My path to Cyber was challenging and full of learning. I began in consulting more than 10 years ago, gaining insights into one of the world’s largest IT outsourcing companies, learning first-hand about business risk in a global context while managing clash of corporate cultures, competing financial goals, diverging expectations and continual drive for efficiency in a climate of rapid technological change.
I later focused on risk management and internal control systems (ICS), supporting companies that paid a regulatory fee for trading on the US stock market, in compliance with the Sarbanes- Oxley Act. Forming internal controls, support implementation and audit gave me a broad understanding of the operational context for security and is still a valuable experience for all projects: keep your risk in mind – but do not overdo it! Because there are some risks that have to be accepted.
The next phase of my experience was in reviewing Insider Threats and security awareness programs. I built up a global security awareness program, learning about cultural differences, financial budget constraints and measurement of success.
Moving on from the people-focused domain of insider threat, I worked on technology and processes for improving information security. At that time (2009/2010), ISO 27001 was just picking up in Europe. I supported clients on their journey to implementation and certification of robust Information Security Management Systems (ISMS).
Keeping pace with the growing information security of my clients and the advances in cybersecurity technologies in recent years, I turned my attention fully to Cyber Security. Today I consult for clients on their cyber defence strategies, SOC evaluation and implementation and reviews of their current cybersecurity posture.
Cyber is an ever-evolving domain which sparks new and challenging discussions every day. It demands an interdisciplinary approach: just as attackers don’t have fixed job profiles, neither do those in the front lines of the cybersecurity profession. I love to follow the latest research and discover the knowledge behind new cyber concepts.
Are you protected?
Your business, your data and your information are under attack. You have to be prepared. You could loose this digital war without a professional cyber security strategy.