As more devices are connected to Internet of Things, the complexity rises and naturally presents additional issues. CISOs, along with governments need to come together and seriously think of the economic, political and human challenges that will inevitably come our way. This evening we have closely followed the Luxembourgish news to see who the winner of the CISO of the year award will be.
As a professional and as a friend, I was glad to see that this year’s winner is Jelena Zelenovic Matone. Jelena currently holds a Senior Head of Operational Risk and CISO position for EIB (European Investment Bank).
Jelena, can you tell us what your principle is as a CISO or as a professional in any field?
What I do know to be true and believe in my heart is that if you want to achieve the goal of being a master in the field of cybersecurity, master your skills, your abilities, and, most of all, you must master yourself. You will have the greatest satisfaction and the best return on your investment for your time and the service that you will render, not only to your organization but to your community and possibly the world.
Which brings me to ask our readers a question and by all means, take your time to reflect on it, how bad do you want to be a part of the IT world? Because I know this to be true, either way, it will determine how far you will go. Success and failure are always in competition with each other, whether in our mind or our physical world. We must build our capacity (skills, abilities, knowledge) and recognize the strength that resides within ourselves so that we may see and be aware of the opportunities, the threats, the strengths and weaknesses as they present themselves. Consequently, how and what it will take for you to overcome the obstacles and or challenges in the IT world strategically.
How did you become a CISO?
I was certain you’d ask this question. As I stand before you, I want you to know that I am a survivor of the ex-Yugoslavian war, a refugee to Canada, where I immigrated at a very young age, learning to speak another language quickly. The impact of the series of events was not an easy one, however in retrospect it taught me many things. I soon realized that my new country could provide me with the tools and the education that would enable me to fulfil all of my lifelong heart’s desires, goals and dreams. I have had the most amazing people support me on my journey, family, friends and colleagues, that ‘had my back’ and vice versa. I have learned that people can take many things away from you along the way, but one thing they cannot take is your education and your knowledge. The two important aspects mentioned can together provide you with respect and a network that is worth all your effort throughout the career.
Can you tell me some tips one needs to succeed as CISO?
1) Remain focused on your dream, your heart’s desire, your vision, your reason for being, your mission in your life; if you don’t know what that is, I strongly recommend that you work on this part of you. Get acquainted with yourself and know your intrinsic values, beliefs, morals, and what you will not settle for.
2) Know and understand your role and your responsibilities.
3) Know and understand that you are accountable — the accountability factor ensures that you will do all that is necessary to govern yourself in a right manner and that your actions will speak louder than words. Know that you must do your best to minimize risks in all facets of IT, hence cybersecurity.
4) Be prepared to think strategically and conduct yourself in a manner that lends itself to credibility and integrity of your work; in such facets as planning, developing, implementing, building and all the while maintaining a standard of excellence.
5) Surround yourself with allies and experts, like Napoleon Hill, author of the book « Think and Grow Rich » would call the allies and experts, a Mastermind Alliance; first and foremost, you must always trust yourself. If you have even the slightest niggle in the pit of your stomach, check and check again. Those that will surround you will complement, promote and enhance your knowledge, your talents, your brilliance; they are people who will have your best interest at heart, those you can count on.
6) Learn to rise after a defeat and keep moving forward; no time for self-pity, these are the life-altering moments that will show you and others that you are strong, fearless, courageous, determined, and perseverant. Be fearless in knowing that you’ve got this no matter what curve ball people or life will send your way.
7) Be clear — on your life and work mission, remain compassionate, kind, empathetic and generous through it all; it does not mean that you are weak.
8) Be steadfast in knowing your authentic self, love and respect yourself. Look within and know that all you have resides within you; no one can take that away; know that the sky is the limit if you want it bad enough. On the other hand, know when to draw the line, know that you have done all you can, surrender and let it go. It’s not meant for you. Something better will present itself. I can guarantee that if you force something, you will never succeed, whether in relationships or work.
