Fending off increasingly sophisticated attacks
It was by chance that founder and manager of Popcorn Training Anna Collard found herself as a woman in the information security domain. She was offered three topics to write her thesis on while working at Siemens, in her last year of studies, in 2001. These where 'mobility', 'CRM' and 'information security'. She says that it was fortunate for her that she chose cyber or information security as it is such a diverse field that is constantly changing and requires ongoing learning.
She deals mainly in information security in the financial sector because it has always been an attractive target for cyber criminals and as a result financial institutions take a more proactive stance towards security than some other industries. On the other hand, however, a lot of them, specifically the banks, have been around for a long time and face challenges that come with legacy environments as well as trying to secure large organisations.
The biggest challenges Collard is faced with on a daily basis are keeping up with the increased level of sophistication of attacks and finding ways to stay creative and innovative to address the human factor.
However, she says she enjoys the diversity of cyber security, with the scope of her job ranging from technology stacks (i.e. Web-applications, mobile, networking etc) and understanding the workings of organised crime, to learning about the psychological levers used in social engineering tactics.
This means that she can dip into learning about the Dark Web one day and reading how micro-facial expressions can be abused by con-artists the next. As a business owner, there a many aspects of her job that are not security-related and can be quite dull, such as admin, which takes time away from what she really enjoys.
In order to stay ahead in a cutting-edge industry, and as one of very few women who have made it to management level in the cyber security sector, she looks to her peers who share interesting insights on LinkedIn. She has also joined various private security groups on LinkedIn and Facebook.
"I look at what my peers share on LinkedIn; join various private security groups on both LinkedIn and Facebook, subscribe to security lists, read related blogs such as Brian Krebs, Dark Reading and SC Magazine. I also listen to podcasts when driving, and do ad-hoc research about specific topics when needed and read related books."
Her advice to a budding security professional is: "Be a scholar all your life and foster your curiosity".
We asked Collard for where the role of the cyber professional is headed, whether she expects changes, and what they might be?
Collard thinks the industry requires skills faster than the traditional education sector can provide, so it's all about finding people with the right attitude and giving them the environment to grow in. She believes that a willingness to learn and do it quickly, a strong sense of curiosity, problem-solving skills and ability to find, think and apply knowledge across many different domains will stand you in good stead.
She also firmly believes the industry needs to join forces to provide training and education and job opportunities for new starters.
We asked Collard what she thinks of as a career-defining moment and what lesson she has had to learn the hard way?
She says when she presented her dream of creating animated stories that make security easy to understand by end users to Old Mutual, they believed enough in the idea to bring it to fruition. Challenges or obstacles are part of business and life in general and even though it's tough while you are in the thick of it, in retrospect she feels that one always comes out the other end stronger or wiser for having gone through them.
We asked if she any hidden talents, and who she most admires?
"I'm not sure if it can be called a talent, but I really enjoy drawing and used to do a lot of painting (acrylics, oil) before I became a mum and business owner. I most admire Elon Musk in business for his visionary drive and achievements which are out of this world."
Meet Anna Collard at ITWeb's Security in Finance Forum in November 2016. She will tackle the subject of the human shield - experiences and challenges drawn from security and awareness programmes in a federated environment.