High Five: Meet Andre Gold, Head Of Technology Risk Management At ING
In May, Andre Gold departed as Continental Airlines' director of information security and landed at ING, becoming that financial service provider's head of technology risk management. Now he's spreading his wings with a larger staff and more responsibilities.
Head Of Technology Risk Management At ING
Interview by Larry Greenemeier
Photograph by James Leynse
In 2002, Gold was tapped to be Continental's first executive-level security manager. The airline's former CIO, Janet Wejman, told him, "I want you to run security, but I'm not giving you a budget, and you can only take one person" from the e-commerce team he'd been on.
COMPETITION TAKES WING
Setting security priorities depends on the type of business you're defending. At Continental, logons and passwords became cumbersome when gate and ticketing agents had to share the same computer in a terminal so planes could be loaded promptly and customers kept happy. If they're not happy, "they don't even have to walk across the street to do business with a competitor." His job at ING is to deal with risk at a higher level: "Are we ready in the event of an unplanned outage?"
Between 2005 and May of this year, Gold served on the Data Link Security Subcommittee, an aviation industry board that's "drafting security protocols that will enable not only Wi-Fi connectivity, but also determine the way future aircraft connect to respective carrier networks, offload messages, and upload data like gate information."
MAN ON THE RUN
Gold likens his day-to-day responsibilities at ING to a sprint, whereas the pace at Continental was more of a marathon. At ING, "we run harder and faster while we're at the office," but the work/life balance is more distinct.
GET A BACKBONE
There are many traits needed to do security well, not the least of which is "having a backbone. Your vision will be challenged all the time. And a lot of time, business units won't be able to deliver on projects once you work in the security considerations."
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.