Throughout 2020, this mini-series will interview leaders from around the globe to discuss areas of cybersecurity. The purpose is to help students and those new to the industry gain perspective and guidance from professionals in the field. These interview insights aim to kick-start or re-energise your career journey in cybersecurity.
In this month’s feature, Dave Burg, Americas Cybersecurity Leader at EY, shares his story about:
“I started my career in the healthcare industry where I developed complex data analytics using structured query language. I was then hired into Big 4 consultancy because of this skill where I began to support large corporate investigations. This led to more work with an inter-firm cybersecurity unit where I was pulled into substantial cybersecurity intrusions. We would perform our investigations and build trust with our client. Through this trust we would be asked to fix what we had found. This pattern enabled our team to establish a new, large-scale cybersecurity investigation business unit. These early career successes led to numerous leadership opportunities where I have had the opportunity to teach and mentor others to achieve their own personal and professional aspirations.” These are his insights. What drives your passion for cybersecurity? “I am driven by a desire to find new ways to solve complex business problems and to produce significant value for our clients. This challenge and associated opportunities are extremely rewarding and satisfying. I am excited about our ability to innovate at such a rapid pace. How we can leverage our innovations to solve for enterprise-wide business issues with our cybersecurity teams or in conjunction with our other firm-wide capabilities.” Who has inspired you during your career? What about each was so motivating? “When I was in the healthcare industry there was an incredibly intelligent Chief Financial Officer who ran a multi-billion dollar entity. I was inspired by his tremendous work ethic and his ability to seamlessly drill-down into any issue by asking smart questions. It was like watching someone with their mind peel away layers of an onion to identify the core of the problem. He once used this technique to help us solve a difficult technical problem and was stunning to watch unfold. This was an individual without a technical background that could effortlessly solve a tough problem by intelligently dissecting the issue. Others whom have been inspirational throughout my career were leaders that trusted their people. They would provide opportunities with a wide-array of latitude to allow for their teams to grow at a tremendous rate. With this freedom, I expanded my skill set at a much faster rate than had I been bound by stronger governance and controls. These have been the two types of leaders that have shaped who I am today.” What cybersecurity challenges we should be solving today for a better tomorrow? “Every organisation should be evaluating the cybersecurity and privacy implications of their products and or services. Embedding necessary components from the outset to help better secure the businesses of tomorrow. We see this happening more frequently as this takes an intelligent approach to strategically manage risk to the next level. Embedding capabilities that natively deliver on a company’s promise when they provide a product or a service to the market where cybersecurity and privacy are assumed to be strong and inherent. This is the pledge of the future for organisations to build products and provide services that naturally and efficiently deliver on that inherent promise.” What are your thoughts on legislative policies and regulatory requirements that may impact the resilience of cybersecurity? “We continue to watch regulation spin up around resilience. They are unbelievably important and are the most significant manoeuvre from a law or regulation perspective that we have ever seen in cybersecurity. The days of Payment Card Industry (PCI), Personally Identifiable Information (PII) or Intellectual Property (IP) theft as the grave concern are behind us. While still present, these concerns pale in comparison to business interruptions. The beauty of pushing resilience will create far more capable use and adoption of technologies that are designed from the outset to more easily adapt to massive outages. There are companies like Netflix that have leveraged this principle for years. One of the many reasons why their service delivery is so exceptional from anywhere around the world. They engineered their back-end as highly resilient and adaptive to dynamic situations inside their infrastructure. This is incredibly important and an exciting business opportunity for all cybersecurity professionals.” What advice would you give to your younger self when searching for cybersecurity opportunities? “Had I known I was going into cybersecurity I may have considered other subject areas. I would have studied veraciously and taken the vast array of business, technical and cybersecurity educational opportunities available more seriously. I would urge myself to never, ever stop studying. Never stop learning, reading and exploring. For students and professionals interested in cybersecurity, we have a great career ahead of us. We are in an extremely important and excitingly dynamic space. Our learning will never end as the importance of cybersecurity only continues to accelerate.” Cybersecurity is intriguing, in-demand by the market and considered as an excellent career starter. Please be on the lookout for next month’s issue of Decoding Cybersecurity: Interview Insights with Leaders as the journey continues.
0 Comments
Leave a Reply. |
AuthorElliot is a Senior Manager in the EY Cybersecurity practice. Elliot enables organizations to build in risk thinking from the onset, enhancing global innovation with confidence. He leads global teams to reduce response times and minimize the impact of security incidents by building and operating mature security, logging, monitoring, alerting, and incident response practices. He successfully led response to and recovery from complex security incidents, such as data exposures, third party compromises, and vulnerability exposures, by coordinating across large enterprises through effective incident response procedures to minimize business impact. Archives
April 2020
Categories |