Welcome to our new Chief Information Security Officer, Andreas Englisch who joined AssetMetrix at the beginning of 2022! With the growing trend of digitalisation in private capital the topic of information security is gaining a lot of attention. We have interviewed Andreas to find out more about the person leading AssetMetrix’ security efforts in the future.
Tell us a bit about yourself and how you came to joining AssetMetrix
I started my career at Siemens in 1993 where I had been a System Software Developer for some network technology. This brought me to a company named VIAG Interkom (later divested into BT Germany) as a Sales Engineer for data transmission services.
After more than 23 years working for this company in different roles (product manager, security consultant etc.), I decided to leave BT in last summer and joined AssetMetrix beginning of this year which is a big opportunity for me to bring my career and experience to a new level.
What initially got you interested in information security?
While I prepared my master thesis in Computer Science at TU Munich, I needed to earn some money and applied to become a working student for Siemens in parallel.
The team I joined researched in security and cryptography, so my job was to code a crypto algorithm named “ElGamal” to be used in a networking component (30 years later, ElGamal is still “alive” and nowadays increasingly enjoys respect and application in the area of public crypto systems).
Btw: One of my team mates later was the first CISO of VIAG Interkom.
What initially got you interested in private capital technology?
It was the enthusiasm of all managers I’ve had a chance to speak to in May and June, particularly CTO Dimitris Matalliotakis and Founder Emmeram von Braun, who spent an extensive amount of time interviewing me.
What made you want to join our team at AssetMetrix?
For me it was kind of both: The challenge of being a “Security Officer” for an ambitious organization and the mix of young and extraordinarily energized people.
Tell us what information security means to you and how this translates to what you do at AssetMetrix.
Information security is of course a lot more than just the maths inside cryptography – today more than ever where way too many companies get ransomed by “evil” application of otherwise innocent cryptography.
It’s about people, trust among them as well as organizations like AssetMetrix, and the determined application of clever high tech products in decent processes.
What are the major challenges in terms of information security you have so far seen in the private capital space?
Where banking industry and financial services have been using tightly controlled in-house IT for decades, I perceive a strong trend within private capital space to move into “the cloud”.
And for people like me, this ultimately requires transforming perimeter-oriented, traditional IT security approaches by more and more “cloud security services”.
How do you go about putting in place best practice in terms of information security at AssetMetrix?
My last role before I joined AssetMetrix was to give advice to multinationals (and especially their CISOs!) in best practice specifically regarding “cloud security services”.
In order to understand IT Security best practices, I have been examined by two different independent bodies named ISACA and (ISC)² to hold both a CISM and CISSP certification.
So, applying my proven knowledge and experience to my “own” organization should be elemental.
Stay tuned on upcoming content regarding information security in private capital.