Do you agree that the best IT security professionals are those who think like criminals? What unique qualities do good IT security professionals have? I'd say that creativity and the ability to be innovative are the two common attributes that both cyber criminals and IT security professionals possess. I prefer to say that than to say IT security professionals 'think like thieves'.
What makes cyber criminals different from IT security professionals is that the latter uphold ethical values. This determines whether a talented person belongs to the good side or the bad side.
What is your key philosophy in managing IT?
The most important thing is to understand people's needs. Also, you've got to be vision-driven. People can spell their needs out most of the time, but not on some occasions. In these cases, the CIO has to have a vision to drive technology to benefit people and serve them better. You've got to be IT-driven and vision-driven.
What advice on time management do you have for fellow CIOs?
Do less and think more. I always challenge the technical people: Can you develop something that costs less and is effective? Cost-effective solutions are always available to solve problems, but the work is to find and implement them, as they depend on how you design the system.
A lot of people don't want to spend money and effort in system architecture and design nowadays, but everything begins in the design stage.