Meet our Women in Cyber
Rosena Duncanson: Senior Manager, Risk Advisory - Bahamas
“Security is everyone’s responsibility, women included!”
Cyber Security has become one of the most popular and fast-developing fields in technology across the globe to date. Women currently make up 20% of the world’s population of Cyber professionals. Globally, Deloitte has been collaborating with clients and member firms to promote gender diversity in the Cyber Security industry and working towards closing the gap. Deloitte is working towards equal opportunity in Cyber roles, with over half of our Women in Cyber team across the Caribbean and Bermuda region having diverse roles at a leadership level.
Read Rosena's profile below to learn more about the Women in Cyber, the roles she plays at Deloitte, and how she is making an impact in the Cyber industry right now.
How did you get involved in Cyber Security?
I have always had an interest in how applications function and how they are developed, which led to me to obtain my bachelor’s degree in Computer Science. As an Information Technology Auditor, I acquired a better appreciation for the risk my clients faced and aided them to identify security gaps, to create a stronger control environment within the organization. As dependency for technology increased, this opened new risks for my clients. Ensuring I had the tools to support, train and assess my clients’ cyber risks, opened the door for my involvement.
How long have you been in Cyber? What developments have you seen over that course of time?
When I joined Deloitte in 2008, I was able to see cyber in action over the years. During 2017, I obtained the Certified Information System Security Professional Designation (CISSP) and in 2020, acquired a Master of Business Administration with a Specialty in Cyber Security. As my educational goals were achieved, I was able to support non-technical clients and community members to understand cyber security and to appreciate the necessity for cyber training at all levels.
In the earlier years, cyber was truly overlooked. It was an area that only information technology professionals were responsible for and it was not appropriately funded. Since then, more attention has been given to cyber especially as businesses have been directly impacted by cyber breaches or have watched similar organizations highlighted publicly for security breaches. Regulations have also been put in place to put more focus on the protection of personally identifiable information and increased the need for more levels of business to get involved in cyber.
What trends do you expect to see in Cyber over the next ten years?
The cyber-attacks have already increased in sophistication. If you look at phishing emails today, determining the level of authenticity requires more training and vigilance to identify. The persons who receive these emails are rarely security professionals, but the results could be detrimental to the entire business. Phishing emails are just one of the things that will require tighter vigilance. Quantum computing is a trend that will bring a different level of security needs, as the current cryptography we know today will require a significant boost to protect data. To brace for these potential attacks, businesses will need to increase cyber monitoring to detect security breaches and respond as quickly as possible.
What are the most challenging aspects of your role?
The most challenging aspects of my role is still the lack of attention given to cyber preparation. Reactive approaches are still prominent, and business are left in a panic when a breach does occur. Governance bodies may not always have sufficient expertise to advise on the business’ cyber needs and therefore contribute to the lack of attention cyber receives.
Why should more women consider a role in Cyber?
As we’ve seen, cyber is in just about everything. We see it in how businesses support their customers and staff, and in how persons share information with one another around the world. Consider how the entire world has shifted to utilize more virtual workspaces in 2020. The need to protect information requires more resources to support cyber security at all levels. More women should consider a role in cyber to aid in filling the skills gap, and to increase the ratio of women holding key cyber roles. In addition, as businesses evolve to incorporate cyber into more of their operations, women must ensure that they are capable to evolve into these new roles as they are created.