Head of Cyber Security & Privacy
What does your role as Head of Cyber Security & Privacy involve?
The purpose of my role is to manage all things related to cyber security and privacy for Willow. This means ensuring the organisation itself is safe from cyber threats and also making sure we develop applications and products that are inherently secure.
When it comes to privacy, the team works as an advocate of the customers and people who interact with our systems to ensure that their personal information and data is not only protected, but also handled appropriately. We aim to uphold the individuals’ right to privacy and ensure we do so as transparently as possible.
Most of my time is focused on ensuring that Willow has a world class cyber security and privacy team, with robust processes and practices in place.
What were you doing before joining Willow?
Cyber security has always been an area of passion for me and I’ve spent most of my career working in the cyber security space. After starting off in the world of IT systems administration, I worked for Deloitte as a Risk and Cyber Security Consultant before moving to a smaller consulting firm. My last role before Willow was Head of Cyber Security at Prospa, an ASX listed fintech company that provides small business loans to Australian and New Zealand businesses.
Outside of work I try to stay quite active and really enjoy spending time out and about. My favourite pastimes of late including trying new cuisines (I’m an ex-food blogger), globetrotting to new destinations and competitive sailing.
How did you become involved in cyber security?
I’ve always had a keen interest in cyber security, but in some ways, I was in the right place at the right time when cyber security started becoming a very hot topic over the past few years. I initially made the move from IT systems administration into technology risk and technology audit, which gave me exposure to the world of cyber security and ultimately the place where I ended up and still remain.
What are some key things you learned about cyber security in your previous experience?
There are three things I always like to talk about when it comes to cyber security:
Cyber security is a very fine balance between risk and reward. The objective of a cyber security team should be to enable the business to operate confidently and safely by providing a protected environment to work within. The level of protection needs to be applied in accordance to risk, as each layer of security can impact on productivity and may ultimately cost the organisation more than what it protects.
Secondly, security starts with the employees. We’ve seen time and time again that the weakest point in corporate security are the people, and security awareness and culture is a huge part of any successful cyber security practice. Scam phishing emails are as prevalent as ever and tend to be the most common source of security breaches.
Finally, no company is every immune to a cyber incident. This has been very evident over the past few years with many high-profile cyber security breaches affecting companies of all sizes and sectors; ranging from health to large banks with huge security teams. It’s important that you never let your guard down and that you are prepared for an incident.
Why did you join Willow?
The opportunity to be a part of a global growth company that is laser-focused on changing the way we interact with the built world around us for the better. This alone was too exciting an opportunity to turn down and I can’t wait to see the impact that Willow can make on buildings and infrastructure all around the world, many of which I’m sure we have not even yet imagined.
What are you most excited for at Willow?
The opportunity to see a whole new category of technology solutions be developed and integrated into practical applications around the world is super exciting. I also look forward to the challenge that I will need to face in ensuring that these new solutions are secure.