We sat down with Rachael Greaves from Castlepoint Systems about protecting people with data management.
Data and Management
Cyber security protects assets and lives from online threats. These threats always stem from people: sometimes from malicious assailants, but most often from our own faults and accidents. With human error being a major contributor to cyber breaches, there are experts finding ways to cut out the amount of handling needed, so that this doesn’t happen so often.
Rachael Greaves is one of these people. She’s focussed on helping people stay safe by making it easier to understand and manage data.
‘When you start to understand how preventable or avoidable problems were because information could or should have been managed differently from a regulatory point of view, it really starts to hit home,’ says Rachael.
Real life consequences of data
Rachael was inspired to get into the field by real stories of when data management and human error failed vulnerable people, like Vivian Alvarez Solon. She was deported to the Philippines in 2005, despite being an Australian citizen by marriage.
An inquiry found there were details that would have linked the name Alvarez to her married names Solon and Young, but these were not accessed by compliance officers.
Rachael knew then that she had to create a company that could stop incidents like this from happening.
Finding her path
After university degrees in humanities subjects, Rachael landed a job in Hitachi data systems, a tech company with an office in Canberra. It was by chance that recruitment landed her in the sector, but she found developing new and better processes suited her.
Rachael took ambitious steps on her new path, becoming certified in records management, privacy, security management and audit. First, she contracted, then went out on her own as a consultant.
‘We did a lot of audits in security, privacy and records management for large government departments and industry in Canberra,’ says Rachael.
‘I found these organisations were constantly failing in their obligations. That was very clear and very repeatable.
‘But the fact was, when you did a good root cause analysis, they never could have succeeded with the technology that’s available.’
This was the fan that flamed Rachael’s idea, to build a tool for organisations to understand all their data, all the time, without any impacts at all. Because ‘if you’re going to manage your obligations and manage risk, you need to know what data you have, where it is, and who’s doing what to it across the whole network.’
Changing the way we do business with data
‘There’s no point having really good management of 3% of the data. You need to understand all of it, dynamically, and you can’t get that if you have an impost on users, governance teams or IT systems,’ Rachael says.
‘So I designed the model of what I wanted it to be and asked my co-founder to build it. He did, and the rest is history.’
Castlepoint Systems is now a multi-award winner in information and records management, cyber security and information governance. The software helps organisations manage information in a safe way, with no impact on the way they work.
As CEO, Rachael spends her days running the company, which she says is much the same as any small business day to day, but she takes great pride in growing a high performing team.
‘I make sure the cogs keep spinning, so I meet with my leads across the different teams and have contact with them every day.
‘I do a lot of work with strategy and big picture stuff, and the detail in decision on finance, hiring and marketing.’
High stakes, high reward career
The value of the solutions her software has is also a source of great pride. The work can be soul fulfilling as it helps to protect people – the reason Rachael began in the first place.
‘You can do amazing things now with AI. At the end of last year, we did some work with child protection.
‘We assisted a government inquiry into child sexual abuse, looking for evidence of it within the public service.’
Rachael’s team implemented Castlepoint for a government department that had identified systemic failings in its management of reports of inappropriate behaviour by staff in the health and youth services.
‘We were able to map an ontology for flags of abuse and run that across systems that were too difficult to search and found 65,000 potential flags of abuse in those databases that could be reviewed, that otherwise potentially would have been missed.’
IT skills are good, people skills are better
Working in the cyber data and legal fields means being a part of big impacts felt across businesses and the community. The skills someone would find beneficial for them cross attention to detail, being able to identify patterns and understanding, following and implementing rules.
You don’t need IT skills to make it in these areas. Rachael says if you’ve got the attitude and the basics, you can learn everything else.
‘If you’re technically minded, look into a cyber angle to your study and your degree, because you’re almost guaranteed a job in government.
‘I have a humanities degree; I don’t have hard technology skills. I’ve developed them over time. But I haven’t needed them for what I do, because what I do is manage risk.
‘If you’ve got skills around identifying patterns, attention to detail, understanding rules – like around code or regulation – you already have a leg up in cyber.’