Nader Elawar, a security industry and EP veteran since 2009, shares his journey and experience in dealing with multicultural environments, special forces, and corporate security.
In this interview, Nader talks about the unique security challenges presented by the crypto industry and shares insights on identifying potential threats, developing strategies to mitigate risks, and implementing security measures across different geographies.
We are very interested in hearing about the various twists and turns that have shaped your career trajectory and brought you to where you are today. Can you share with us some of the significant milestones or challenges that you have encountered throughout your journey in the industry, as well as any lessons that you have learned along the way?
I’ve been working in the security industry since 2009, and I have to say that it’s been quite a journey. One of the most significant things I’ve learned along the way is how to work effectively in multicultural environments.
This skill has had a significant impact on who I am today. One of the highlights of my career so far was the opportunity to work with special forces such as the Green Berets and MARSOC in 2013. It was an amazing experience to learn about the security SOF and apply it in my civilian life.
However, transitioning from working with the army to the corporate security side was not easy for me. I faced some challenges along the way, but I was able to learn from my mistakes and mitigate them. It was a valuable lesson that helped me adapt and succeed in my career.
What are some of the unique security challenges that the crypto industry presents, and how have you adapted your corporate protection strategies to address them? How have these threats evolved, and what steps have you taken to mitigate them?
The crypto industry presents unique security challenges, and it is crucial to adapt corporate security strategies to address them. To help mitigate these risks, we should take several steps, including securing physical offices, training employees on operational security awareness, conducting risk and threat assessments, and utilizing social intelligence monitoring.
Social intelligence monitoring is essential to help us identify potential threats to any crypto organization. By monitoring social media and other online platforms, we can stay current on potential threats or attacks against our organization. This allows us to proactively mitigate risks and ensure our employees and premises safety and security.
It is important to take a comprehensive approach to security in the crypto industry. Social intelligence monitoring is just one of the many tools we should consider using to help keep our organization safe.
Given your experience in risk management, can you share some best practices and insights for identifying potential threats, developing strategies to mitigate risks, and implementing security measures to protect people and assets? Especially across different geographies such as Lebanon, Dubai or Congo?
Having worked in risk management across various geographies, including Lebanon, Dubai, and Congo, I know each country presents unique security challenges that require different approaches to mitigate risks.
One of the best practices is to conduct a thorough threat assessment and country brief before entering an unknown area. This helps us identify potential threats and risks so that we can develop effective strategies. Risk assessments are also crucial at this stage, as they help us evaluate the potential impact of different risks and prioritize our efforts accordingly.
By conducting advance planning and having boots on the ground, we can prepare and implement security measures to protect our people and assets. Being multilingual has been helpful in my work as it allows me to communicate more effectively with people from different cultures and backgrounds. It is important to be aware of cultural differences and adapt our approaches accordingly.
Overall, taking a comprehensive approach to risk management is essential, including threat assessment, risk assessment, advance planning, and effective communication. By doing so, we can better protect our people and assets in different geographies with varying threat levels and cultural nuances.
According to surveys, with the rise of hybrid work, cybersecurity is now the biggest challenge that most employers face. How do we adapt security protocols to ensure the safety of its employees and company data to these hybrid work models?
The first step is to educate employees on the importance of cybersecurity and best practices such as using strong passwords and changing them regularly, two-factor authentications, avoiding public Wi-Fi, and being cautious with email attachments and phishing attempts.
Encourage the use of Virtual Private Networks (VPNs) to encrypt internet traffic and protect sensitive data when employees are accessing company resources remotely.
Implement MFA to add an extra layer of security to user accounts. This can help prevent unauthorized access to company resources even if a password is compromised. Limit access to company resources on a need-to-know basis. Implement access controls and permissions to ensure only authorized personnel can access sensitive data. Use cloud-based security solutions such as firewalls, antivirus software, and intrusion detection and prevention systems to protect against cyber threats.
Regularly update and patch systems; keep software and systems up to date with the latest security patches to protect against known vulnerabilities. Regularly monitor company systems and networks for any signs of cyber threats or suspicious activity. Establish clear incident response plans to ensure that employees know what to do during a cyber-attack or security breach.
By implementing these measures, companies can better adapt their security protocols to ensure the safety of their employees and company data in a hybrid or on-site work model.
There is a lot of talk nowadays about the importance of being agile and adaptable in the face of rapid change and uncertainty. How do you ensure that a company’s security measures and strategies can quickly and effectively respond to new and emerging threats?
Businesses should conduct regular risk assessments, stay up-to-date on threat intelligence, develop an incident response plan, establish cross-functional collaboration, conduct regular security training, implement automation and orchestration, and regularly test security measures, including taking permission to do penetration tests.
These steps can help organizations identify potential security threats, prioritize security measures, and respond proactively to security incidents.
