Journeys to cyber security - what does it take?

Some of our brightest cyber security minds jump-started their career without a computer science degree. Instead, they were armed with a curious mind, an affinity and passion for the subject and the ability to easily adapt to new situations. When asked why they chose Deloitte and what inspires them about their profession, this is what they had to say:

Ines Fichtinger, Manager, Vigilance and Resilience, Cyber Risk Services

Looking back, my fascination with technology started at an early age when I built my first computer, and we received our first internet connection at home. I soon started playing computer games and participating in LAN parties, where we had to set up and troubleshoot our local network to be able to play. Back then, the security of these networks was only an afterthought and computers were notoriously unsafe, but the main objective was to get them working.

Although I was passionate about technology, I initially pursued a degree in Economics. Fortunately, with the encouragement of my friends and a stroke of luck, I switched to Management Information Systems, where I specialized in Cyber Security for my bachelor’s and master's degrees. Currently, I focus on helping clients build their Cyber Defence capabilities to be able to detect and timely respond to cyber-attacks. It is incredibly rewarding to help protect our clients from ever-evolving threats.

I believe that Cyber is one of the most exciting and dynamic fields to work in. The field is constantly advancing, and every organization requires a customized approach to Cyber. But what I love most about Cyber is that it is not just about technology, it’s also about the human element. Bridging the gap between business and IT is a critical component of Cyber Security, and effective communication with stakeholders is essential.

To anyone considering joining the field, my advice is to stay curious, become a generalist before becoming a specialist, and not be afraid to dive in. We have a diverse set of professionals working in Cyber, and it is that diversity that makes us a successful team.

Yuliia Sumovska, Consultant, Application Security, Cyber Risk Services

When I began my cybersecurity bachelor's degree, I was unsure if the field would really interest me and if I would pursue a career as a cybersecurity specialist in the end. While still studying my friend from university recommended a web application penetration testing training, and it completely changed my outlook. I felt passionate about pen-testing.

This training program inspired me to apply for a Junior Penetration Tester position in Kyiv, Ukraine, at Deloitte. I was ecstatic to join a company with a rich history such as Deloitte, as it represents the ideal launching pad for young, enthusiastic individuals like myself.

After finishing my bachelor's degree, I had to choose a new country to pursue further studies because of the Russian invasion of Ukraine. I found that Switzerland, and specifically ETH Zurich, was the best place for me to deepen my knowledge and improve my expertise in Cyber. Along with starting my education at ETH, I joined Deloitte’s Application Security team in Zurich, Switzerland as a Consultant.

After working here for two years, I realized that the experience was like hitting the jackpot. This opportunity afforded me an extraordinary breadth of experiences, enabling me to navigate unforeseeable challenges with ease, and work with highly qualified professionals who pushed me to improve my skills every day.

Chiara Kessler, Senior Consultant, Vigilance and Resilience, Cyber Risk Services

Growing up as a 'millennial', I remember doing homework on colourful floppy disks, buying my first CD (with cash!) and having endless conversations on MSN messenger. As a teenager, I was vaguely aware of the importance of firewalls, but the concept of cybersecurity only started capturing my interest during my studies. As a student of geopolitics, I realized the significance of balance-of-power dynamics both off- and online.

Although I took a cybersecurity course, I did not consider pursuing it as a career at first because I felt that I lacked technical skills. Instead, I focused on physical security and worked in Apple's crisis management team for several years, where I helped manage major crises, including COVID-19, terrorism, violent protests, and war.

Moving to Switzerland gave me the chance to transition towards cybersecurity. I was lucky to find an open-minded and supportive team at Deloitte’s cyber risk advisory practice, where I currently focus on resilience. Cybersecurity is an incredibly dynamic field that is becoming increasingly important for personal security, business security and national security. I believe that anyone can pursue a career in cybersecurity by adopting a growth mindset and treating challenge as an opportunity. I have found an exciting field where I can grow personally and professionally and make a positive societal impact.

