Global CISO Keynote: Making the Most of a Crisis, Risk Reduction, and IT/OT Controls

In this interview, Ahmad Douglas, CISO at Commscope USA, a U.S.-based designer and manufacturer of advanced network equipment, faced a major crisis within weeks of starting his role. The company, which employs 30,000 people, was hit by a ransomware attack orchestrated by a gang called Vice Society. Sensitive data, including employees’ personal and financial information was stolen, shaking the organisation. This attack was a baptism of fire for Ahmad, who had spent a decade as a business information security officer but was now navigating his first CISO position. The experience quickly pushed him to make rapid decisions under pressure and coordinate a response without the benefit of finalised incident response plans or full internal resources.

Ahmad’s response to the attack demonstrated both resourcefulness and strong leadership. Without an established incident response retainer in place, he leveraged his network, calling his former boss to quickly involve Mandiant, a top-tier security firm,…