Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, ISO 20000 LA, is the newly elected international president of ISACA and group director of information security at INTRALOT in Athens, Greece. INTRALOT is a leading supplier of integrated gaming and transaction processing systems, game content, game management and interactive gaming services to state-licensed gaming organizations worldwide. Dimitriadis has served ISACA as international vice president for three terms; chair of the Knowledge Board, the External Relations Committee, and the COBIT for Security Task Force; and member of the Strategic Advisory Council, the Relations Board, Academic Relations Committee, Journal Editorial Committee and review team, and Business Model for Information Security Work Group. Dimitriadis has served as a member of the Permanent Stakeholders Group (PSG) of the European Network and Information Security Agency (ENISA) from 2012 to 2015. Dimitriadis has received innovation awards from the European Lotteries Association, the John W. Lainhart IV Award from ISACA and the ISACA Presidents Award.
What is the biggest security challenge being faced in 2015? How should it be faced?
The expanding cyberthreat landscape in combination with the lack of cybersecurity skills in the market. The public, private and academic sectors must invest more in creating skilled cybersecurity professionals.
What is your favorite blog?
ISACA Now
What is on your desk right now?
Laptop, tablet, phones, coffee. No paper.
What are your three goals for 2015?
What is your number one piece of advice for other risk and compliance professionals?
Maintain a business mind-set, keep learning and welcome change.
What do you do when you are not at work?
Travel with ISACA, kiteboard, snowboard, and spend time with friends and family.
As ISACA’s incoming international president and the group director of information security at INTRALOT Group, how do you see ISACA growing and adapting to the constantly changing marketplace and needs of its constituents over the next year?
Historically, information has always been invaluable, for people, societies, businesses and countries. Nowadays, information and communications technology (ICT) is the backbone of the world economy—a part of our daily lives. Through the gaining of more value from information and ICT, enterprises seek ways to become more effective, efficient, innovative and profitable. At the same time, balancing risk and value is closely coupled with stakeholder trust; it influences the viability of products, services and operations.
ISACA is an international leader in providing the tools for creating trust in and value from information and information systems, which subsequently act as business enablers serving professionals, enterprises and governments. ISACA is used to change and has learned to adapt quickly. It has mechanisms for being proactive, monitoring market trends and constituents’ needs. With an international profile and multicultural structure involving passionate volunteers from all over the world who are experts in their domains and who are shaping the state of the art, ISACA has set up an active community of professionals who network, share opinions and learn from each other.
This will be an exciting year, putting all mechanisms to the test, providing more value to our members, constituents and their enterprises.
Can you briefly describe your role at INTRALOT? What in your past experience best prepared you for this position?
I am responsible for information security, information compliance and intellectual property protection at INTRALOT Group, which has a presence in 57 jurisdictions on all continents. I run a global team that creates and monitors the execution of the enterprise security strategy and framework and is responsible for all types of certifications, external audit support and stakeholder trust in general. A few months ago, I was also given the responsibility of heading the office of the chief technology officer (CTO), managing transformational activities in the area of technology.
From my studies to my early work experience and the achievement of ISACA certification, every step added to my preparation for my current role, from learning how to write scientific reports to gaining a business perspective and working in a multinational environment.
What do you see as the biggest risk factors being addressed by information security professionals? How can organizations protect themselves?
I wish there was a single answer to this question. In some cases, it is the difficulty for security professionals to speak a business language, leading to lack of buy-in from upper management. This, in turn, leads to incomplete, nonholistic solutions. At the same time, the threat landscape evolves very quickly, while attacks become more and more sophisticated. What adds to the risk is the lack of appropriate cybersecurity skills and framework implementation, underestimating the governance and human aspects.
In all cases, the need for a holistic framework that embeds information and cybersecurity in the business strategy is necessary to reach an understanding of priorities and help the enterprise achieve its goals.
What has been your biggest workplace or career challenge and how did you face it?
Working as a security professional in a global, multicultural and rapidly evolving enterprise, with an open innovation culture, is a challenge I enjoy every day. Due to their holistic and multidimensional nature, ISACA frameworks helped me communicate the right messages, understand the diversity introduced by different cultures and, most important, understand how an enterprise operates. To appreciate security needs, I first needed to gain a holistic view of corporate conduct and business processes, enable innovation rather than limit it, and deploy information security and compliance as a contributor to realizing business goals.
However, I believe that the greatest challenges are ahead, both in becoming ISACA international president and in heading the CTO office of INTRALOT.