Author: Shweta Modgil
In an exclusive interaction with us, Jenny Tan, the first woman President of ISACA Singapore Chapter, shared her thoughts on how cybersecurity leaders can bridge the talent gap and what more needs to be done to enable more women to reach pole position in tech leadership.
Jenny Tan is the first woman President of ISACA Singapore Chapter. Jenny spearheaded the ISACA’s SheLeadsTech programme in Singapore in 2019 and has since framed the programme as a cross-border female leadership experience & knowledge sharing platform. She is also currently leading a global internal audit practice, including IT audit, with a global real estate cum fund management MNC. Prior to this, she was a PwC Risk Assurance Partner where she led the IT Audit & Advisory and Business Resilience Practices. She was PwC Singapore’s CIO and DPO. She is also the winner in 2022 Top Woman in Security (SG & Asean), 2022 Women Program of the Year Award (Asia), 2021 Women in IT Outstanding Contribution Award (Asia) and 2021 SG 100 Women in Tech recipient. Further, she has also received the Top 20 Cybersecurity Women in Singapore, 2020 award.
In an exclusive interaction with us, Jenny shared her thoughts on how cybersecurity leaders can bridge the talent gap and what more needs to be done to enable more women to reach pole position in tech leadership.
What are some of the dominant cybersecurity trends in Singapore this year?
In Singapore, I believe that the social engineering attacks will continue to rise due to the hybrid work arrangement after covid. The third party supply chain attacks will continue as a trend and data protection & privacy breaches may be on the rise as organisations and individuals embrace digitalisation.
When it comes to cybersecurity, lack of requisite talent is a big factor staring in the face of cybersecurity leaders. What can be done to bridge this gap?
The first thing that cybersecurity leaders have to do is to take a step back, review their existing plans and re-prioritise the initiatives. Then, the cybersecurity leaders have to communicate this risk-based strategy with the key senior stakeholders to gain trust and manage their risk appetite and risk tolerance of the current situations.
Having managed the senior stakeholders, next comes the user awareness elevation part. The users are your first line of defence. If they can be solicited to play their part well, the cybersecurity team may have lesser issues on hand to deal with.
Lastly, consider having non-cybersecurity professionals who are keen to career switch to join your team and train them. Next, organisations can work with schools where they have information technology or cybersecurity students who are keen to take on such roles as a form of the talent resource pipeline.
What more needs to be done to enable more women to reach pole position in tech leadership and unlock their potential?
Regulator policy and ESG goals have helped to push some women into leadership roles. However, this is not sufficient and not sustainable as there is currently limited pool of such talents. Research has shown that most women who are in leadership role, especially technology related ones, are mainly due to their tech interest at a young age.
Hence, this warrants us to pay attention to “budding talents” at a younger age. In addition, a woman role model is also important to create awareness and impart the “how-to-get-there” experiences and knowledge to other women who may imitate at first before they found their focus area.
In addition to a smaller base of women in technology, many women sacrificed their careers for family reasons. The ecosystem has to be balanced if we want more women to lead in the management role i.e. either more men become housemen or mainly having working from home jobs or more women remain single. Either option chosen will require sacrifice from both parties.
By 2025, nearly half of cybersecurity leaders will change jobs, 25% for different roles entirely due to multiple work-related stressors, according to Gartner, Inc. What are some of the ways in which organisations can address this impending talent churn?
We know that regular resource turnover is not healthy for any organisation as plans cannot be executed consistently or completely. Hence, organisations have to act fast to prevent this issue becoming a serious problem in your organisation.
Regular coaching conversations with this group of people may help. The most important thing is to set the tone at the top right. Having a clear and transparent culture helps a lot as stakeholders will not finger point unnecessarily should any incidents occur.
Higher pay package is not sustainable. Start from work culture improvement to ensure it is a conducive and progressive environment that these leaders are willing to stay back for.
Your one piece of advice to women when it comes to reaching for the top rung in cyber leadership?
Be humble, be confident of your skillsets and competencies. Be resilient and persevere with your dream! Be kind and create impactful outcomes.