9) Remember to do all of the above and still maintain a healthy relationship with yourself, in life and work; this is the infamous word « BALANCE / SELF-CARE.» It is an art, and well worth it. No pressure! This career, like life, is not for the faint at heart.
10) Document everything you do. As a CISO, it is crucial that every step of the way is documented and can easily be traced back and referred to.
11) Continuously develop, implement, review and update as to enhance the security measures in IT Policies & Procedures, don’t be afraid to add measures to top up the security.
12) Provide professional training sessions, be constantly aware that to have a strong HR infrastructure in IT, and cybersecurity one must continuously build the capacity of the human capital in this high-risk area. Be aware of the potential or existing risk factors. Be mindful of the warning signs! An analytical mind and spirit are critical. However, finely developed intuitive senses are also an asset in this industry.
13) Identify, plan, develop cost-cutting measures without jeopardizing security and know, if done appropriately, it may lead to increased benefits; it is one of the best-known secrets in our profession.
14) Streamline efficient processes; once these processes are put in place, it will facilitate one’s capacity to assess actual needs & reduce cost. How great would it make you feel if you could save millions of euros to your organization concerning potential material risks?
15) Set a code of conduct and a code of ethics that is nothing less than a standard of excellence.
So, are you ready to roll up your sleeves to do this work even though it means that so much of the work, as you see above, begins with you?
Can you tell us about your experience as a woman in this field? What would you advise other women wanting to enter this field, or already in it? Do you see yourself as a catalyst in changing the current landscape for women?
Let me say that every person, in this particular case, women, have a story. Therefore, we must respect each woman’s story. The story of their past, present and future, it is different and unique for everyone. Each one of us is a masterpiece in our unique ways regardless of how anyone judges us. We are capable of unlimited potential. However, we must be given permission sometime to be who we are. It is about not being judged for our decisions, our experiences, our appearances, our religion, our culture, or our gender. On the one hand, that is what has built character, personality, and allowed us to make choices. These are the very reasons we want to share our stories or not, so we may bring our amazing talents, surprise many with our resources, our skills that one may not have thought of using to optimize the workforce, to bring ideas and support to others; all our years of life and work experience may exceed any position we hold but how can we know when it is never identified because most of society is filled with societal conformities sometimes extinguishing the spirit of a woman.
In this field of work, I have seen much done. I have also seen things change the course of our lives, especially when we have our eyes wide open, and especially when we demystify and deconstruct the societal concepts, conformities and conditioning. This is what I call a paradigm shift. Once we are aware, we can never deny what we know. I was also blessed to have many great managers and colleagues that have shaped me and made me grow in a right direction.
As women, I believe that we are gifted with the natural ability to plan, prepare and deliver in times of crisis intrinsically or when major events occur, no matter how devastating, we have the innate ability to « roll with the punches », while sustaining our credibility and integrity and remaining whole, no matter what work or life will throw our way. I am a firm believer that an ounce of prevention is worth a pound of cure and that it is critical to us, as women, to realize what all we have, over and above our intelligence. Of course, given opportunities and sometimes given permission to follow through on matters that are forward-thinking.
We are going to get real and be authentic about who we are because if we want to rise above the crowd, if we’re going to set ourselves apart, we must do what we have concealed or not done before. Allow ourselves to be whole, nurturing, be the woman that we are and want to be.
I have, on numerous occasions, provided my knowledge that may or may not help to transform and transcend fear; to empower women to thrive and to live in healthy environments and healthy relationships despite the greatest obstacles that they may encounter; such as intimidation, fear, isolation, marginalization, violence, trauma, mental health, and so much more. For instance, I was honoured to have been invited by the UN two years ago to give a speech to women and encourage them to go for or follow through in cyber security. I try to attend such events and I try to encourage women via any chance I get.
I believe in women in all their diversity, their capacities, abilities and competencies. I believe that if you believe in yourselves, the sky is the limit.