Security News > 2021 > April > Securing an online marketplace through the COVID-19-fueled boom
"Before my arrival at ManoMano, security was managed individually by each team at the company. There was no security team per se, no unique strategy and no clear security framework. Everyone's approach was very operational, which worked but kept the security stature at a level that was acceptable and functional," he told Help Net Security.
"First of all, there had to be a focus on communication and open collaboration - I needed to listen and watch, understand the business challenges and security risks that were present at that time. Secondly, I focused on presenting a clear vision of the strategy across the business, laying out a concrete action plan with desired results. Finally, I immediately started thinking about the recruitment of new talent so we could build a smashing security team."
As part of his strategy, he set to build a strong and effective "Human-first" security culture across the organization and train the team to apply an offensive approach to protecting the company.
"While we have had to adjust our GDPR approach and update the compliance requirements with our UK partners, I'm happy to say that, so far, it has not forced us to deal with any additional security problems. In the end, cybercriminals pay little attention to national borders - they go where the biggest bounty is and adapt their strategies to be able to exploit vulnerabilities associated with wider business and technological trends that occur simultaneously across much of the world."
Lemarchand coming onboard at ManoMano turned out to be very timely - he was able to start building this new system and culture just in time to meet security needs that arose with 2020's unprecedented traffic and threat levels.
"To win the fight against cybercriminals, it is essential to build up cyber-confidence across the board by sharing knowledge and tactics both within security teams and across organizations. This needs to involve every actor in our society - employees, companies, customers, citizens, charities and more. In the end, the aim should be to develop strategies and tactics that benefit not just your own team and business but society as a whole, which is why I encourage my team, and continuously motivate myself, to organize meet-ups, conferences, CTFs, and school partnerships."
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/-A0IKhyy2PA/