Hung Lee currently serves as the Chief Information Security Officer for Kasasa. Kasasa® is an award-winning financial technology and marketing services company that provides reward checking accounts consumers love, the first-ever loan with Take-Backs™, relationship-powered referral programs, and ongoing expert consulting services to community financial institutions. Together we can Take Back Banking™. For more information, please visit www.kasasa.com.
What are your main security concerns and what are you prioritising at the moment?
My #1 concern is data protection. Our customers trust us with their most cherished asset: their consumer data. It is our responsibility to protect that data as if it was our own data. Kasasa has a laser focus on consumer data that includes a 2021 corporate initiative of Data Excellence that includes data security as one of its four pillars.
What have been the biggest challenges around COVID-19 for your organisation? And, how are you addressing them?
Serving as a member of Kasasa’s 5-person COVID Response Team (CRT) gave me a unique behind-the-scenes perspective on everything that went into ensuring a smooth transition for our employees. The sudden shift to remote work; activating our Business Continuity Plan; developing new safety policies and protocols; and embracing our employees with love and compassion, I am so proud of the way Kasasa handled COVID-19. More details about Kasasa’s response to COVID-19 are available at our podcast.
What is your advice on balancing security and digitalisation?
First and foremost, I do not believe security and digitalization are diametrically opposed. Instead, I believe that with the proper security controls, digitalization can enhance security. For example, Kasasa has a major initiative to digitize many legacy HR files from paper in a filing cabinet into the Microsoft Office 365 cloud. My team implemented several security controls (e.g., multi-factor authentication, data loss prevention, role-based storage access) in our Microsoft Office 365 tenant that enabled this document digitalization and migration effort. These controls are more secure than a key to a physical filing cabinet, and mitigates the threat of physical theft or loss from fire and flooding. In summary, I believe security and digitalization need each other.
What do the next 5 years hold for your industry?
I believe the next 5 to 10 years will create a fundamental shift in consumer data privacy as companies “get it.” Companies are data custodians and data processors, while data ownership always stays with the consumer. Imagine this: You rent a monthly self-storage unit to hold extra home furniture. The storage location’s office manager goes into the unit and sells your storage unit’s contents to a furniture store without notifying you or receiving your consent, and you come back to an empty storage unit. In the physical realm, that is an unimaginable act of theft that results in criminal charges. Yet in the digital realm, this type of consumer data theft happens every day. Read more about my predictions regarding consumer data privacy in my Forbes article – https://www.forbes.com/sites/forbestechcouncil/2020/08/10/three-ways-consumer-data-privacy-will-evolve/.
Join Hung in the North American segment of Cyber World Congress at 12:40 EDT for the Fireside Chat: ‘The Evolution of the Role of the CISO over the Past 12 Months – How the Pandemic has Reshaped the Security Function‘. He’ll be discussing salient CISO challenges alongside Dennis Tomlin (CISO, Multnomah County), Todd Bell (CISO, Valleywise Health), and Mark Milne (CISO, NuSkin Enterprises) so be sure to secure your FREE* pass today at https://world.cyberseries.io/register/
Use complimentary discount code: KASASA
Learn more about Hung’s session and every other thought-leading discussion taking place at Cyber World Congress here.
*T&Cs apply. Code is not eligible for use by vendors or consultants, though they are invited to register for a Vendor-Delegate pass here!
