Senior cybersecurity consultant at Deloitte Ireland, Arushi Doshi, discusses the exciting elements of her work and why right now is the best time to work in cyber.
The area of cybersecurity and the need for trained experts in this field has never been more critical, with a recent ransomware incident in Ireland highlighting how vulnerable many systems are to cyberattacks.
Thankfully, cybersecurity professionals such as Deloitte’s Arushi Doshi, who has a penchant for problem-solving, are working on a daily basis to keep businesses safe.
‘Through every security review, I am helping small and large businesses stay safe online and in turn keep their customers secure’
– ARUSHI DOSHI
What drew you a career in cybersecurity?
I studied computer engineering for my undergraduate degree. This is where I first saw how code could be used not only to build things, but also to break them. Most of my peers were working towards being software developers and while I loved coding in my free time, I didn’t feel like taking it up as my full-time profession.
I was also quite fascinated with crime shows and seeing hackers on screen as intelligent yet mysterious creatures with a knack for problem-solving seemed like the perfect career. It was only when I started my master’s in computer science at UCD that I really understood how much more the field had to offer in terms of variety of work and the ability to help people stay safe online.
What’s the best thing about working in this area?
No two days are the same, there is something new every day. There are several areas in cybersecurity – one day you could be hacking a client to identify gaps in their systems, and the next you could be tracking down data theft through forensics or supporting a business in overcoming a cyberattack. For me, the unpredictable nature of the work and the opportunity to be in the thick of the latest developments in computing is the best part about cybersecurity.
What’s the most exciting development you’ve witnessed in your sector since you started working in it?
There have been several exciting developments in cybersecurity over the last few years, though many of these have been a result of unfortunate cyberattacks, such as ransomware incidents.
The positive side of these incidents has been that companies have really started looking at cybersecurity as a top risk and started working towards strengthening their systems in some shape or form. Instead of just being a stereotypical, ‘bunch of hackers trying to steal financial information,’ the sector has grown to include privacy specialists, digital forensics practitioners, policymakers, regulators and law enforcement, alongside ethical hackers and security consultants.
What aspect of your job have you struggled to get to grips with?
There are a lot of areas that you need to know about across cybersecurity, from technical aspects such as networking and software development, to business knowledge such as policies, processes, risk and compliance.
This was quite overwhelming at the beginning since you would constantly need to understand technical concepts, take a risk-based approach for incorporating security and, at the end of the day, translate it to business value.
What’s been the hardest thing you’ve had to face in your career?
The hardest thing in my career has been to support a business with an ongoing cyberattack and feeling helpless due to the chaotic situation. Given the sensitivity of things and the tangible human impact of cybersecurity, I constantly felt that I wasn’t doing enough to help or someone else in my place would have done better.
Over the years, I have tried to improve my skills and gain experience in dealing with such incidents. Though I think I will never fully overcome the weight of the responsibility that businesses entrust us with, I have started seeing it in a more positive way.
Through every security review, I am helping small and large businesses stay safe online and in turn keep their customers secure.
If you had the power to change anything within the STEM sector, what would that be?
I believe everyone in the STEM sector has the power to change it in some way. I think making STEM more attractive and approachable to students and especially young girls is a top priority.
Through Deloitte’s ‘Women in Cyber’ initiative, I am actively encouraging young girls to take up STEM-based subjects and consider pursuing a career in cybersecurity.
Though my background in cybersecurity has been traditional (a computer science major stumbling upon cybersecurity was inevitable), I believe that anyone who is curious about technology and willing to learn can grow in this field.
Which of your personality traits makes you best suited to your job and this sector?
My top personality traits relevant to this sector would be curiosity, patience and relentlessness. I like knowing how things work across technologies and am constantly looking to learn something new, which is quite an advantage in cybersecurity as there is always a new problem to solve every day.
I am also not a big fan of fixed routines, which works out in my favour since consulting provides an opportunity to work on several different projects spanning a range of industries.
Is there something in your personal life that helps you in your job?
I think it is important to invest some personal time to continue learning and developing yourself. Pursuing certifications and doing online training has helped me stay up to date and help combat imposter syndrome.
Outside of work, having offline hobbies such as reading books, painting and learning new languages helps in managing my mental health and preventing burnout.
How do you make connections with others in the STEM community?
I am a member of organisations such as ISC2, OWASP, SANS and ISACA, where I can connect with other like-minded IT and cybersecurity professionals. This has helped me to bounce ideas around, learn about the latest developments in the field and just connect on a personal level.
Working in Deloitte and meeting new clients as part of projects has also helped me in making connections and learning from them.
Has mentorship or coaching been important in your career?
I have been lucky enough to have some amazing mentors during my master’s degree and also during my career in Deloitte. I pursued cybersecurity and forensics full-time as a career based on the advice of one of my professors at UCD and I am so glad that I did.
My mentors have always been the ones to push me outside my comfort zone to try something different and to really make an impact, while also making sure that I take time out for myself and cultivate good work-life balance.
What advice would you give to someone thinking about a career in cybersecurity?
The most valuable thing that I have learned is that it is OK to not know all the answers. A lot of people feel that they are not good enough to be in this area because they don’t know a subject in-depth. In cybersecurity, there will always be something you won’t know because it is constantly evolving.
The key to success is your willingness to keep learning and stay curious. My advice to anyone considering a career in cybersecurity would be to take a leap of faith, trust yourself and jump in because this is the best time to be in cyber.