You are currently viewing Secret CSO: Howard Taylor, Radware

Secret CSO: Howard Taylor, Radware

Name: Howard (Chaim) Taylor

Organization: Radware, Ltd.

Job title: CISO

Start date of current role: February 2019

Location: Tel Aviv, Israel

Howard Taylor has over 40 years of experience in IT infrastructure, operations management, information security and technology risk management. Prior to joining Radware, Taylor was a principal consultant for BDO Israel, where he supported both high-tech start-ups and large corporations, such as Teva and Amdocs. Before moving to Israel, Taylor had a 29-year career as vice president of technology risk management at JPMorganChase. Taylor was one of the banking industry’s first CISOs, responsible for establishing security strategy for the company’s initial Internet presence, policy development, and regulatory compliance.

What was your first job? To pay for college, I worked for New York University’s data center, programming their computer billing system. This is where I developed my love for computer hardware and operating systems.

How did you get involved in cybersecurity? In the good old days, there was a saying “Nothing happens without a bad audit!” An external auditor was prepared to shut down a major funds transfer/clearing application unless all controls (security, change management, and business continuity) were significantly improved. They gave us a year to perform a miracle, and I was assigned to do it! I set up my company’s first technology risk management team.

What was your upbringing like? Do you have certifications? What are they? I have a BS in Computer Science from City University of New York, School of Engineering. I never had time to pursue certifications because I always had too much work in the queue. However, I highly recommend CISSP certification for aspiring CISOs.

Explain your professional background. Did you take any detours? If so, discuss. My beginnings in IT infrastructure management provided me with the best foundation to become a risk management professional. I knew the processes and procedures end to end. I understood the security issues and I quickly established the necessary relationships to deal with them. Once I left JPMorganChase to become a consultant, those skills really paid off. I was able to move quickly from one client to another and from one technology to another. Now, as CISO for Radware, an industry-leading security company, I’m happy with the direction my career has taken. No detours to report.

Has anyone inspired or mentored you in your career? During my first risk management assignment at JPMorganChase, I worked closely with two senior partners from a large accounting firm. They were approaching retirement and saw me as part of the next generation to continue their safety and risk management mission. After many heated discussions and a lot of hard work, we have significantly improved the control environment and kept the business running! They taught me an approach that has stuck with me to this day. Basic principles never go out of style.

What do you think is the most important aspect of your job? Maintain balance! The CISO must meet many requirements, although some conflict with others. For example, R&D needs wide open access to everything, everywhere. Customers are demanding tighter controls and extensive monitoring. Core business services must be protected against internal and external threats. The CISO must assess these goals and define ways to harmonize the chaos.

What indicators or KPIs do you use to measure security effectiveness? Not seeing your reported security incidents on the front page is a great KPI! (I laugh). Defining and tracking the right security KPIs remains a challenge. Radware’s program KPIs focus on the basics, such as patch management operating system update status, remediation plan progress, incident response times, and training statistics security awareness. These may not be the most exciting KPIs, but they are meaningful indicators of program health and safety success.

Is the security skills shortage affecting your organization? What roles or skills do you find most difficult to fill? Radware has a reputation for being a great place to work. We also have an excellent HR recruitment team. So, it may take a little time, but they manage to find the best candidates.

Cybersecurity is constantly evolving – how do you keep learning? Radware is a security company, made up of many experts ready to share their knowledge. In addition to internal information sharing, Radware offers white papers, webinars, and other information to the public through the website.

What conferences are on your must-see list? I have never found the lectures of great value. If I don’t have the information I need at home, I make a few calls to find it.

What is the current top trend in cybersecurity? The worst? I think the best trend is the new emphasis on basic housekeeping, like patch management. This was brought to the fore by the Solar Winds incident. The root of many cyber crimes is poor cyber maintenance. The worst trend today is to attempt to implement “process automation” without having well-defined processes. Some CISOs see the tools as a way to better secure their environment. If they don’t have defined goals and control processes, the tools may not deliver the ROI they expect. An avoidable waste of resources.

What’s the best career advice you’ve ever received? The best career advice was to leave my IT infrastructure comfort zone and move into the security and risk management space.

What advice would you give to aspiring security managers? Cybersecurity is a business catalyst! Work closely with your business and find ways to implement their requirements securely. In short, avoid saying NO!

What has been your greatest professional achievement? I’m still working on it! I get immense satisfaction from seeing the success of the young cybersecurity professionals I have worked with.

Looking back with 20:20 back, what would you have done differently? NOT A THING!

What is your favorite quote? “There is nothing new under the sun” King Solomon.

What are you reading right now? A crime novel – Schrem II.

In my spare time, I like… Going on nature hikes with my family and photographing the beautiful country in which I live.

Most people don’t know that I… used for riding and training competition horses (English saddle).

Ask me to do anything except… it must be in accordance with the policy!

Leave a Reply