KIB Information Security Team

Promote this Nomination

Additional Info

Job title of nominated professionalInformation Security Team
Company (where nominated professional or team is working)Kuwait International Bank
Websitehttp://www.kib.com.kw
Company size (employees)500 to 999
Headquarters RegionMiddle East

In 3 bullets, summarize why this professional or team deserves recognition:

- The KIB InfoSec team strongly believes in cyber hygiene. Therefore, the team continually encourages employees to apply lessons learned at work in their personal lives—not just at work. The team believes in cyber security culture; once the employees understand the significance of cyber security and how this can protect them at home, this information can be primitively applied at work. For this reason, the team has established a hotline that employees can call for security advice.

- The KIB InfoSec team has been responsible for conducting numerous enterprise security implementations, including the implementation of the state-of-the-art web application firewall (WAF), the anti-denial-of-service solution, and the e-mail gateway solution. These were implemented after multiple researches and proof-of-concepts to apply the best security solutions for achieving maximum protection.

- The KIB InfoSec team proactively conducts open-source intelligence (OSINT) to identify malicious activities potentially targeting the bank, improving the bank’s security posture.

Overview

The KIB Information Security team differs significantly from its competition because the department strives to provide an outstanding security function at the Bank. The team is composed of industry-level professionals with accreditations such as Certified Information Security Manager (CISM) from ISACA, Certified Information Systems Security Professional (CISSP) from ISC2, master’s degrees in computer security, Ethical Hacking from EC Council, etc.

The team is recognized for maturing the information security function at the Bank by adopting various security framework standards, such ISO 27001, ISO 27005 and those from the National Institute of Standards and Technology (NIST) and the Federal Financial Institutions Examination Council (FFIEC). The team is now bilingual and speaks both business and technical languages. This ensures that risks are effectively communicated across all business projects and that information security is well aligned with business strategy, especially with Information Security reporting directly to the Chief Executive Officer.

Moreover, the team was able to assist the business in delivering pioneering business products, such as the new OMNI channel and Visual Interactive Voice Response (VIVR). The team continually collaborates with business departments and discusses security matters that may potentially impact the delivery of their business objectives, as well as alternative means and approaches to deliver business functions whilst sustaining the business objectives. This was very challenging but possible because of the team’s dedication and enthusiasm regarding information security.

Furthermore, the team is very dedicated and committed to defending the bank’s customers against some of the most challenging threats and dangerous adversaries operating today. The team proactively performs threat landscape analysis and ensures that appropriate security controls and processes are in place to protect the organization’s information assets.