I’m thrilled to join an exclusive cybersecurity investment community – Cyber Club London . CCL is a group of cybersecurity experts and leaders who have access to new and innovative early-stage startups, the opportunity to invest in them privately, and use their expertise and connections to help these startups succeed.
The community was established to provide a platform where cybersecurity leaders, executives, startups, and venture capitalists can share knowledge and work together to invest in promising early-stage companies. This closely aligns to my goals of contributing to the community and helping ventures thrive in the cyber space, serving as a Board Advisor and Non-Executive Director.
I am excited to be recognised as one of the Top 10 Cybersecurity Leaders in Australia driving innovation and demonstrating business value. Although relatively new to Australia, I had the opportunity to use my global experience to address key cybersecurity challenges within the Financial Services sector.
A massive thank you to my team – it’s a privilege to lead such high performing and dedicated individuals and be able to build a cutting-edge cyber capability. Congratulations to all the award winners!
It’s widely understood that cybersecurity should support the business – it’s a common theme of this blog. However, it’s often difficult to achieve true alignment without understanding the business context, priorities and challenges and being able to communicate in the language of business stakeholders.
I decided to enrol to the Master of Business Administration (Executive) degree to broaden my knowledge and enhance my strategic thinking to better serve organisations. Developing my skills in finance, leadership, strategy and innovation will help equip me to better understand current challenges and make a positive, lasting impact. The Australian Graduate School of Management (AGSM) program at the University of New South Wales will help me learn about the latest business practices and how to effectively apply them to add value to the business.
I have a strong technical background and analytical skills and I look to build on this foundation to enhance my contribution to the C-Suite. Throughout my career I’ve worked in consulting, corporate and startup organisations; my understanding of challenges and opportunities of both large corporations and nimble startups globally will bring a unique perspective to the AGSM community. I can also leverage my extensive professional network around the world to support fellow Executive MBA candidates and alumni.
I’ll be writing about my experience and learning in this blog, so stay tuned for more updates on how cybersecurity practices can be aligned to wider business strategy and objectives.
I recently completed a six week secondment, working in an Aboriginal community organisation on the Far West Coast of South Australia. I had the privilege to listen, learn and understand some of the challenges faced by Indigenous communities across Australia and apply my skills to contribute to their long-term success.
Transferring my knowledge and skills to these communities was a very enriching experience both personally and professionally and something I would like to continue being involved with in the future.
In this blog I would like to summarise my experience participating in this Jawun secondment.
I had an opportunity to follow the Lean Silver Belt pathway of Cardiff University’s Lean Competency System and work with a coach to deliver measurable business process improvement in the workplace. This resulted in significant cost savings for the business and was supported by the official accreditation.
A lot of it is to do with the mindset: spotting inefficiencies, eliminating waste and continuous improvement are at the core of the approach. It’s also about applying these concepts and techniques to real world challenges.
Reference Architectures; Why, What and How, Architecting Forum
While working as a consultant, I had an opportunity to serve as an Interim Head of Enterprise Architecture for one of the banks in the Middle East. The objective was to set up an Enterprise Architecture function at the company and demonstrate its benefits. It was a rare chance to build a capability from the ground up and I wanted to share some of my learnings in this blog. I hope this will help people looking for their next opportunity.
Scaled Agile Framework (SAFe) provides a way for the entire organisation to work in an agile way, not only software engineers. Security professionals, lawyers, compliance specialists and procurement teams are encouraged to engage in sprints (or ‘iterations’) too. You don’t have to write code to participate in a retrospective.
I recently had an opportunity to apply some of the Agile practices in my latest cyber security projects while going through formal Leading SAFe training at work.
Many ideas are not new, especially if you worked with Scrum previously, but they don’t have to be in order to be effective. The framework serves more as a collection of principles and a menu of techniques that can be used to transform large organisations that have ‘always done things that way’.
Over the years I’ve had the opportunity to acquire multiple professional certifications in cloud security, project management, industrial control systems security, data privacy, architecture and more.
Passing an exam, of course, doesn’t make you an expert: a credential itself doesn’t always guarantee skill. However, I found the process of studying for one rewarding in itself.
It helps structure your existing knowledge and learn a few new things that you could’ve otherwise missed along the way. Combining your prior practical skills with some of the good practices at the heart of these certification paths also allows for continuous improvement.
I write about how to pass some of these exams on this site, so feel free to get in touch if you would like to discuss my preparation strategies and exam tips.
Asset management is often regarded as the foundation of a security programme. You can’t protect something that you don’t know you have. This extends beyond internal systems to your organisation’s partners. Depending on the line of business, supply chains can get increasingly complex. They include vendors, manufacturers, retailers and distributors in multiple geographies and regulatory regimes. Securing such a network is no easy task and should start with visibility and careful risk management.
I previously wrote about the complexity of communication and the multi-faceted nature of the CISO role. Combining these perspectives, I would like to give an overview of what a communication strategy might look like for a security leader.