by Denise Murtagh-Dunne, Information Security Manager, PWC Ireland

From my early childhood, I developed a passion for unravelling the mysteries of how machines worked. My father was a mechanic and, as a child, he would let me help taking car engines apart. This is where I first developed a fascination with getting “under the hood” of machines and understanding their inner mechanics.  

At school, I then took a computer module which triggered my interest in computing and I chose to study Computer Programming in college. I survived the period of the dot-com bubble bursting and landed an IT technical support role with a small company where I undertook several Microsoft computing courses. A course on cybersecurity really caught my attention; I suddenly realised there was a gap in the market, and it was a way that I could bring something unique to my company. I discovered there was no cybersecurity expert in the business and there were some gaps in its defences. I spoke to the Director and he gave me the green light to start introducing new cybersecurity policies across the business, from firewalls to remote access.   

That led me to choose the cybersecurity profession and I later entered a pure infosecurity role at Ulster Bank, before going on to become Information Security Manager at PWC’s Dublin office. My team now looks after all the internal security for PWC in Ireland. It is a wide-ranging and varied role encompassing everything from risk assessments on new apps and infrastructure, to reviewing design documents, to auditing third-party suppliers and internal networks, or reviewing penetration testing reports.

The job and the profession reignited that love of getting deep into complex systems to find out how they work. Security puts me at the heart of the company; my role now encompasses every department, supplier, network or system in the company’s Ireland division. I get to see how everything plugs together into a coherent whole.

I also like to give back to the community. I am a board member of the Dublin chapter of OWASP and we have recently run cybersecurity in healthcare events and hacking tournaments. We also engage the wider community through free outreach to schools and small companies that may not have any in-house cybersecurity resources. Most recently, we ran events for women in technology and even comedy nights for the local community. I manage to cram in all of that along with being a mother of three!

In recognition of my contributions to the community, I was delighted to win the inaugural Woman Information Security Professional award, part of the EMEA Information Security Leadership Awards (ISLA) by (ISC)², the world’s largest association of certified infosecurity professionals, which recognises cyber leaders who ‘go the extra mile’ in enhancing security across Europe, the Middle East and Africa.

If anyone wants to get into a cybersecurity, I would advise taking up a junior role in a large company as they offer great training opportunities. Another great way in is to set up your own mini ‘lab’ at home and get under the hood of computers. Find out how their components work, using things like VirtualBox which lets you play around with virtual machines. This helps improve your technical knowledge and develop that inquisitive nature and passion for understanding how systems work that is central to the cyber professional.

Ultimately, cybersecurity is about understanding how everything in our digital economy comes together to find the weak links in the chain.