Meet our Women in Cyber
Alexandra Forssell, Risk Advisory Director
"Cyber is fun! I hope together we can build a community of Cyber leaders and future Women in Cyber!"
Cyber Security has become one of the most popular and fast-developing fields in technology across the globe to date. Women currently make up 20% of the world’s population of Cyber professionals. Globally, Deloitte has been collaborating with clients and member firms to promote gender diversity in the Cyber Security industry and working towards closing the gap. The Cayman Islands firm is a leading example as to how Deloitte is working towards equal opportunity in Cyber roles, with over half of their Women in Cyber team having diverse roles at a leadership level.
Read Alexandra's profile below to learn more about the Cayman Islands Women in Cyber, the roles she plays at Deloitte, and how she is making an impact in the Cyber industry right now.
How did you get involved in Cyber Security?
I have a technical background in computer science and software engineering and studied cybersecurity as part of my Masters. In my past experience as a General Director of a software development company, I worked with my security team to ensure existence of appropriate controls on the infrastructure, software, and policy levels. However, my direct professional involvement in a security role started when I joined Deloitte and became a coordinator and then manager of our (now ISO 27001 certified) Deloitte Resilience Center (DRC) and started to work closely with Andrew Douglas (now Managing Director at Deloitte US practice) and Wayne Green. I still remain an Information Security Manager for the DRC. And I got so inspired that I decided to pursue a PhD in Information assurance and security.
How long have you been in Cyber? What developments have you seen over that course of time?
I have worked at Deloitte in a security role from 2010 and helped our Risk Advisory Partner Taron Jackman to formally launch Cyber practice in Cayman in 2014 and in the Caribbean and Bermuda region in 2015. It was a fun and engaging experience as we saw the practice growing from a traditional Secure services to proving a full storefront of services that include the services for: Cyber Strategy (e.g., Cyber governance and strategy implementation), Secure (e.g., security and privacy assessments through controls review, pen testing), Vigilant (e.g., Cyber Security Operating Center, threat intelligence), and Resilient (e.g., Cyber Incident Response simulations) pillars of Cyber. I have also observed increased collaboration with forensics.
As for the Cyber trends, I would emphasize the complexity. One side of complexity comes from greater sophistication of attacks. I would not say attackers - although some cybercriminals are highly skilled and extremely well resources, attacks could come from someone simply purchasing ransomware as a service. Cybercrime has unfortunately became a very lucrative business. Another side is regulatory landscape complexity. Depending on the jurisdiction, organizations may be looking at 30+ different legal frameworks they need to comply with for security and data protection. The third big challenge is talent. Recent research shows that 200,000 Cyber jobs are unfilled in the United States alone. I hope having Women in Cyber will help with this last challenge.
What trends do you expect to see in Cyber over the next 10 years?
I expect the next 10 years to be an interesting Cyber ride. I expect the mentality change from organizations seeing Cyber as something scary to seeing Cyber as an enabler to their business and a competitive advantage. I would also see challenges on Talent to continue but shift in nature. Some process (such as monitoring) will be automated by AI but the need for new Talent will grow. In fact, it is expected that 3.5 million cybersecurity jobs unfilled by 2021.
What are the most challenging aspects of your role?
Not enough hours in a day. On a practical side, we get called to assist clients with cybersecurity incidents and those projects are very time sensitive. It is expected that we mobilise in less than 24 hours so sometimes I feel like I work with a team of superheroes. The Cyber landscape is also constantly evolving - be it new regulations or new cyber actors or new technologies presenting a risk or a solution.
Why should more women consider a role in Cyber?
Cyber security has become one of the hottest and fastest-growing fields in technology across the globe today. Despite the continuous growth in cyber security spending and opportunities, women's representation in the cyber workforce remains low - even more so than in IT. Globally, the % of women working in Cyber has risen from 11% (2013) to 20% in 2019, however this is still too low. This is against a backdrop of a growing skills shortage in cyber. One way that organisations can begin to bridge this gap is to encourage more women in to cyber security; another is to offer them equal opportunity to rise to senior leadership roles. Women bring diversity that could benefit organizations. Companies in the top quartile for gender diversity outperform their peers by 15%. And Cyber is fun! I hope together we can build a community of Cyber leaders and future Women in Cyber!