Circles.Life: cybersecurity transformation in telecoms
When it comes to cybersecurity, Mohamed Noordin Yusuff Marican, Chief Information Security Officer (CISO) at Circles.Life has been hooked on the concept since he was a teenager. “It wasn’t even called cybersecurity back then, it was known as data security, IT security and information security. It wasn’t until more recently that the phrase cybersecurity came in,” reflects Noordin, who adds that “with internet laws being less stringent back in the 90s,” he spent his time as a teenager on his first computers fiddling with security tools such as password crackers and backdoor trojans.
“Knowing that this was the career journey I wanted to take, my career began as a police officer, in the police technology department, in the IT security team. I was responsible for protecting information assets, belonging to the Singapore police force.”
After five years in the police force, Noordin moved to the private sector, working at industry leading companies such as EY, Barclays, Qatar Petroleum, KPMG and NTUC Enterprise, before joining Circles.Life. “Joining Circles.Life has definitely allowed me to grow my abilities to become a senior leader and have conversations with founders and C-levels. Circles.Life is already and will be even more successful than it already is in time to come. The first rule of success is to have a clear vision and that is what Circles.Life has. If you don’t have a goal of what you want to achieve, you end up drifting around and never ending up anywhere. Circles.Life’s core vision is to give power back to the consumers,” comments Noordin.
By nature, Noordin explains that he is a builder. “I have built cybersecurity teams in the past, but Circles.Life has given me the runway to build an information security office from ground zero, which I will be doing for many more years to come.”
“Founded on the belief that telcos can – and should – be better. Our vision is to be the go to customer brand that delights and engages customers with personalised digital services across the world,” details Noordin. With its pledge to give power to people that echoes throughout its internal operations, Circles.Life strives to not only be the best digital telco app, but to also provide many different consumer verticals such as movie tickets, concert tickets and classes in a high quality and flexible way for its customers.
Bringing the conversation back to security, Noordin explains that Circles.Life’s information security program has what the company calls its three ‘CISO pillars of cybersecurity’. “These pillars are made up of Cyber Defense, Cyber Governance and Cyber Operations functions. Our Cyber Defense function focuses on the likes of technical penetration testing, to ensure that vulnerabilities are discovered and remediated timely while our cyber governance function focuses on policies and procedures to make sure that we have the necessary cybersecurity frameworks in place and that we are complying with current cybersecurity and data protection regulations. Finally, our cyber operations function protects and defends our infrastructure against cyber threats.”
With this structure in place, Noordin adds that the next element of Circles.Life’s information security program is its process. “We continuously work to ensure that we have the strong processes in place to defend the organisation against attacks, as well as having the right-fit security technologies. We can not only have one of these three elements, we need to have the people, processes, and technology to ensure that cybersecurity becomes an enabler for the business.”
Circling back to the company’s core vision ‘to give power back to the customers’, Noordin reflects on the company’s culture. “our customers are our key pillar when we are executing our work, each and every one of us has our company vision resonating in our day to day work. Whilst each team has its own KPIs and priorities, they are all ultimately driven by the core company-wide priority, ensuring that our company is aligned in the work that we do.”
COVID-19: maintain cyber-resilience in uncertain times
It is common knowledge that digital transformation has sped up significantly as a result of COVID-19, Noordin explains that Circles.Life was quite lucky when the pandemic hit due to already being a digital company, Circles.Life was already well suited to sustain its operations. “We do not have on premise server rooms or data centres,” comments Noordin, “our workloads are in the cloud and so we are purely a cloud native, digital company which allow staff to work from anywhere.”
Noordin goes on to explain that it is this cloud based element of its operations that is important for becoming resilient. “You are only able to become more resilient if you can execute day to day operations in the office from anywhere. Our cloud based tools provide us with a hybrid function whereby we can have some people working from home and some people in the office.”
While Circles.Life was well suited to sustain its operations when the outbreak occurred, Noordin explains some of the challenges that the company faced. “Some of the key challenges I would say, included the desire to be in the office to collaborate with peers and team members. It is very important to build that camaraderie within a team. However, while I think more and more companies are realising that they may not even need to have an office, I believe that most organisations are creating a hybrid approach to office work as they come to understand when it is important to be in the office and when it is not.”
- Mohamed Noordin