Lavy Shtokhamer, the head of Israel’s Cyber Emergency Response Team (CERT), has joined Standard Chartered to lead its cyber defense centre in Singapore. The centre is responsible for “actively monitoring, detecting and responding to security events to help protect the bank from internal and external cyber threats”, says a spokesperson for Stan Chart.
Shtokhamer spent two years and eight months in his role at CERT, which handles civilian cyber incidents for the Israeli government and is part of the Israeli National Cyber Directorate (INCD). He joined INCD in December 2016, as head of finance center, fintech, and innovation, according to his LinkedIn profile. Prior to that Shtokhamer was a cyber security manager at First International Bank of Israel for three years.
Cyber security talent is thin on the ground in Singapore, and Standard Chartered’s office in the Republic has a track record of hiring senior cyber security professionals from other sectors. Earlier this week it appointed David McLinton as global head of operations, information and cyber security. McLinton was previously Asia Pacific head of cyber security at Singtel. In November 2019, Peter Lewis joined the bank as head of industrial control systems, having worked in a government cyber security role in Australia.
Stan Chart bases many of its cyber security staff in Singapore and currently has 12 local vacancies in the function, including a head of cyber stakeholder and government engagement, and a senior cyber threat intelligence specialist.
SCB isn’t the only bank in Asia that’s been beefing up its cyber and information security ranks as the function takes on more importance, partly due to increased rates of remote working during the pandemic. In November, GIC hired veteran Citi technologist Alberto Tomita in a senior cyber security role. In October, Wayne Tham joined Hong Kong Exchanges and Clearing as head of information security. Tham was previously head of IT security, risk and prevention at Bank of Singapore. HSBC hired Jonathan Scott-Lee from Standard Chartered last April as its chief information security officer for Asia Pacific.
If you want to work for Shtokhamer at Stan Chart, a December interview he gave to The Record provides some insights into the candidates he likes to hire. Cyber security professionals should understand “how to address the C-level”, he said. “I think this is one of the most important skills that people lack in cyber security. You need to be able to address executives and explain to them the risk and what they should do. And understanding the mindset of the attacker. I think that in order to be a good defender, you must understand the other side, you must experience the other side. The most valuable employee that I had was a white hat hacker.”
Have a confidential story, tip, or comment you’d like to share? Email: firstname.lastname@example.org or Telegram: @simonmortlock. You can also follow me on LinkedIn.