Throughout 2019, this mini-series will interview leaders from around the globe to discuss areas of cybersecurity. The purpose is to help students and those new to the industry gain perspective and guidance from professionals in the field. These interview insights aim to kick-start or re-energise your career journey in cybersecurity.
In this September edition, Anthony Robinson, Oceania Cybersecurity Leader at EY, shares his story about:
“I always found myself enamoured with solving complex business problems that have never-before-been addressed or attempted. Early in my career, I would piece together cybersecurity elements to help create an appropriate solution. Today, I help Chief Information Security Officers (CISOs) and their management teams better:
These are his insights. What aspect of cybersecurity concerns you the most? “Understanding normal versus abnormal behaviour. Our biggest challenge is to improve our ability to sense when something is wrong before our adversaries are aware we detected and contained their movements. Working in cybersecurity has always been about defining and deploying controls with appropriate measures to counter threat actors. We continue to engage with clients who believe they have not experienced a large-scale cybersecurity incident…until they do. This consistent inability to sense when something is wrong is worrisome. We often see this pendulum for an organisation shifting quickly from generally-speaking:
Misguided investment. We invest in technology and continue to misunderstand how this will mitigate our risk. We often do not have the structure or discipline to link investment to risk reduction. We invest in technology because our:
How have you evaluated professional opportunities throughout your career? How has this changed over time? “Learning. I am going backwards if I am not continually learning, pushing myself or being challenged by others. With learning comes personal and professional development along with growth. For each opportunity I may ask:
People and mentorship. After a long, memorable and exciting 18-year career with my first firm, I moved on and into my current role as the Oceania Cybersecurity Leader at EY. This provided new learning opportunities to share knowledge and experiences gained throughout my career with our clients and our people. I am most satisfied when I have an opportunity to share an experience with our people, which provides them with tools to act on new knowledge and reap the benefits. We are a people-first organisation because without our people we do not have a business. Experiences and growth. My wife and I had an opportunity to transition from Australia to the United Kingdom and travel the world early in my career. We place a high-value on global experiences because of the unique perspective they provide that support our personal development. As we progressed in our careers we made the decision to return and watch our family grow up in Australia. When we evaluated opportunities we often looked at how they help us attain personal experiences and balance this with the professional growth opportunities to make the best life decision for our family.” What fuels your passion? Why do you do what you do? “Strive for excellence. I am quite competitive and like to win. I tell our people we should aim to create the best cybersecurity team in Australia. I want our teams to strive for excellence and be the best. This drive to be excellent is part inherent and part learnt. Over my career, I have seen what happens when you lack the determination and perseverance to achieve excellence – you do an average job with a trickle-down effect to the business. I want our people and our teams to always feel proud of our accomplishments and achievements.” How would you suggest others new to the field get involved? “Have patience. Early in my career I remember thinking ‘I want to be a Chief Executive Officer by the time I was 25’. While not impossible, it is difficult to have the perspective necessary to set yourself, and your teams, up for long-term success. If we apply this view to cybersecurity and survey non-IT leaders, they may say cybersecurity is niche and narrow; however, there is so much to learn and absorb across the domains. No one cybersecurity domain is more important than the other and can be challenging to obtain this knowledge without experience in the field. Prioritise your interests. Do not search for that perfect opportunity. Rather, spend the time and energy developing and striving for excellence in your areas of interest. You may find your areas of interest change over time, or that you deep-dive into a subject matter to continue to satisfy your curiosity. Stay flexible. I see some graduates and professionals with rigid career plans that often miss out on ‘once-in-a-lifetime’ opportunities. To be successful and effective is to make the most of every opportunity. Whatever you do early in your career you will gain invaluable experiences and learnings. You may experience challenges with a hard project, difficult client or working in a new area. This may create a level of discomfort but be prepared for this! We often learn most when we find ourselves in these demanding positions. Perform post-reflection exercises and ask internally about the key takeaway – we are often surprised with a sense of satisfaction and accomplishment for what we had achieved through these strenuous times. Be adaptable and resilient. Be comfortable not having all the answers. In some cybersecurity roles we are expected to have this knowledge to operate autonomously as the front-line defender. There are many other roles where we may not know everything about our client, their concern or a potential solution. We work in teams of experts with a wide-array of experiences to learn about their industry, to help define the root cause and to support the development of solutions that support our clients. We are customer-focused as consultants. We must quickly define needs and adapt how we operate based a client’s sector to be successful.” Cybersecurity is intriguing, in-demand and considered as an excellent career starter. Please be on the lookout for next month’s issue of Decoding Cybersecurity: Interview Insights with Leaders as the journey continues.
0 Comments
|
AuthorElliot is a Senior Manager in the EY Cybersecurity practice. Elliot enables organizations to build in risk thinking from the onset, enhancing global innovation with confidence. He leads global teams to reduce response times and minimize the impact of security incidents by building and operating mature security, logging, monitoring, alerting, and incident response practices. He successfully led response to and recovery from complex security incidents, such as data exposures, third party compromises, and vulnerability exposures, by coordinating across large enterprises through effective incident response procedures to minimize business impact. Archives
April 2020
Categories |