In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. In Q&A format, they share about their professional journeys, unique experiences, and hopes for the future of cybersecurity—along with some personal anecdotes.
In this installment, we introduce you to Randy Raw. He is the Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. He has more than 25 years of experience in both public entities and private industry, having built several Information Security programs from the ground up. Randy is a proponent of risk-based, layered security measures that utilize both preventative and detective approaches to achieve the right solution for the organization.
Randy is a CISSP and is active in the Central Missouri InfoSec community. He has spoken at SecureWorld on many technical topics and turns his focus towards helping others move from the technical trenches to a leadership role.
Get to know Randy Raw
Question: Why did you decide to pursue cybersecurity as a career path?
Answer: I was a systems/network admin for several years when the internet was young and mostly benign. I began to see cybersecurity growing in importance as more attacks began happening via online mechanisms. I'm also drawn to the fast-paced and ever-changing environment.
Question: What encouraged you to join your current organization?
Answer: I had an opportunity to join an organization that needed to build a cybersecurity program from the ground up. It was a chance to see if what I had been teaching at my previous job would work in a slightly different model. It's been a fantastic ride!
Question: What do you wish more people knew about your organization?
Answer: The importance of culture and how we celebrate our Veteran Heroes.
Question: How would you describe your feelings about cybersecurity in one word?
Question: What has been your most memorable moment thus far working in cybersecurity?
Answer: The day SQL slammer took down our entire state network with a very small number of old systems using a DDoS attack. Yeah, I'm that old.
Question: If you had to choose, what's the one cybersecurity practice people can adopt that would have the greatest impact?
Answer: Use multi-factor authentication everywhere (preferably better than what we have now).
Question: What is an industry-wide change you would like to see happen in 2022?
Answer: Effective, cross-platform and easy-to-implement password-less authentication with regular assessment of account/system behavior to enforce expected behavior and identify anomalous actions.
Question: If you could pass or change one regulation/law in cybersecurity and data protection, what would it be and why?
Answer: Create a federal, unified set of data fields that constitute data that needs to be protected (confidential/sensitive/PII/etc.).
Question: What are you most looking forward to this year at SecureWorld?
Answer: Seeing people in real life and not just in an online application.
Question: What do you hope attendees will take away from your session?
Answer: As technology leaders, we must be thinking about the evolving world of work for our employees. I hope leaders engage in great conversations about successes and failures when managing remote employees to help us all be better leaders for our teams.
To hear more from Randy Raw, attend SecureWorld Kansas City next week, where he will be participating in the closing keynote, "CISO Panel: The Future of Work." See the conference agenda and register here.
If you're interested in presenting at an upcoming SecureWorld conference, please fill out our speaker submission form.
Continue to follow our Spotlight Series for more highlights from industry experts.