Gabriela Billini, Senior Consultant, Vigilance and Resilience, Cyber Risk Services

It’s no secret that the last several years have been marked by uncertainty and growing instability. I had a front row seat to those global shifts in my previous role, conducting threat monitoring and managing crisis scenarios for private sector businesses with international interests. What marked me most were the fluctuations brought on by digitalisation and the growing convergence of cybersecurity and geopolitics. During this time, I realised that reading independently was not sufficient to fulfil my curiosity in cybersecurity, which is what brought me to apply for this role with Cyber Risk Services at Deloitte Switzerland.

The summit of working with the cyber team is how dynamic and energetic it is. Interests and areas of expertise vary extensively. The nature of the job requires that we follow and learn about the ever-shifting cyber field and share these learnings among our colleagues, making it an exceptional environment to grow and participate in.

Something that would shock many is that cyber is so much more diverse than technical expertise alone – there is room for a wide range of interests and skills. All it takes is finding a team that values your expertise and gives you the space to experiment and learn along the way.

Sian Batra, Senior Manager, Strategy and Transformation, Cyber Risk Services

I love working in cyber. Over the course of my career, I have had the privilege to work with fantastic colleagues and clients from whom I have not only learnt and been inspired, but also been challenged a lot.

I never thought I would end up in the field after studying International Relations and French, but I am so glad that I somewhat accidentally ended up here. When applying for a graduate scheme in the UK, I was sent a list of the different teams available before my final interview and remember thinking “hmm cyber security…that sounds interesting”. I have not looked back since. What I have done is found myself in a career where no two projects are the same, the people I work with come from all kinds of backgrounds and the experiences I have had as a result have enriched my day to day. If you are reading this and not sure whether you are right for a career in cyber – I say go for it as you never know until you try! There is no one profile for a cyber professional. Cyber is multi-dimensional and it is only when we all bring something to the problem that we will find the right solutions.

Magdalena Fink, Senior Consultant, Strategy and Transformation, Cyber Risk Services

My journey to cyber is unconventional to say the least. Already in high school I was torn between my fascination for the fashion industry and my interest in technology. I decided to follow my passion for the industry that I already knew and studied Global Brand and Fashion Management in Munich. Over the years, I became increasingly interested in technology.

Watching my friends become victims of Computer viruses, I decided to acquire a deeper technical understanding. I attended the MSc Information Technology programme at the University of St Andrews in Scotland, focusing on information security. Immediately, my gut feeling told me that cyber was the right choice for me.

I love working in cyber: companies but also individuals are constantly facing new challenges and I can help them to stay secure, support them to understand these new topics and have the opportunity to constantly learn and educate myself.

It is amazing to see what you can achieve in the cyber team – even with a slightly unconventional background - as long as you are curious and motivated to learn. I truly believe that our team is a great example of open culture and diversity. Whenever you face a challenge, you get the support that you need to master it.

Kate Wong, Manager, Cloud and Infrastructure Security, Cyber Risk Services

I began my career in IT Consulting in Hong Kong without a specific focus but was keen on exploring different roles and domains. It wasn’t until my third year of working that I got involved in Cloud Computing. At this point in time, we were already in the trend where many industries in the city saw significant Cloud adoption but most importantly: they rapidly recognised the benefits in using that technology. As my clients’ views were aligned with that, I started working on migrations to different Cloud service providers. While performing these engagements, I often wondered how security measures would change when a company, who was used to hold all their most important data in-house, had them residing to a third-party provider.

As more similar thoughts continued to draw my interest, I went down the rabbit hole and decided to naturally allocate more and more time, developing my knowledge on Cybersecurity – specifically on Cloud Security. Being in this industry, you are naturally challenged for growth and improvement since hackers don’t take time-off when you are on holiday. Here at Deloitte, I am very proud to be in a team of passionate mindsets. We continuously inspire confidence to each other, which in-turn, enables ourselves to deliver meaningful value to clients.

May Randall, Senior Consultant, Resilience and Vigilance, Cyber Risk Services

Coming from a non-technical, non-computing and definitely non-cyber background (I completed a BSc in Geology and an MSc in Management) I never thought I would end up working in Cyber. My journey into Cyber was somewhat serendipitous, starting in 2019 in the summer between my BSc and MSc, when I applied for an internship with Deloitte UK on the recommendation of a friend. Since I applied fairly late in the application window, I was not able to choose which service line I wanted to intern in: instead, I was automatically assigned to the one that had a place remaining – the Cyber practice!

