News

Information Security is all about Risk Management According to Amazon Executive

Posted 19th September 2018

Last week, Amazon executive Paul Clarke shared his insights and experiences in information security with the students at Carnegie Mellon University’s Australia campus.  

While information security focuses on the protection of information and systems from unauthorized access, Paul encouraged the student audience to also think in terms of risk management.  

With this frame of mind, he told the students that this means that resources are employed to manage, and if possible mitigate, the risk rather than purely trying to design systems that deal with attacks or mis-use of data.

As head of security operations centre detection and response at Amazon since 2016, Paul is responsible for delivering security services across the Amazon consumer and digital businesses.  

Paul also provided students with some sage advice on tips for securing a job in information security post-graduation. This included advice on:

  • What to read
  • Where to network  

He encouraged the students interested in careers in information security to reach out to consulting firms and banks in Australia, who are increasingly establishing information security graduate hiring programs.

Professor Riaz Esmailzadeh invited Paul to visit CMU-A and deliver the Convocation lecture.  
 
Paul has a 20-year career in information security. Before joining Amazon in 2015 he held senior positions with Barclays Bank and Citibank.  

Since 2018 students at CMU-A studying Masters of Science in Information Technology can specialise in Information Security.  

The specialisation equips students with a deep understanding of risk management, information security, and data privacy.  
 
This program draws upon the expertise in security research, operations, and analysis from the internationally respected CERT Division of Carnegie Mellon University's Software Engineering Institute.  
 
CERT is a leader in cybersecurity and has partnered with government, industry, law enforcement, and academia to improve the security and resilience of computer systems and networks for over 30 years.  

Amazon Executive Paul Clarke (left) with Head of CMU-A Emil Bolongaita (right)

1