Information is the Real Currency of any Organisation: New Zealand’s Gabriel Akíndèjú

New Zealand thought leader, technology governance, risk and security consultant, Gabriel Akíndèjú, shares his perspectives on the uncertainties around information management and cyber risks

Gabriel Akíndèjú is a family man, with wife and kids. As such, personal integrity and being human first, above all else, are among his most cherished values.

Akíndèjú has a background in electronic and electrical engineering, with post-grad specialisations in controls and instrumentation, and information systems management. In his undergrad days he picked up a keen interest in philosophy, psychology and law and has continued studies through professional training throughout his career.

When asked how his career moved to cybersecurity, Akíndèjú says that he “is grateful for the path my professional life has taken me”.

“I was privileged to start with a big-four back in the day.  The discipline and training provided, spanning financial audit, business process engineering, law, accounting, and IT risk management, have all added flavours to my methods and to whom I have become today.”

“I am not quite sure whether my inherent nature dictated and piloted my path into cybersecurity or if the inherent nature of risk management modelled who I have become.  One fact I have come to accept is that I am most suited for my field and my role as a professional.”

Having had various experiences in financial audit, IT audit, process engineering, in the year 2000, Akíndèjú decided to specialise in information security, and attained his first security certification whilst in the UK, in 2002.

“I have then gone on to earn many more since then and have also been privileged to have won many international awards,” he says.

What is the biggest challenge you face within your role today and how are you looking to tackle it?

Delving further into the challenges he has faced in his careers, Akíndèjú reflects that challenges and overcoming them are what makes human beings unique. 

“We thrive because we are challenged. Otherwise, our experiences may become mundane and boring. So, I love challenges, albeit, some more than others,” he says.

“Solving organisationally complex problems are a thrill for me.  I love to apply myself and be creative. To my mind, these are constructive, productive, and progressive challenges. There are other types of challenges that I do not like, especially working with leaders who would rather violate professional ethics to make gains.”

Tackling cyber threats with a risk management framework

Structured organisations are often setup to help manage uncertainties and to create clear objectives and goals that translate into values for stakeholders.

When asked for his thoughts on where cyber sits within an environment of risk, Akíndèjú says he believes cyber risks are just a dimension of managing uncertainties.

“Cyber risks have become more important because information management, and hence information management technologies, have become the driver and strategic enabler of most, if not all, organisations’ objectives,” Akíndèjú says.

“Information is the real currency and lifeline of any organisation.  Organisations that can effectively manage information and information management capabilities – its technology, partners, people and stakeholders – will invariably be able to create value.

“The bad elements of our world today understand all the above and they know they can do harm by finding ways to obstruct and/or corrupt organisations’ information and information processing capabilities.  Hence, the current trend in cyber threats.

“It is important to note that the mere presence and escalation of threats do not automatically translate to bad things or risks for organisations, because for a threat to translate to risk, there must be exploitable exposure pathways for that threat. 

“Organisations can improve their resilience by ensuring they adopt and are committed to dynamic risk management framework, processes, and practices.”

Translating the value of cybersecurity to the leadership

Organisations must understand the value of cybersecurity in various ways, depending on the organisation type, structure, and culture.  However, one concept that has become a constant, is ‘value and risk to value alignment’.

When asked how cybersecurity controls can be applied for managing technology related business risks, Akíndèjú mentions that business leaders and company boards are more inclined to listen and develop a keener appreciation of security when they understand how those controls can enable their objectives.

Boards want to understand how these controls help protect what matters to them while ensuring the business is not disrupted or if disrupted, they are able to recover in the shortest possible time and without loss of value, Akíndèjú says.

“Leaders are keener when they realise that all the above can be executed with less than they would have envisaged; and they would be part of the security governance function,” he says.