Are you curious about the world of cyber security and considering a career in this dynamic field? In today's rapidly evolving digital landscape, there’s plenty of opportunity for those with a passion for safeguarding information and infrastructure. We recently had the opportunity to speak with an expert in the field, who has taken an unconventional path to success.
Securus Consulting Group, a Canberra-based cybersecurity and GRC solutions consultancy, is at the forefront of defending critical infrastructure and aligning security practices with business objectives. In this interview, we'll hear from a seasoned professional at Securus about their journey into the world of cyber security, advice for aspiring individuals, available career opportunities, and valuable insights into the challenges everyday Australians face in the realm of cyber threats.
Whether you're a seasoned professional or someone just starting to explore the exciting world of cyber security, this interview offers a wealth of knowledge and perspective from an industry leader.
What is your organisations cyber security expertise and capability:
Securus Consulting Group, we have a strong, professional and dedicated team who bring their experience and expertise across Securus’ three service pillars. These areas comprise Cyber Security Risk Management, Technical Assurance (ICT Product Evaluation), and Governance, Risk and Compliance (GRC) Solutions.
How did you get into cyber security?
Cyber security was a natural extension of my hobbies and not my studies. I completed a Bachelor of Commerce and Arts, majoring in economics and Chinese language, with Honours in Economics - which was not a clear path to cyber security. Rather, it was from always tinkering with, and a curiosity for ICT - from pulling apart my first i386 PC much to my parent's horror, setting up “LAN parties” on a 10base hub in the school yard, to running my own IT support business for home and small business users while studying at university. From there, it was career opportunities and a mix of further self-directed studies, along with having a strong group of peers to discuss security ideas/problems with that helped me to where I am today.
What advice do you have for those who wish to pursue a career in the industry?
Cyber is ever evolving and always changing, a key characteristic that makes it interesting. You need to be comfortable with not knowing the answers but have the willingness and the resilience to find them out. Certifications and directed study are great ways to show your interest in the industry and give you a good base, but there is not substitute for surrounding yourself by experienced team members who challenge you and support your development.
Does your organisation have career opportunities and career pathways available?
We are always looking for individuals who bring unique capabilities and perspectives to support our information security evaluation capability. We have a collaborative environment where people can combine their talents, provide their insight, and work together to enable our clients.
Currently we are seeking staff for upcoming roles that include ICT Product Evaluator, Digital GRC Solutions developer, GRC consultant, and ICT security risk assessors. Please send through an up-to-date CV to recruitment@securus-cg.com if you are interested in joining the team in any of these roles.
What do you see as your customer’s biggest pain point, and how do your unique products and services assist them in addressing these issues?
A lot of clients buy “ICT products” that may well offer great security but have not been thoroughly assessed to a level commensurate with the sensitive information the device intends to protect. Our capabilities across ICT product evaluation, security risk management and digital GRC solutions help ensure our clients have minimised their attack surface and understanding the strengths and weaknesses of their ICT/cyber security environment.
What advice do you have for everyday Australians about cyber security?
Everyday Australians are most at risk of financially motivated cyber threat actors who will use a mix of technical and social engineering methods to elicit their private and/or sensitive information. You should be across advice such as ACSC’s Personal Security Guidance, and if nothing else, always update your devices and apply multi-factor authentication (MFA), and never install an application from a stranger or share your secret keys (passwords, access tokens, MFA codes etc) with anyone else.
