PwC’s Will O’Brien discusses how he began working in cybersecurity and what you need to do when starting a career in the sector.
Will O’Brien is a director working in cybersecurity at PwC. His role involves working with cyber incident response, people operational management and delivery.
O’Brien graduated from University College Cork in 2003 with a degree in computer science. At the time, he was more interested in technology as opposed to cybersecurity. However, according to O’Brien, this changed during the financial crash of 2008, when information security really came to his attention as he noticed the importance that information and data played in the operations and survival of many businesses.
“As cybersecurity threats grew dramatically from this period on, my interest in the importance of cybersecurity continued to grow as I could see the business risks evolving before my eyes.”
‘Cybersecurity is growing rapidly so there is a great opportunity to grow and build a successful career’
What brought you to your current job?
Prior to my current job I was working in forensic technology. This involved technical investigations in areas such as insolvency, financial crime, insider threats and litigation/electronic discovery. However, as I could see cybersecurity continuing to grow, I could see how my skills were transferable, especially in the area of cybersecurity incident response. Timing is everything and let’s just say I am glad the timing was right for both me and PwC!
What were the biggest surprises or challenges you encountered on your career path in cybersecurity?
Until recent years, my biggest surprise or challenge in the area of cybersecurity was the lack of awareness around the topic of cyber risk. This required a lot of conversations making business leaders aware of cyberthreats and the risk this posed to their business operations, brand and reputation.
Thankfully this has changed in more recent years and I would put this down to two primary events. Firstly, the General Data Protection Regulation (GDPR) coming into force across the EU on 25 May 2018 made a lot of businesses take notice of data protection and privacy. Secondly, the Conti cyberattack at the HSE in May 2021 really made many business leaders sit up. It brought cyber risk to the top of their corporate risk register.
Was there any one person who was particularly influential as your career developed?
I have been lucky in my career that multiple people have helped me along the way and inspired me. I really value honesty, especially when people have to tell me the things I don’t necessarily want to hear. That’s when you really learn and you get an opportunity to do something about it! Good colleagues, close friends and especially my family have been at the bedrock of my career to date.
What do you enjoy most about your job?
No two days are the same. My role is varied and continues to challenge me. Within cybersecurity, our clients’ challenges are constantly evolving at such a rapid pace. Thankfully, we have a great cybersecurity team at PwC that love delivering for our clients, learning in a fast-paced environment and know how to have some fun along the way!
What aspects of your personality do you feel make you suited to cybersecurity?
I want to understand my clients’ needs and challenges and feel a part of their team. I believe effective communication is one of my strongest skills. Cybersecurity is a technically challenging area and I like to look at a client’s challenge from their perspective. When bringing our solution to their problem, it is key we get our communication right. Effective communication is essential for the success of every engagement we work on and it is really important for building long-term client relationships.
What can people expect from career progression in the cybersecurity industry?
Cybersecurity and cyber risk is at the top of every business agenda, so people in this area can expect career progression in the cybersecurity industry. At PwC, we invest a lot in our people. We have a very structured development plan for each grade, which makes sure everyone has the soft skills they need as they progress through the firm, such as coaching, managing teams, negotiation etc.
For example, during my first year at PwC, I was nominated to attend PwC’s Whole Leader Programme. This was a modular programme that ran over an eight-month period, built around the relationships, business and global acumen and whole leadership attributes of the PwC professional. During the programme, I explored how to build high-value relationships, bring business knowledge, innovation and insight to clients, and how to operate and collaborate effectively. The learning and delivery was highly interactive with self-directed elements as well as presentations, guest speakers, practice and assignments.
The Whole Leader Programme helped me to enhance my leadership capabilities and address the skills I needed as a leader to enable me to differentiate myself, drive the business forward while also living up to our PwC values.
What advice would you give to those considering a career in cybersecurity, or just starting out in one?
As you start your career, I would focus on the technical competencies of cybersecurity and build a very solid foundation. Once you have your foundation built, you can then look to expand your career with the softer skills, such as communication, delegation, training and mentorship. Reading can also be a great enabler here – find a business leader you admire and read their autobiography. For example, I recently read Shoe Dog, a memoir by the creator of Nike, Phil Knight. It’s a great read and demonstrates the road to success is not straight.
You need to actively manage your career, and make your own decisions about where you want to be and what you want to be doing. Cybersecurity is growing rapidly so there is a great opportunity to grow and build a successful career.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.