From the top

CSO Spotlight: David Cook, Databricks

For Cook, the best trend in cybersecurity right now is the use of artificial intelligence and machine learning because, he says, "security is about spotting patterns, and new services based on machine learning can help analysts spot trends faster at scale."

david cook databricks

As CISO at Databricks, Cook's role involves helping companies to manage and secure data at scale in the cloud. Coming from a networking and security background, he has moved over into the world of big data and building best practices to keep information secure. With so many people proclaiming that data is the new oil, keeping that data secure is now a big priority for all businesses. Here, he shares his career path and offers advice for aspiring security leaders.

What was your first job? The first role I had that involved IT was at school. I ran a computer Bulletin Board Service (BBS) in high school. It showed me how computers could be used to bring people together.

How did you get involved in cybersecurity? At HP, my manager was concerned about the security of one of our products. He asked for some help from his team members and I volunteered. Once I started to dig into cyber security, I realized this is what I wanted to do full time.

Tell us about your career path. I started my professional career around IT in software development and systems integration. This involved a mix of support, intranet design and web development. After this, I moved more into development and operations management. Once I got an opportunity to start a security program at HP, I realized that that security was my career path. I led teams focused on compliance including several ISO27001 accreditation programs for several networking companies, before moving into communications networking and now big data.

Was there anyone who has inspired or mentored you in your career? In every role, I have been fortunate to have amazing managers who have supported me and allowed me to grow. There are plenty of people out there that are happy to help you develop in your role, whether they are direct line managers, colleagues or members of industry bodies. Asking for that kind of help can be very valuable.

What do you feel is the most important aspect of your job? Collaborating with customers to ensure they have the most secure platform possible. Companies want to get the most out of their software, out of their data, and they are creating huge repositories of data either internally or in the cloud. These data sets have to be kept secure and managed, while also providing value to the business. This is a balancing act.

What metrics or KPIs do you use to measure security effectiveness? I focus a lot on the number of vulnerabilities identified from internal and external sources, number of regressions, and improvements to ISMS (Information Security Management System), and how quickly these vulnerabilities can be fixed or mitigations applied.

To continue reading this article register now

The 10 most powerful cybersecurity companies