Daniela is 35 years old, born and raised in Portugal and actually ended up in cybersecurity by accident! She graduated and then completed her Master’s in Communication and Cultural Studies, eventually coming to work for a UK financial company, where she moved from the Commercial side to Compliance. Her journey afterwards from Compliance Officer to Information Security felt like a natural step. She then went on to build up her knowledge in Security throughout and has been in the Netherlands for two years now as a Business Information Security Officer.
What are your main security concerns and what are you prioritising at the moment?
Preventing the illusion of control and becoming faster in adapting. We always think that we are pretty much in control; the context we are going through proves us otherwise. We need to adapt fast while making sure we do not ignore or underestimate the increasing risk landscape. It is hard but we need to accept the harsh truth: the “new normal” brings us a new way of seeing the world. And how the world sees us. The cybercriminals got that very quickly and took advantage of the current climate before we could say “lockdown”.
What have been the biggest challenges around COVID-19 for your organisation? And, how are you addressing them?
For challenges I would pick leveraging remote capabilities and maintaining asset visibility. We were suddenly forced to change the way we work, to support an operation carried out from our homes, assisting those who have to be in the front lines. The working from home concept brings a false sense of security, with a scenario of scattered resources, more prone to human error and social engineering than in an office-like environment.
I feel lucky, as the organization I work with started the digital transformation a while back. That helped us speeding up and keeping focus: listening to what the business needs and to help delivering it, securely.
That also means reminding the organization that security awareness is more critical than before, at the same time that we need to cover third party, asset and change management and so on.
What is your advice on balancing security and digitalisation?
Always listen to the organization and walk alongside the journey, not against it. If Security plays an opponent and controlling role, projects will continue anyway, without risks being addressed; It is a battle you will lose from the start. Engage with all parties involved and show how you may be able to help, such as by advertising the quick wins of security controls that may be implemented right at the beginning of each project. For that reason, I like working closely with the Procurement and Project functions to immediately understand the risk landscape and how and with whom to tackle it.
What do the next 5 years hold for your industry?
It would be easier to answer that question two years ago… I foresee creativity in reinventing the industry, and different concepts of resilience and sustainability. I also foresee a high dependency on IoT, which will keep us very busy security-wise.
Daniela will be joining us on March 2nd in the European segment of Cyber World Congress with her expert Presentation: The Future of Cybersecurity Training is Immersive at 11:25 GMT. Join her live or for 30-days post-event for leading insights on security awareness training in the remote-work era!
Listen to Daniela and the rest of our expert speaker line-up by securing a complimentary* pass with code: CARNEXT at checkout.
*Offer eligible for end-users only. Vendors and consultants are welcome to purchase a Vendor-Delegate pass online!
