Working in the ever-changing security field, in a multinational setting, and dealing with cutbacks in resources driven by world events and geopolitics — now that's a disruptive situation. But it doesn't seem to faze Paul S. Raines, chief information security officer of the United Nations Development Programme (UNDP), which runs economic development, quality of life and energy programs in 177 nations and territories.
Raines and his team of 10 security experts help developing nations create cybersecurity programs, from policy and technology review to risk assessment. Last year, for example, the team helped create and train Bangladesh's first cyber incident response team.
"Due to recent events there's a great demand for cybersecurity," says Raines, 56.
Developing nations have vulnerabilities that wealthier countries don't — due to less developed infrastructure in many cases — and therefore they run a greater risk of experiencing everything from cyberattacks on hospitals or air traffic control systems to shutdowns of phone networks.
The UNDP uses cloud software and is implementing a gateway to create uniform security policies, but Raines says the cloud has been a disappointment to him. Cloud vendors "don't want to negotiate with you," he says. "They say, 'Here's our service, take it or leave it.'"
Going forward, Raines sees an opportunity to further automate security through the use of intelligent machines that monitor networks via heuristics. That said, he adds, "you'll always need a person to monitor the machine."