMEs in thwarting cybersecurity threats. According to you, which factors make it difficult for SMEs to deploy right cybersecurity practices?
The most important factor limiting SMEs in deploying the right cybersecurity practices is simply resources. The primary objective of most SMEs is to establish and drive their own business, and security is not necessarily a priority concern. This is where we have had tremendous success with SMEs because we understand these constraints and have built our solutions to help organizations to close the widening gap of resources and manpower required to better secure themselves. It is difficult for most SMEs to identify the right solution that holistically addresses both their business and technical requirements, especially since they rarely have deep cybersecurity expertise on their team.
Secondly, cybersecurity is a human problem. It is not enough to put in the technical solutions to secure an organization, the right security practices also involves changing behavior of employees which is a complex problem on its own. This is why we built our cybersecurity training product which allows organizations to educate their employees on the latest cybersecurity threats and track their security posture with employees in a cost-efficient and effective way.
Insider threat is a persistent problem in a number of organizations. As a cybersecurity solution provider, what kind of training is provided to your employees with regards to insider threats?
To answer this we must be clear why Insider Threat might occur, and it usually boils down to financial or personal motivations. At Horangi, we instill a cohesive family culture where our employees, or ‘Tigers’ as we call ourselves, support each other in and out of the office. Building a strong culture where everyone are more than just colleagues in a room, is the foundation towards mitigating Insider Threat.
Additionally, we clearly outline the roles and responsibilities of individual Tigers whilst promoting a strong internal culture of interdepartmental support, cohesion and cross training. The sharing of knowledge and opinions allows individuals to gain respect from their fellow Tigers, so they know their value to the Horangi culture and family. This is how we ‘train’ our employees at Horangi with regards to insider threat.
Having created that culture of mutual trust and common purpose, we also verify by defining access control for each role at the company and monitoring logs and systems carefully.
What are the biggest challenges you face in the recent future?
One of the biggest challenges that we and the industry at large face, is scaling up, while not compromising on the high standards we hold ourselves to. We have to constantly educate our customers, the general public and improve ourselves, at the same time constantly improve the quality of deliverables and interactions while threats and the need for cybersecurity continue to grow rapidly.
What is the advice you would like to give to a budding information security professional?
Horangi was founded to solve 2 things:
- The lack of cybersecurity professionals, industry maturity and general awareness
- The gap in alignment of cybersecurity with business objectives and priorities
There are a lot of opportunities for growth in this field today but you should focus on learning to explain your findings in simple way. Try explaining things to your mother, father or a friend that isn’t in cybersecurity. Each one of us will play an important role in educating others about the importance of cybersecurity, and ensuring the safety of technology users everywhere so make sure you’re ready when it’s your time.
