Chris Davey talks about his role in Accenture’s security practice and the importance of staying up to date on the ever-changing infosec landscape.
For those working in cybersecurity, mitigating risks and cyberthreats is extremely important. But there is also a need to balance a company’s business needs with its risk levels.
Chris Davey is an associate director in Accenture’s security practice in Ireland. In his role, he is responsible for the delivery of services for several clients, and for growing and developing the company’s people and practice.
Here, he discusses what his role entails, the skills he uses and how the cybersecurity sector has changed over time.
‘In security, there is an intense need to stay up to date and on top of current threats’
– CHRIS DAVEY
If there is such a thing, can you describe a typical day in the job?
On a typical day, I spend a third of my time as a hands-on practitioner delivering security services to our clients, a third of my time overseeing and assuring the quality of work my teams are doing, and a third of my time growing our business. Of course, in security there are sometimes surprises where I have to help our clients respond to incidents and events that occur too.
What kind of projects do you work on?
I work on all kinds of security projects, from developing security strategies and roadmaps, through security solution implementation, to security operations. I work with organisations facing challenges to rapidly respond to business demands in fast-changing markets securely, while ensuring the security of both legacy and current technologies.
What skills do you use on a daily basis?
My background is in computer engineering, technology architecture and large-scale systems integration. The types of security projects I work on frequently draw on my technical background, where understanding a wide variety of technologies helps in securing these systems.
What is the hardest part of your working day?
The easiest part is helping a client make a business case to invest in security after a breach. The hardest part is sometimes making the case beforehand. Security is about balancing threat, risk and the business. There are many uncertainties and security is evolving continuously and quickly, so making a robust, evidence-based business case to improve security is a challenge.
Do you have any productivity tips that help you through the working day?
Invest your time in building a great team around you. Spending the time to train them to a high level will pay you back many times over in productivity in the long run. Also, staying up to date with tools and methodologies is essential in every technical field – and frequently helps with productivity too.
When you first started this job, what were you most surprised to learn was important in the role?
When I started to specialise in security, I already had many years’ experience in technology. Even so, I was surprised many times by how many essential, but niche, aspects of security I was unaware of. In many areas of technology, what you don’t know won’t hurt you – but in security, it can be fatal.
How has this role changed as the cybersecurity sector has grown and evolved?
Leadership roles in cybersecurity are constantly evolving. The principle dimensions are the extent to which technical security knowledge is required, and the extent to which business knowledge is required. Security leaders today need to be able to guide top management and the board in taking risk-based business decisions based on a deep understanding of threats, risks and technology.
What do you enjoy most about the job?
I really enjoy using and learning about technology. In security, there is an intense need to stay up to date and on top of current threats and technologies, so there is plenty to learn all the time.