Name: Shelly Epps, MS, HCISPP Title: Information Security Analyst and Program Lead, Security Outreach & Education Employer: Duke University Health System Location: Durham, NC Education: BS in Biology from Kansas State University, Master’s in Genetic Counseling from University of Pittsburgh Years in IT: 6 Years in cybersecurity: 6 Cybersecurity certifications: HCISPP   How did you wind up in a career in cybersecurity? I stumbled into it! I had been working in healthcare, research, data and employee management and administration for about 20 years when I chose to take a step off of that pathway without a solid backup plan. I was surprised to be invited by our InfoSec team to interview for a job – one that I was largely unqualified

  It may seem obvious: A strong commitment to cybersecurity from an organization’s top management equals better protection. The cybersecurity staff have more confidence and focus on the right things – fighting threats as opposed to worrying about who will leave next for greener pastures. These were among the findings of (ISC)2’s latest study, Building a Resilient Cybersecurity Culture. The study of cybersecurity professionals set out to pinpoint what companies with a good cybersecurity track record do better than others. As you might suspect, a strong cybersecurity culture is key. And it manifests itself in multiple ways: Top management understands the importance of cybersecurity, according to 97% of respondents. 96% say their policies align with their board of directors’ cybersecurity

To effectively deliver value as cybersecurity professionals, (ISC)² Singapore Chapter is focusing on working closely with other Singapore cybersecurity-focused organizations. This collaboration is a clear path forward to managing and mitigating risks connected with electronic secrets, according to the Singapore Chapter’s president, Matthias Yeo. “That is what we believe cybersecurity of the 21st century needs: ecosystem partnership,” he said. Formalization of relationships with global organizations such as ISACA and ITSMF, and local organizations suchas the Association for Information Security Professionals (AISP), engages cybersecurity professionals across multiple disciplines. The opportunity to network with other practitioners and an increased variety of speakers and topics has enabled the chapter to cater to a wider variety of member interests. As a result, the Singapore

Name: Hayato KiriyamaTitle: Senior Security Solutions ArchitectEmployer: Amazon Web Services Japan K.K.Degree: MBA, Master’s of ScienceYears in IT: 14Years in cybersecurity: 8Cybersecurity certifications: CISSP How did you decide upon a career in cybersecurity? Around 2010, I was involved in developing an application for Data Loss Protection at IBM. Such a data-oriented approach looked quite different to me because it was connected with the value of data in the business. It was this kind of business-oriented security which I wanted to research and develop further. Why did you get your CISSP? When I was working as a sales engineer, I needed a comprehensive knowledge of cybersecurity to be able to speak with decision-makers from our customers’ IT departments. I got the

Name: Patrick Wai Keun Liu Title: Deputy Chief Information Security Officer Employer: DBS Bank (Hong Kong) Limited Degree: Computer Engineering Years in IT: 20 Years in cybersecurity: 15+Cybersecurity certifications: CISSP-ISSAP, CRISC, CGEIT, CIA, CISA, ABCP   How did you decide upon a career in cybersecurity? I started my cybersecurity career as a customized professional service for a high-end customer. I was working in an ISP and the company provided network connectivity services. My team focused on new initiatives and we believed security had potential. I have dedicated myself to this area ever since.      Why did you get your CISSP-ISSAP? As is common with most cybersecurity practitioners, we never stop learning new things. Cybersecurity is not just on one