Hassan Asghar – Bremer Bank

Having committed to a technological upgrade in April 2017, St. Paul-based Bremer Bank hired Hassan Asghar as senior vice president and chief information security officer, putting the Pakistan-born and Pakistan- and U.S.-educated Asghar in charge of the information security program. A couple of years later a multipronged strategy has four major components in place, heightening data security on seemingly every level.

“It’s like a cat-and-mouse game,” the friendly Asghar tells Toggle in late October. “But I’m fortunate to now have a very talented team at Bremer and we’ve got a pretty robust program in place that’s covered just about every area. We don’t just deploy security tools behind all technology layers. Instead we’ve built a program that focuses on people, process and technology while ensuring it aligns with our strategic objectives.”

Strength in teamwork

A cybersecurity team that once numbered just three has been expanded to 30, with resources shifted from other parts of the company to fully centralize the security function and also onboard very talented external hires.

There’s a squad Asghar has assigned to assessing information security risks and compliance. “Banks being heavily regulated actually helps us,” he says. “By law we must ensure data protection, and that kick-starts us into exceeding the rules and regulations.”

Then there’s the cyber defense management team in charge of all components for technological security. This group’s high-stakes mission includes monitoring for threats, addressing vulnerabilities, forensics investigations and crisis response.

Like most financial institutions, Bremer Bank has strategic partnerships with third parties, and there’s another in-house team ensuring these outside entities have complementary security standards, including the means to safeguard a customer’s data as well as to recover lost data. This team also has responsibility for business continuity and a disaster recovery program for the bank.

Last, but certainly not least, is the team concerned with identity access management. This is often the weak link in any organization’s IT security—the careless use of passwords and the vulnerability in authenticating the legitimacy of a user. Good personal habits transcending into one’s professional life, Asghar wants no difference between the two for the bank’s 1,800-strong workforce in its Minnesota-Wisconsin-North Dakota footprint.

He also means business

Good security, of course, is good business, and that too is an area Bremer Bank counts on Asghar to further, especially as it responds to customers’ preferences for more services to be accessible by computer and mobile means.

His team is successfully implementing a number of different technologies in this area, building a platform that’s less reliant on third parties and giving the consumer more options to directly interact with the bank’s increasingly automated infrastructure.

While that means more data being passed around, the fourfold security platforms mean added protection for a clientele that includes commercial and agricultural entities as well as retail savers.

“We are creating a culture where we empower the business to innovate while keeping our risk and exposure at an acceptable level,” he goes on to say. “Security is everyone’s responsibility and we have developed processes where security is integrated as part of the development lifecycle rather than an afterthought. This makes the entire development process faster while building better resiliency. And no idea is a bad idea.”

Thus, he welcomes input, and not just from the IT department. Some of the best ideas he’s heard have even come from interns, which doesn’t surprise him. Young people, he reminds, have never known anything but a wired world, and they’re well-positioned to enhance it.

At home in Minnesota

Asghar reports at the board of directors’ quarterly meetings and is called upon for two additional updates.

“That shows the board’s commitment to oversight,” he says.

Minnesota seems a welcoming environment to the 37-year-old Asghar, his Norwegian-born wife and their two little girls. That said, he’d like to see more ethnic and racial diversity at the senior levels of the many Fortune 500 companies operating in the Twin Cities. It could be that Asghar will set an example, though he’ll acknowledge a lot of help in getting to where he is.

He came to the United States from Pakistan in August 2001 on a student visa and with little money when he enrolled at Luther College, where he graduated four years later with a BA in accounting and management information systems.

Asghar still needed to find an employer willing to sponsor a work visa, and he’d find one at the professional services firm Deloitte, where his initial focus on IT risk turned into an obsession for implementation. He’d have opportunities to further that in subsequent positions with MoneyGram International and Optum, part of UnitedHealth Group, and then to Bremer Bank.

Though laser-focused when it comes to IT security, he’s found time to get involved in extracurricular activities that include board membership at the local charity Project for Pride in Living, competing in squash leagues, and practicing yoga. He enhanced his academic creds in 2016, when he was part of the group nominated by UnitedHealth Group to complete the Executive Leadership Development program at the Stanford University Graduate School of Business. He’s also glad to have his parents and brother settled in Connecticut and his sister in Colorado.

“It took me 17 years to get to where I am, but it’s been worth it,” says Asghar, who became a U.S. citizen in January 2019.

And if he can help someone else in that journey, he will.