Me and my job: Sasan Hamidi, CISO, Interval International

Share this article:
Me and my job: Sasan Hamidi CISO, Interval International
Me and my job: Sasan Hamidi CISO, Interval International

How do you describe your job to average people? 

I always start with: “I am responsible for the protection of data and electronic privacy of customers.” And then I expand a little on what I mean by “electronic privacy.”

Why did you get into IT security?

I was a mathematics major at the University of Michigan when I took an elective computer class and caught a visiting professor drawing the wrong graph for an equation. I struggled whether I should raise my hand and point out the mistake or just be quiet. But at the end, I just couldn't hold back. He asked to see me after class. I thought he was going to let me have it, but he wanted to hire me to help him enter a bunch of data for a project he was working on. I had never previously worked with mainframes but noticed that other departments and students had access to his data. He asked me to fix this issue, and the rest is history. 

What is one of your biggest challenges?

Two words: “culture change.” I find that changing the way people do things has always been challenging. I want information security to be a “way of life” for everyone – not something they do to adhere to policies. So, everything that I do is to promote that culture. 

What keeps you up at night?

How I can utilize the tools and people I have in my department to improve what we do. Like other security professionals, I have to rely on the “operation” staff to get my projects implemented. So, anything I can do to maximize what I have already deployed can save me time and effort.

Of what are you most proud? 

Convincing people that they shouldn't look at security as a hindrance, but something we should all work together to achieve. After more than 20 years in the field, I believe I have been successful in promoting that “culture change” and that is what I am proud of the most. 

For what would you use a magic IT security wand? 

If I had a magic wand I would wave it around to find where all my security “holes” are. We conduct an annual risk assessment, but if anyone tells you that this is going to paint you the complete picture, they don't know security.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Heartbleed, Shellshock and POODLE: The sky is not falling

Heartbleed, Shellshock and POODLE: The sky is not ...

While it may seem like 2014 is the year of the vulnerability, in reality, this year has not been much different than years past.

Technology alone isn't going to secure IoT connected devices

Technology alone isn't going to secure IoT connected ...

It's clear that vulnerabilities continue to exist, despite our best efforts to combat them. In fact, we have addressed many of the same problems before.

DDoS is the new spam...and it's everyone's problem now

DDoS is the new spam...and it's everyone's problem ...

As new solutions emerge, it's critical for organizations to protect themselves by being informed, aware, and acting whenever possible. Those that don't take action are playing a very dangerous game.