DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).
DAST
Continuously monitor web applications for vulnerabilities at scale with Cobalt Dynamic Application Security Testing (DAST).

Introducing Cobalt’s Chief Information Security Officer: Andrew Obadiaru

With 20+ years in the security and technology industry, Cobalt is thrilled to have recently welcomed Andrew Obadiaru, Chief Information Security Officer.

With 20+ years in the security and technology industry and a history of managing and mitigating risk across changing technologies, software, and diverse platforms, Cobalt is thrilled to have recently welcomed Andrew Obadiaru, Chief Information Security Officer.

Andrew is responsible for maintaining the confidentiality, integrity, and availability of Cobalt's systems, services and data. With Cobalt as a security and remote-first company, he was eager for the opportunity to step in and create an impact. Continuously evaluating and adopting new technologies and frameworks is an integral part of his journey in the cybersecurity space. Understanding the relevance of these aspects within Cobalt is a motivating factor, with the goal in mind to influence security and design a growth trajectory.

Understanding The Role of CISO

Protecting the critical business assets of an organization is a key priority for any security leader. Prior to joining Cobalt, Andrew was the Head of Information Security for BBVA USA Corporate Investment banking, where he oversaw the creation and execution of Cyber Security Strategy for BBVA USA. Having 20 years of security experience in different industries, he has gained different perspectives and approaches to security.

Building and leveraging an organization’s threat detection capabilities, aligned with an agile threat and incident response rooted in technologies and processes, with well defined recovery capabilities is at the core of cyber resilience.

Andrew has a keen sense of how cybersecurity is changing and how he expects it will continue to change over the next 5-10 years. Challenges in cyber resilience will continue, and cyber resilience as a security concept is still a relatively new one for many organizations. For businesses and organizations to clear these hurdles, it’s important they shift their perspective on security from the traditional approaches to a more nimble way of doing security. It starts with how you detect, evaluate and respond to cyber security threats.

Leadership can not be overstated, it’s key.

As CISO, it’s an opportunity to take a seat at the table and guide decisions across the organization as a whole. With many businesses shifting to the online workspace, remote-first or hybrid brings tremendous benefits — not just to the business, but the employees as well. This phenomenon that was largely driven by the pandemic also introduces significant cyber risk to the organization and challenges to security professionals. Leadership certainly has a significant role to play.

The organizations with leadership that are receptive to security generally do well, whereas the ones where security is seen as another cost center usually have an uphill battle with security initiatives. Security at these organizations sometimes becomes an afterthought and, at times, a costly one. As a CISO, you must be able to work with other leaders in your organization to create a true security strategy that is aligned with the organizational goals and objectives.

It’s important to ask your organization questions such as:

  • How well defined are our current security plans and responses?
  • How well do our teams value security?
  • How quickly can we address breaches and recover?

When asked how the CISO role has changed and how he expects it to evolve, Andrew shared that the CISO role has evolved and will continue to evolve. For a CISO to be successful he/she must have a good understanding of the business as well as a solid technical background. Your ability to understand the business objectives and drivers of those objectives will go a long way in how you align and execute against your security strategy, which ultimately is a determinant of your success or failure.

Back to Blog
About Caroline Wong
Caroline Wong is an infosec community advocate who has authored two cybersecurity books including Security Metrics: A Beginner’s Guide and The PtaaS Book. When she isn’t hosting the Humans of Infosec podcast, speaking at dozens of infosec conferences each year, working on her LinkedIn Learning coursework, and of course evangelizing Pentesting as a Service for the masses or pushing for more women in tech, Caroline focuses on her role as Chief Strategy Officer at Cobalt, a fully remote cybersecurity company with a mission to modernize traditional pentesting via a SaaS platform coupled with an exclusive community of vetted, highly skilled testers. More By Caroline Wong