During this time, I rotated around the different capabilities within Cyber (e.g. Incident Response, Data Privacy, Strategy, Application Security etc.) and also got my first experience working on an actual project for different energy clients around the UK. When my internship came to an end, I was interviewed for the conversion to the graduate scheme and so my journey with Deloitte continued, with my place secured for after I finished university.

Fast forward a year to September 2020 and I joined Deloitte full-time on their graduate scheme and became part of the Cyber Incident Response team. My day-to-day included helping on real-life incident response projects and providing training to clients to help them be better prepared to respond to cyber attacks; after all, it’s no longer a question of “if” but rather “when” regarding companies falling victim to a cyber attack.

After nearly two years in the UK team, I was able to transfer to the Swiss Cyber practice where I now sit in the Resilience and Vigilance team. In both the UK and Switzerland, it has been the team and the people I work with that has really stood out for me. I have worked on challenging projects, but there is always help when you need it and I know that there will never be a client challenge great enough that we cannot face together.

Floriane Gilliéron, Consultant, Data Protection & Privacy, Cyber Risk Services

I studied Communication Systems at EPFL to understand which mechanisms are ensuring that whenever I send data over the internet it doesn’t get lost or read by malicious people. Along the way of solving these questions, I became more and more interested in aspects of cyber security that were not only about securing the data, but also about securing the people behind it. Having reliable encryption and communication mechanisms is not enough, it’s also important to regulate how companies are using their client’s data. This passion for privacy eventually brough me to the Data Protection & Privacy team at Deloitte, where I now have the opportunity to work on exciting and challenging projects for various clients. With a job constantly pushing me to learn, I’m guaranteed to stay up to date with the latest technologies and trends. This is especially important in a fast-moving field such as cyber security.

Another thing I particularly enjoy about my job at Deloitte is the people I’m working with. After six years in a technical university, I find it very enriching to be collaborating with colleagues from various academical backgrounds, bringing more perspectives than the engineering one, which is more than needed to solve such complex challenges. The cyber team is made of motivated and dedicated people, creating an ideal working environment. I’m always excited to start a new day, as I’m convinced to have found the right place for me!
 

Jasmin Rubin, Senior Consultant, Resilience and Vigilance, Cyber Risk Services

Becoming part of Deloitte’s Cyber Risk Services Team was a career path I never imagined in my wildest dreams. With a Bachelor and Master’s degree of Arts in my pocket, I started working for the Swiss Department of Defence and later the Swiss Department of Foreign Affairs (FDFA). During these five years, and especially while coordinating the politico-military dimension of the Organisation of Security and Cooperation in Europe (OSCE), the topic of Cyber became somewhat omnipresent: From hybrid warfare to so-called “Confidence building measures in Cyber” - Cyber was “where it’s at”.

At the same time, I became responsible for the COVID crisis management within the Eurasia division of the FDFA. Realising how much effort efficient crisis management requires, I started looking for jobs where I could make an impact in that field. And that is how I joined Deloitte’s Cyber team; a team full of diverse people with different backgrounds – a place where I can learn new things by simply having a coffee with someone. Working in Cyber has been nothing short of an exciting ride with almost endless opportunities on exciting and challenging projects – a journey I can recommend to anyone out there, wanting to make a difference in their working life.

Anne van Eck, Manager, Data Protection & Privacy, Cyber Risk Services

While I was studying law and business at the University of Leiden in the Netherlands, I always felt that something was missing. In my third year I therefore helped to set up a Legal Tech initiative, by combining legal and technical knowledge. And it paid off! Today, I am advising clients on legal and technological matters – and this is what I still love doing. The combination of my legal, business and tech background allows me to think broader and consider more than just one angle of a client challenge (e.g. legal concerns).

At Deloitte I love working in our multidisciplinary and diverse team. People from various backgrounds and nationalities make up our cyber team. I think diversity is key to being innovative and having different perspectives on certain challenges that clients may face. We are always open to helping our clients grow and taking on new challenges. If there is one thing I have learned working for Deloitte in the past few years, it is that anything is possible, as long as you go for it. And that is what I will continue to do in my future as a woman in cyber at Deloitte.