Q&A: Meeting Nir Chervoni, Group Product Manager, Security at Booking.com
Thu 27 Feb 2020 | Nir Chervoni

What was your earliest ambition?
My earliest ambition was to be a musician, but not the kind of musician which plays classical music in an orchestra. It was more a combination of being a composer which creates, mixes, masters, and sometimes even plays in his own masterpieces.
What is your current ambition?
Sometimes I’m getting back to my core childhood ambition, but for almost two decades I have had a master plan and for now it seems that I’m on the right track. It’s about being a true security leader with vast influence and impact, while continuing to create new music and play new instruments, and I’m also on the very final phase of making fine (red) wine.
What does a positive security culture mean to you?
It’s all about the default mindset of the security team. Where they work with their business colleagues, they should have, by default, the approach of how to help the business move forward, while reducing security risks with reasonable controls and creating mutual trust with stakeholders.
What is one cyber security myth that frustrates you?
That you need to have robust cutting-edge security platforms to better protect your organisation’s IT systems and data. CISOs should ask themselves if they have an up-to-date security policy and the very basic access control and audit capabilities applied, before going through new adventures with AI/ML/Super-Cyber/[Pick-a-buzzword] oriented solutions.
What is one of the biggest challenges facing cloud & cyber security professionals today?
It’s hard to pick only one, but if I have to, I would say that it’s about practically protecting massive loads of data. There are a lot of “cosmetic” data protection implementations which look good on the auditor’s report or any other management presentation, but when you dive a little deeper to what’s there, most of the time you will find something different.
What excites you most about the future of the industry?
With regards to security holistically, the “game” of attackers vs. protectors isn’t going to end soon (or ever) as at both sides you will find mostly humans and machines. This means that the “game” is going to be even more advanced, in a way that will inspire people’s minds.