GO PHISH
struggling with COVID-19 and
there may be additional focus
on related cybersecurity
initiatives in those regions.
What changes to your
job role have you seen
in the last year and
how do you see these
developing in the next
12 months?
cybersecurity company is struggling
with. Finally, the need for continued
automation and tools that leverage
Machine Learning and AI never dies in
the security space.
How do you deal with stress and
unwind outside the office?
I care about physical fitness and I
exercise a lot – that is the time I spend
on myself and it is time that helps me
deal with stress and unwind. It’s the
time that I can think about nothing else
but what I am doing, in the moment.
Spending time with my kids and family
and travel are also ways I disconnect
from the crazy world of the office.
If you could go back and
change one career decision
what would it be?
I wish I had taken bigger risks earlier in
my career. As one of the few women in
I wish I had taken
bigger risks earlier in
my career.
security, back when I had started. I felt
like I had to nail everything the first time
and I didn’t want to take big chances
due to the fear of failing. Now, when
I look back at my career, I realise the
times I have grown and learned the most
are when I have made mistakes and
taken big risks.
What do you currently identify as
the major areas of investment in
the cybersecurity industry?
It’s interesting that cybersecurity goes
in phases but more recently I have seen
companies go back to the basics in
their cybersecurity investments. Major
investments include ensuring there
are robust Business Continuity and
Disaster Recovery, asset management,
vulnerability management systems and
security operations capabilities.
Are there any differences in the
way cybersecurity challenges
need to be tackled in the
different regions?
Although the foundation of cybersecurity
remains the same, regardless of region
– managing risks and ensuring you’re
mitigating and monitoring those risks –
the specific priorities may be different.
For example, right at this moment as
I write this, some nations are really
I have seen companies
leverage SAAS or go to a
100% SAAS model for their
business applications. This
changes the way you tackle
cybersecurity, as it is not
about protecting your own
infrastructure and networks
but rather it becomes more about
identity, access management and data
protection and ensuring you have
good insight into data movement. This
is a massive change I have witnessed
over the last year – SAAS applications
and cloud are being adopted more
than ever and security challenges are
different in that environment.
What advice would you
offer somebody aspiring to
obtain C-level position in the
security industry?
Be tech savvy and business savvy –
you’ll need both skills if you want to
pursue a CISO role. It is important to
understand the business and what
drives the business, so you can stay
relevant as a security practitioner. It
is also important to be passionate
about the product or services that your
company provides – understanding
how the business works will help you
become a competitive advantage to the
company and help you towards that
C-level position in security. Finally it is
good to be well rounded – take different
security roles, don’t stick to just one
domain within cybersecurity. There is
so much to learn in the field – take the
opportunity and try to move around and
learn every part of it, if you can. u
72 Issue 25
www.intelligentciso.com
|