Navigating the Evolving Landscape of IT Security

Ray Malmassari, Sr. Director, IT Security and Infrastructure, Jacuzzi Group

Ray Malmassari, Sr. Director, IT Security and Infrastructure, Jacuzzi Group

Ray Malmassari is a seasoned cybersecurity expert with nearly 15 years of experience, currently serving as the Sr. Director of IT Security and Infrastructure at Jacuzzi® Group. With advanced degrees from Western Governors University, Ray is in the final stages of completing his doctorate in IT with a focus on cybersecurity from Capella University. His portfolio of certifications includes CISSP, CCISO, CNDA, and PMP. Ray passionately shares his wealth of knowledge through his YouTube channels @TheCyberUpdate and @CyberSageRay and Medium blog @TheCyberUpdate, benefiting enthusiasts and professionals alike.

Through this article, Ray emphasizes his extensive experience in IT and cybersecurity, highlighting over 15 years of professional expertise and more than 25 years of personal involvement. He also highlights current industry trends, such as the impact of generative AI (GenAI) and reduced IT resources, as critical factors shaping the future of cybersecurity.

Professional Background and Current Role at Jacuzzi Group

I have about 15 years’ experience in IT and cybersecurity and over 25 years’ experience in a personal capacity. I currently serve as the Senior . Director of IT Security and Infrastructure. I am responsible for leading the IT Security, IT Operations, and Infrastructure teams in a global environment. My role entails various areas, such as vendors and contract management, IT architecture design and collaboration, security review for new vendors, and responding to escalated incidents.

Journey in IT and Cybersecurity

I started out in IT as a desktop support technician while simultaneously starting my bachelor’s degree in IT security back in 2011. Since then, I have moved up into various roles over the years in engineering and an architect role while completing a master’s in information security and assurance along with earning a few IT certifications (CCISO, CISSP, CNDA, CEH, CHFI, and PMP). I am currently on the tail end of completing a doctorate in IT.

  ​Cybersecurity and IT have many different unique niches; explore them and find what fits best with what your interests and career goals are.

Impact of Certifications on Professional Growth and Effectiveness in Cybersecurity

My certifications have certainly helped, not just by having them but from what I have learned in working to earn them. They have opened doors and opportunities for me. The knowledge and skills for most of them have transferred over to my jobs and helped me be more competent in them. For example, the CISSP as an information security management certification has helped in my leadership roles and the PMP has helped me with being a more effective project manager.

Strategies for Staying Ahead of Emerging Cybersecurity Threats

I ensure my team is aware of ongoing trainings from our vendor partners related to IT and cybersecurity tools. Vendors usually have ongoing webinars and training around their products and services and use cases they work towards resolving with their solution. I also have used training platforms in the past that have more certification-focused training and encourage my team to attend conferences and networking events related to IT or cybersecurity. Also, podcasts (Cyberwire, Life of a CISO, SANS Internet Stormcast) are a great resource to stay current with cybersecurity threats.

Current Trends Shaping the Future of Cybersecurity

♦  Some of the current trends in cybersecurity that I believe will shape the future are GenAI and reducing IT and security resources (budgets and staff) will have a profound impact on organizations going forward.

♦  Generative AI, or GenAI for short, is growing in popularity at a rapid pace and adoption of this sophisticated AI is spreading like wildfire among IT and cybersecurity vendors. It’s also on the mindsI is being integrated into all sorts of tools to enhance the tool and enable teams to manage with less (budget and staff).  of every CIO, CTO, and CISO in the industry and a bullet point on their strategic roadmaps. GenAI is being integrated into all sorts of tools to enhance the tool and enable teams to manage with less (budget and staff). On the flip side, it will be used by bad actors to cause greater disruptions and damage than ever possible before.

♦  Across all industries, organizations are scaling back on IT and security budgets and staff while simultaneously looking for ways to improve in the most cost-effective way possible. We’ve witnessed this in the tech sector the most, with mass layoffs happening more frequently. The reduction in budgets and staff will negatively impact and have long-term effects on organizations, increasing their overall risk of a security incident and the ability to pivot quickly to support the organization’s end users for IT-related issues.

Advice for Building a Career in Cybersecurity and IT Management

Always be learning something new. Cybersecurity and IT have many different unique niches; explore them and find what fits best with what your interests and career goals are. Not everyone aspires to be an architect or go into a leadership position; some people want to focus on just the technical side (engineering, IR, DevOps, design and architecture) or the non-technical side (risk and compliance, audit, and cyber insurance). The first step is to find your passion or interest and learn as much as you can about it via free online training (YouTube is an excellent resource) or paid training (Udemy, CBT Nuggets, Pluralsight). Once you’ve done that, you’re halfway there. Now look at career paths you’re interested in that align with a particular area you want to pursue, and then build a path backwards from that. Find others in the career you want and see what path they took to get there; it may not be the same, but it will certainly give you a great starting point.

Disclaimer:

The views and opinions expressed in this content are solely those of Ray Malmassari and do not reflect or represent the views, policies, or positions of any organizations with which he is affiliated, including the Jacuzzi® Group. Mention of specific vendors or products does not constitute an endorsement or recommendation by any associated organization. All statements and opinions herein are made in a personal capacity.