GO PHISH
when stressed and being creative doing crochet ( making blankets and decorations / toys ).
If you could go back and change one career decision what would it be ?
I am not sure I would specifically change anything . My career path has never been particularly deliberate or targeted , but I have taken opportunities as they have arisen . All of my roles and experience have given me some skills that I continue to draw on today . My roles outside of core security functions ( as a Service Manager and an Infrastructure Architect ) have been particularly valuable for me to be able to see the wider picture and understand challenges from other perspectives .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
For many years , investment has been focused on technologies . However , I see time and time again organisations are not getting the benefits they have been sold without the right service and support model . These single point technology solutions are not a silver bullet – if they were , then we would have solved the issue of cybersecurity by now . Key factors are the people and processes that support the technology and I see that as a major area of investment .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
I think there is a different cultural approach to security risks across different regions . I recognised this when working at a global aerospace organisation – the US were much more risk adverse whereas the APAC region had a very high tolerance for
My career path has never been particularly deliberate or targeted , but I have taken opportunities as they have arisen . security risk . I think these natural cultural differences in approach to risk propagate to how cybersecurity challenges should be tackled across the globe . There is no doubt about it , that single holistic technology solutions are key for global organisations . However , ensuring processes underpinning the use of technology are understood and , where required , adapted to suit regional differences is a good basis for ensuring cybersecurity controls are perceived in the right way .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
The COVID-19 pandemic has brought with it some challenges – mainly the move to such a high volume of remote working . The technology to support this model has presented increased security challenges related to patching , support and the natural protection that an office environment provides has been realised . I think the coming year will force much more focus on optimising remote working models as organisations embrace this approach and security controls that enable this , such as Zero Trust will be accelerated .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
Find a great network of peers working in a range of different organisations . I call upon my network regularly for advice and have built a mutually beneficial network . I have found my experience in roles outside of core security functions instrumental in me making balanced and informed security decisions in my current role as I am able to see challenges from other people ’ s perspectives . u
72 www . intelligentciso . com