Andrew Barber, 53, joined Sungard AS in March this year as Chief Security Officer (CSO) for the EMEA & APAC regions. The newly created role emphasises the need for a global approach coupled with local knowledge to meet our customers’ security needs.
Andrew brings deep knowledge and understanding of designing, building and managing security solutions and in developing security governance, risk and compliance functions in end-user organisations and customer-facing service providers. His security career began in central government and he has since worked in world-class organisations in more than 50 countries, almost half of which were located in high security risk regions.
Here we quiz him on his career to date and his plans in the new role…
What does the role of CSO involve?
In a service provider like Sungard AS, the security team becomes involved at all stages of the ‘production line’, from advising and supporting marketing strategies, product development, pre-sales activities and sales opportunities through to assurance and compliance of the finished product – making sure we meet our stringent security standards and those of our customers.
What did you do before Sungard AS?
I spent ten years as a member of Her Majesty’s Diplomatic Service, mainly working overseas. After that I became a freelance consultant for some well-known international companies before joining Cable & Wireless as International Security and Business Continuity Director. Most recently I was Chief Information Security Officer at Xchanging, serving the London Insurance Market/Lloyd’s of London.
What attracted you to Sungard AS?
I wanted to continue working for a technology service provider at the top of its game. As companies increasingly move towards outsourced solutions, I’m really looking forward to being involved in ground-breaking and leading-edge innovations.
What are your immediate priorities in this role?
Security incident management is a top priority, as is building an EMEA security community within Sungard AS. I see this taking on even greater importance as legal controls, such as the new EU data protection proposals, become ever more prescriptive. Then there is PCI-DSS legislation, which protects payment cardholder data but goes beyond being a mere IT concern.
What changes do you see on the horizon?
The UK government is currently focusing heavily on the threat of cyber attacks; looking ahead, I see this issue becoming even more prominent. We’re already developing a Security Operations Centre (SOC) to support UK government customers requiring an IL3 cloud environment connected to the Public Services Network (PSN).
What developments, if any, will Sungard AS customers notice?
I hope that before too long customers will notice we’re able to offer a truly regional viewpoint and response to the more complex security issues facing international customers by exploiting our overarching pan-European capabilities.