Name: Paul Bryant  
Title: CIO
Employer: phew! Cyber Security
Location: Auckland, New Zealand
Education: MCom (Hons), LLB (Hons)
Years in IT: 20
Years in cybersecurity: 15
Cybersecurity certifications: CISSP

 

How did you decide upon a career in cybersecurity?

In my roles designing and managing financial services technology infrastructures and leading technology teams I had a good deal of both technical and non-technical exposure to information security considerations and solutions. It is a complex and ever-changing area that bridges business and technology, and requires both technical and commercial engagement. It is also an area that is under-served in industry.

 

Why did you decide to pursue your CISSP?

I wanted to consolidate my experience to date. The CISSP is still one of the broadest and most well-recognised programmes for extending and also communicating the breadth of your information security knowledge and experience. 

 

In cybersecurity, no two days are the same – what is your main role in your organization?

As a founder and executive in the business I do a bit of everything. phew! provides both consultative and solution-based services, and as a new company there are many things to be done, from assessments to solutions implementation to market education and business development.

 

Tell us about a project that you were particularly proud of –

I co-designed, built and managed two global financial trading network infrastructures over a period of 10 years during the inception of the hedge fund boom of the early 2000s. One was for a hedge fund and another was a start-up private cloud service provider to hedge funds and investment banks. Customers of the latter solution are predominately high-frequency traders whose intellectual property, and value, are embodied in their algorithms that would sit side-by-side with their competitor’s algos within the same private cloud. This presented significant design and operational challenges from a security stand-point, and has been secure and successful for over 12 years now.

 

What impact has the CISSP had on your career?

Mainly, the CISSP has allowed me to consolidate and communicate the breadth and extent of my information security knowledge and experience. 

 

What advice would you give to those aspiring to get their CISSP?

The CISSP is a substantial undertaking. Expect it to take multiple hundreds of hours of structured preparation to feel ready for the exam and expect the exam to be quite different from what you might predict. On the other hand, know that you are working towards one of the most well-recognised certifications in an area that has high and growing demand. Your effort will eventually be worthwhile.

 

Download the Ultimate Guide to the CISSP to learn more about how you can advance your InfoSec career.