The IT Security Guru’s Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability.
This year, the awards are sponsored by KPMG and Beazley.
I’m responsible for all aspects of cyber security and information governance across Urenco’s operations in 5 countries. Urenco provides Uranium enrichment services and nuclear fuel products for power generation. The technology it operates is valuable, protected technology under nuclear non-proliferation agreements and is highly regulated.
As CISO, I have built a new function and a small team delivering both business-as-usual security operations and also an extensive improvement programme that will raise the bar on Urenco’s InfoSec capabilities.  I’ve worked closely with the four government regulators and also with the intelligence agencies to understand and respond to the increasing threat to our critical national infrastructure. We partner with business teams to develop the business, ensuring new initiatives are secure by design.
The CISO role at Urenco is a broad role. In addition to protecting the internet-facing business IT networks, there are extensive regulated OT plant environments with legacy technologies. Information Governance plays a large part in the role. Both in ensuring correct information handling when collaborating with classified and export-controlled information, and also delivering the compliance activities under GDPR.
My career started in engineering and progressed into IT working for GSK for 16 years in a variety of IT roles. I completed a 3-year global assignment in Asia with GSK and on returning to the UK 10 years ago, took a programme and project portfolio role. One of the programmes in that portfolio was the new Information Protection programme and I moved into the programme lead role. I had no experience in information security at that time, but had a reputation for delivery and understood the business operating model.  
The programme expanded rapidly growing to a £100m programme deploying to over 100 countries. I structured the programme and built the execution capability needed to deliver this large transformation programme. In doing so, I fell in love with cyber security – a niche subject area allowing for technical depth while still allowing the variety of working with all business areas.
By the time the new permanent CISO was recruited 2 years later, I knew I wanted to work in cyber security. I agreed to stay on to run the programme on the basis that GSK would sponsor my master’s degree in Information Security at Royal Holloway. I graduated with Distinction in 2016 and continued to lead GSK’s programme consolidating the theory from university with the practice of implementation. In 2018, my mentors indicated that I was ready for my first CISO role and I moved to Urenco in July 2018.
The isolation that I feel as a female CISO. Often as a CISO, you are the lone voice raising risks to people who sometimes don’t want to hear them. Working in such a male-dominated industry, my voice is not only the lone voice but also a different female voice. Personal resilience and internal strength are essential to my success. These are built through a network of friends and mentors who support me and build my confidence.
Diversity starts at home, and to have diversity, you must create an inclusive working environment where everyone can thrive and fulfil their potential. I believe in leading by example, building a diverse team – both in thinking and also other aspects of diversity such as gender, ethnicity and disability.
I have mentored a number of amazing women over the past decades. Since moving into cyber security, I have supported many ‘Women in Security’ initiatives – speaking at networking events and sharing my experiences and lessons learned. Openly sharing my mistakes in the hope that the next generation of women in cyber security will be able to avoid them!
I developed a case study on how to build a gender-diverse information security programme which I presented at ISF Congress.
Most importantly, I continue to work in a highly technical environment, in the male-dominated nuclear industry, being a visible female leader. I lead the CISO working group for the UK civil nuclear sector and I am a member of the Cyber Security Oversight Group (run by BEIS).
Don’t let anyone stop you from fulfilling your potential and achieving your goals.  Surround yourselves with a network of strong women who you can turn to when things get tough. A network that will build your confidence when others seek to knock it down.
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

You May Also Like