Jess Wyer talks to SiliconRepublic.com about her role as a cyber risk analyst at Deloitte and the skills she considers helpful when working in cybersecurity.
Jess Wyer is a cyber risk analyst at Deloitte. Wyer began her current role in September 2022 after graduating from UCD with a BSc in Applied and Computational Maths. She previously completed an internship with the Cyber and Forensic teams at Deloitte.
‘Cybersecurity requires a combination of technical and non-technical skills, including critical thinking, communication, attention to detail, problem-solving, and a passion for continuous learning’
If there is such a thing, can you describe a typical day in the job?
Typically, I start off the day by catching up with emails. Often, some action will come from these such as updating information for a project proposal, setting up meetings, or following up with a client. Once this is done, I’ll get stuck into my main work for the day. Usually, throughout the day, I’ll have one or two client meetings to attend, and preparation needs to be done for these so you can ensure you’re covering everything you need with the client and that you understand their processes, procedures, set-up and systems.
Then I would start filling in any new information to the project report, highlighting any problems with their cybersecurity measures.
There are often some internal projects to work on as well. Recently I’ve been working on report-writing steps and procedures with one of the managers on the team.
What types of cybersecurity projects do you work on?
In my first few months with Deloitte, I’ve mostly been working on audits and maturity assessments. The maturity assessments are interesting because not only are you highlighting gaps in the cybersecurity measures, but there is more of a focus on guidance to the target maturity level defined by the client.
What skills do you use on a daily basis that are specifically helpful in cybersecurity?
Cybersecurity requires a combination of technical and non-technical skills, including critical thinking, communication, attention to detail, problem-solving, and a passion for continuous learning. These skills are used on a daily basis but something that I feel always comes into play is attention to detail. Particularly when writing reports for client projects, it is important that every piece of information is correct and there is evidence to back it up.
What are the biggest challenges when working in cybersecurity, and how do you navigate them?
One of the biggest challenges is putting cybersecurity measures into context for different organisations. Small companies in areas like construction often only have basic cybersecurity measures in place, but since their business does not depend on cyber or IT, this might be a suitable level for the organisation. Fintech, insurance or pharmaceutical companies would have a much bigger reliance on cyber, and hence a cyberattack may cause huge reputational damage and financial loss. It’s important to keep all of these aspects in mind when working with clients.
Do you have any productivity tips that help you through the day?
I try not to work on one thing for too long, to ensure I don’t get bogged down in it. If I feel myself dropping off in terms of productivity, I’ll move on to a different project or a different aspect of the same project. Luckily, there is always lots of variety in the projects I’m working on. Coffee breaks are also key to staying productive!
What skills and tools are you using to communicate daily with your colleagues?
Coming into the office regularly has been an important part of my social development within the team at Deloitte. It makes asking questions much easier, especially in the first few months, and there’s a lot more opportunity for networking and building relationships.
How has this role changed as the cybersecurity sector has grown and evolved?
I’ve been in the area for a relatively short amount of time, so it’s hard to measure the changes in the industry over a few months. By nature, things are constantly evolving in cyber. There is always new legislation, new regulations, and most importantly new and more sophisticated cyberthreats. There’s a constant need to stay on top of emerging risks and research to ensure we are constantly implementing and advising others to implement best security practices.
What do you enjoy most about working in cybersecurity?
It’s such an exciting industry to be working in at the minute. There are always new security advances and new threats to go with them, which means there is always something new to learn. This constant change means that we are continually facing new challenges, making the work interesting and exciting.
What advice would you give to someone who wants to work in cybersecurity?
Keep up to date with what is happening in the industry by subscribing to newsletters or listening to podcasts. Look into beginners’ courses or qualifications in relation to cybersecurity – there are lots of good resources online to help you start learning. And then continue to learn and develop your skills by taking new courses, attending conferences and participating in online communities. Cybersecurity is always evolving, and it’s important to stay up to date with the latest trends and technologies.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.