Intelligent CISO Issue 55 - Page 72

GO PHISH
Consistently , companies are struggling to find the talent they need to increase depth on their bench with turnover high and people leaving the industry for good .

GO PHISH

the virtualisation layer to automate many routine security functions and can do runtime security with VMware Carbon Black for modern apps .
How do you deal with stress and unwind outside the office ?
I recently restored my grandmother ’ s cabinet grand piano from 1900 and took up playing piano again in earnest . I used to play a lot when I was younger and it truly brings me joy and relaxes me . Another way I like to unwind is by going for walks barefoot in the grass with my husband and dog by my side .
If you could go back and change one career decision what would it be ?
I don ’ t like to think about what I would ’ ve done differently , although I wish I recognised the value in connecting with other people sooner . In my earlier days , I struggled to balance work with making time to speak with those around me – both in and outside of work – which is part of the reason I became a Chaplain . The role required me to deeply connect with people in a way that I never had time to do at work .
What do you currently identify as the major areas of investment in the cybersecurity industry ?
The number one investment area right now must be in people – particularly given the talent shortage our industry faces . Consistently , companies are struggling to find the talent they need to increase depth on their bench with turnover high and people leaving the industry for good . We know that one mistake can be costly in retaining talent , so greater investment in mental health and wellness is necessary to help frontline defenders perform at their optimum .
Are there any differences in the way cybersecurity challenges need to be tackled in the different regions ?
I believe in simplicity . I ’ ve demonstrated in my own career that when you take an approach that is risk-based or outcome-based from the top down , it simplifies the strategy and is easier for teams to understand . A clear , riskbased , outcome-based approach is

Consistently , companies are struggling to find the talent they need to increase depth on their bench with turnover high and people leaving the industry for good .

essential to a cybersecurity unit , no matter the location .
What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months ?
We ’ re working hard to support all field teams with their accounts who have an interest in security , to make sure they have access to the correct data to help inform better decision-making . Having the right conversations with our customers , namely face-to-face ones , will be high on our agenda in the next 12 months . CISO relationships really need to be maintained in-person , so getting in front of the community is key .
What advice would you offer somebody aspiring to obtain a C-level position in the security industry ?
I was once told by a manager that I should add that I aspired to be a director in my company performance plan . Sure enough , my director called me out on this , but to say that he didn ’ t care what role I wanted . He inspired me to think about what I actually wanted to accomplish and how I was going to make it happen . That ’ s the thinking I would encourage for today ’ s budding CISOs . u
72 www . intelligentciso . com