In this Security Edge interview, Ahmad Douglas, Commscope’s CISO, reveals how a major ransomware attack reshaped his approach to cyber resilience and leadership under pressure.

Commscope, a company that employs 30,000 people, was hit by a ransomware attack orchestrated by a gang called Vice Society.

Sensitive data, including employees’ personal and financial information was stolen, shaking the organisation.

This attack was a baptism of fire for Ahmad, who had spent a decade as a business information security officer but was now navigating his first CISO position.

The experience quickly pushed him to make rapid decisions under pressure and coordinate a response without the benefit of finalised incident response plans or full internal resources.

Ahmad’s response to the attack demonstrated both resourcefulness and strong leadership.

Without an established incident response retainer in place, he leveraged his network, calling his former boss to quickly involve Mandiant, a top-tier security firm, to help manage the situation.

He also sought advice from experienced leaders like Jamil Farshchi, who had managed the fallout from the Equifax breach in 2017.

Ahmad emphasised the importance of relationships in the cyber security field, not just for technical problem-solving, but for establishing communication with executives, maintaining calm in crises and securing the trust of senior leadership.

The lessons learnt helped him establish protocols for future incidents and highlighted the need for comprehensive playbooks, crisis communications, and even ransom negotiators.

The cyber attack on Commscope served as a turning point that enhanced the visibility of the CISO role, previously lacking direct engagement with key stakeholders.

Ahmad built trust through transparent and consistent security initiatives, gradually earning the confidence of senior leadership and enabling direct discussions with the board and CEO.

His incremental approach to cyber risk reduction emphasised continuous improvement and aligned security with business objectives, establishing cyber security as a driver of long-term success rather than merely a cost centre.

Ahmad also highlights the significance of fostering an authentic and supportive workplace culture focused on curiosity and continuous learning, despite financial constraints, and advocated for transparency in cyber security to build customer trust, especially during critical incidents like ransomware attacks.

 

Key takeaways:

  • Authentic and supportive culture: Fostering an open and authentic culture where employees are valued and encouraged to grow, even if it means celebrating when they move on to better opportunities.
  • Investment in learning: Emphasising the importance of continuous learning by investing in employee training and certifications, which helps retain people who share similar values despite financial constraints.
  • Transparency in cyber security: Advocating for strategic transparency during cyber security incidents to build trust with customers, particularly by oversharing relevant details while maintaining legal considerations.
Contributors
Ahmad Douglas CISO at CommScope USA
Ahmad Douglas is the Chief Information Security Officer of CommScope, a global manufacturer of telecommunications equipment based in North Carolina, USA.  CommScope operates... More

Ahmad Douglas is the Chief Information Security Officer of CommScope, a global manufacturer of telecommunications equipment based in North Carolina, USA.  CommScope operates a diverse portfolio of businesses, innovating in the fields of fiber optics and coaxial cable, cellular antennas, large-scale and high-density wi-fi installations, and telecommunications systems.

Prior to joining CommScope in 2023, Ahmad served as Chief Security Officer of Equifax Workforce Solutions, securing the premier datasets of American employment and payroll information.  He has also held information security leadership roles at Comcast Xfinity and Visa.  His career began at Los Alamos National Laboratory, where his technical and strategic contributions focused on securing the U.S. nuclear weapons program.

Ahmad holds a B.S. in Computer Science from Allegheny College as well as M.S. (Computer Science) and M.B.A. degrees from the University of New Mexico.  Outside of work, his passions are mentoring the next generation of ambitious young professionals and playing jazz piano.

Less
Byron Connolly Head of Programs & Value Engagement at ADAPT
Byron is a highly experienced technology and business journalist, editor, corporate writer, and event producer.​ Prior to joining ADAPT, he was the... More

Byron is a highly experienced technology and business journalist, editor, corporate writer, and event producer.

Prior to joining ADAPT, he was the editor-in-chief at CIO Australia and associate editor at CSO Australia. He also created and led the well-known CIO50 awards program in Australia and The CIO Show podcast.

Byron creates valuable insights for our community of senior technology and business professionals that help them reach their organisational and professional goals. He has a passion for uncovering stories about the careers and personal philosophies of Australia’s top technology and digital executives.

When he is not working, Byron enjoys hot yoga, swimming, running and spending time with his family. He completed the North Face 100km ultra marathon in the NSW Blue Mountains in 2012 and 2013.

Less
security transformation leadership