Parham Eftekhari likes to connect people. Community engagement has been a constant in his career for nearly a decade, first in 2014 when he founded the Institute for Critical Infrastructure Technology, a cybersecurity think tank that seeks to empower generations of cybersecurity leaders, and again in 2020, when he joined CyberRisk Alliance Alliance to lead the Cybersecurity Collaborative – a membership organization where chief information security officers exchange ideas and develop tools to tackle the distinct challenging facing the infosec community.
And now, he's expanding that role, continuing his leadership of the Collaborative and also overseeing CRA's Cybersecurity Collaboration Forum that offer live and virtual education opportunities for the CISO community.
CRA's SVP of Content Jill Aitoro spoke to Eftekhari to learn more about his passions, and how the new combined entity will better serve the infosec community.
First, tell me something about you that people may not know.
I have two big passions in life: food and dancing. I can spend hours in grocery and specialty food stores dreaming up complex recipes, and will easily spend 6-8 hours cooking a meal from scratch. I find the process both creative and very relaxing. I’m also an avid fan of positive, feel-good music with a great beat, especially pop, house, and disco. I love country music too which often throws people off, but I grew up in Wisconsin so it’s part of my heritage.
Before we talk about what makes Cybersecurity Collaborative and the Cybersecurity Collaboration Forums complementary, explain to what makes them different. Don’t they check a similar box?
That’s an excellent question. Both organizations exist to help cybersecurity executives and their teams be more successful, share best practices, and cultivate leadership skills. The Forums business delivers against this promise through in-person and virtual events which integrate technology partners into the collaborative process. The Collaborative is a “by CISO, for CISO” subscription service focused on decision support, strategy validation, and a library of CISO developed tools and resources. They are complimentary yet unique models with an underlying mission focused on organizational resiliency and improving national security.
So now the plan is to unite the two under one umbrella, while still maintaining both brands. How will that work?
We spent the past year listening to hundreds of CISOs share their pain points and needs. It became clear to us that the best way to leverage CRA’s capabilities was to create a customer journey for CISOs and their team’s that offered diverse, complimentary solutions focused on education, content sharing, and executive development. Unifying the brands under one umbrella while maintaining their individual identity and offerings allows us to better coordinate and share content and education between these groups. It’s all about giving our executive community choice in how they learn and engage with their peers and the technology community.
Those of us that work with you can see your passion about collaboration in the community – it’s infectious. Why do you believe it’s so critical for the CISO community?
That’s very kind of you to say, Jill. I started building communities of practice in the technology space early in my career, and I learned early on that senior executives were hungry for trusted environments to learn and share with peers and vendors. The word “trust” is key to the success of what we do, and it’s all about relationships and putting CISOs in the drivers seat. I often talk about the “whole of nation approach” to cyber and national security, and I sincerely believe that all of us have a role to play in strengthening our critical infrastructures against nation state and criminal actors. CISOs and their teams need our help to be successful, and I feel lucky that I’ve built a career helping these dedicated front line warriors.
The threat landscape has evolved; adversaries are more sophisticated, and the cybersecurity community is arguably having a harder time staying ahead. How does that change or influence the type of collaboration that happens among infosec leaders?
We strive to deliver what I call “incident response collaboration” so our members can exchange best practices and lessons learned in near real-time when incidents occur. We enable this through a unique platform of services, supported by infrastructure, to facilitate collaboration in times of crisis. When you get cybersecurity executives in a room to talk about an issue, the magic happens on its own. Our job is to create and facilitate the safe space for those discussions to take place.
You just moved from Chicago to Boston. Pick your dream locale in the city for the next CISO meetup.
Going back to my love of food, I would pick one of the amazing Italian restaurants in the North End to share best practices around homemade pasta dishes and amazing wine. And of course, we’d end the night with espresso martinis… a must for any night out in Boston!