Amanda Finch

Amanda Finch

CEO

CEO of the CIISec Amanda Finch spoke to Cyber Magazine about her career, the evolution of information security and diversity in the industry

Information and cybersecurity is a continually evolving field. As enterprises become increasingly digitalised and as a result, the entire global economy has shifted towards service-based, cloud-enabled models. Now, the demands placed on a cybersecurity solution have never been more challenging to satisfy. This has become increasingly significant in the wake of coronavirus with people working remotely and therefore businesses are exposed to more threats online.

Amanda Finch, CEO of the Chartered Institute of Information Security (CIISec) started her career at a time where cybersecurity challenges were in their infancy and companies were only just beginning to become reliant on the internet.

Starting her career at Marks and Spencers, Finch explained that she “fell into” information security with little knowledge of the industry, helping the company begin its cybersecurity journey. Just over 30 years later, Finch is now CEO of CIISec and has developed the institute into what it is today.

Having changed “enormously,” Finch’s role as an Information Security Manager allowed her to learn and evolve with cybersecurity challenges. Speaking about the role when she started, Finch explained: “It was an extraordinarily simple world. It was lovely to start when information security started. It's got incredibly complicated. But, if somebody told me then that we'd be looking at things like state-sponsored activism, really serious organised crime, and all of the other problems that we have to deal with I wouldn’t have believed them. It was just a very, very simple world. I don't know if it's ever been an easy job, but it was obviously a lot easier then and I've had to evolve with the various iterations that have happened.”

“Information security was nothing like the scale that it is now,” she added.

From her role at Marks and Spencer to being CEO at CIISec, Finch has always worked in a largely male-dominated environment and she “could often be the only woman at a conference which could have had up to 150 people,” explained Finch.

Although she did argue, “certainly in the early days’ people remembered you, so you had an advantage from that point of view.”

Reflecting on her position as a female in a male-dominated space, Amanda explained that it was something she accepted, and that she was less phased than other people about being a woman in a very male-dominated environment. “I hope I've been a role model for people.”

Throughout her career diversity initiatives have been gaining traction. Finch noted that she “wishes” she was able to do more to encourage women into the cybersecurity field. She said: “When you reflect on how male-dominated it is, especially with the staff shortages that we have within the profession, you realise that the profession really needs to reflect society and, there's more than 50% of women so, therefore, we need to aspire to get to that point where we do in fact reflect society.”

Keen for the information security industry to reflect society, Finch has been part of different initiatives and events to promote women and minorities in this field. Although recognising their importance in increasing diversity in the industry, Amanda said: “I'm hoping that we won't have to have them because it will just be sort of like an anachronism, but at the moment, I think it's absolutely important because the biggest thing we need to do is attract more women into security.”

Lending to the success of her career, Amanda was voted by the members to be a non-executive director of ISP, the forerunner of CIISec. “At some point, we needed a CEO,” she explained.

“As I was working part-time and semi-retired at that point. The board said, would you look after it while we're thinking about what we need to do?'' They never went out and looked for anybody else. So I sort of had that thrown onto me as well. But, it's been a labour of love and it’s been a privilege to do it and there's no other job like it in the profession.”

Read the full story HERE

Share

Featured Interviews

Featured

Christopher Paidhrin

Senior Information Security Officer, City of Portland

The City of Portland’s Senior Information Security Officer, Christopher Paidhrin on his passion to give back to the community in times of crisis

Read More

Marc Ashworth

SVP & CISO, First Bank

Ashworth discusses his unique role as a leader at the family-run business First Bank, who are helping personal and business customers across state lines

Read More
We are here for our customers to help them succeed and to help their employees succeed.
Marc Ashworth
SVP & CISO, First Bank

Ariel Lemelson

Head of Cyber Detection & Response at Booking.com

Passion for cybersecurity

Read More

Yoshihide Hojo

Chief Security Officer / Legal & IT Tech Strategy, Anderson Mori & Tomotsune

Yoshihide Hojo is Chief Security Officer and leads Legal & IT Tech Strategy at Anderson Mōri & Tomotsune, one of the 'Big Four' law firms in Japan.

Read More

Mel Migriño

Vice President and Group CISO, Meralco

Mel Migriño’s role as Meralco's Chief Information Security Officer offers unprecedented access into the role of cybersecurity amid a digital revolution

Read More

Christopher Paidhrin

Senior Information Security Officer, City of Portland

The City of Portland’s Senior Information Security Officer, Christopher Paidhrin on his passion to give back to the community in times of crisis

Read More