Career Notes 1.2.22
Ep 81 | 1.2.22

Dr. Rois Ni Thuama: Get into the game. [Cyber governance]


Dr. Rois Ni Thuama: Hi, my name is Dr. Rois Ni Thuama and I am Head of Cyber Governance with Red Sift. 

Dr. Rois Ni Thuama: My earliest recollection of knowing what I wanted to do was wanting to be a police officer or I wanted to be a detective. Well, that's my earliest memory of a career. My other earliest memory is before I could read, I didn't understand what reading was and my mom explained to me. She said, if you write something down and then you leave a room, somebody else can come into a room and then they will know your idea. And that just blew my mind. And I thought that everybody who could read must be amazing and that once you knew how to read, you just wouldn't stop. 

Dr. Rois Ni Thuama: I was born in England and we lived there till I was about seven and then we moved to Ireland, which is where my parents are from. It was pretty typically Irish, big families, lots of parties. I remember growing up and the parties being in the house and the best bit was wanting to sneak back down and listen to the adults talking. That's something that I like about the environment that I get to work in now I get to work and listen to really interesting people talking. I don't think we change that much from when we were kids. 

Dr. Rois Ni Thuama: You know, I wanted to be a police officer. I say that when I was a kid, but I'm not sure I would have passed the fitness test. I wanted to do law, but I ended up going to Trinity College in Dublin studying philosophy for a bit. I had thought initially that I'll do philosophy and then I'll go ahead and I'll do law. But then I read a book. I actually read a couple of books. South Africa was going through this change, the Truth and Reconciliation Commission was going on in South Africa. That was unprecedented. So I took myself off to South Africa to to be part of I felt like history unfolding. Then I'm not quite sure how I ended up making music videos and wildlife documentaries, but this is relevant.  

Dr. Rois Ni Thuama: When I left South Africa and moved to London, there was a music technology startup in London and because of my experience working in the music industry, I ended up getting a job with a company called Shazam. That was my entry into technology and startups and governance and risk management. Bizarrely enough, 20 years later, some of the guys that I worked with at Shazam are there at the company that I'm in now. So my sort of my beginning of my career in technology and governance and risk management is where I am now, but it's been a circuitous route and that looks really clean, but actually it was a bit more Jeremy Bearimy. 

Dr. Rois Ni Thuama: So if I take myself back to my Shazam days, the culture in that business was very geared towards good corporate governance, but that wasn't an expression that people used in the business. So all of those principles of like accountability, responsibility, transparency, discipline, fairness, all of that was evident and observable in that business. And I didn't know what it was I was seeing. I just knew that this was the ethos of a place that I wanted to work in. They ignited my enthusiasm for startups. It's really clear to me the value that they could bring not just to the business and the stakeholders and the ambassadors, but actually to society. Moving it from that concept to reality is just very, very exciting.  

Dr. Rois Ni Thuama: I went back and did my masters and my PhD, and then I did it in governance and we had the financial crisis. From there I moved into cyber governance because I could see that cyber was becoming more and more a significant corporate risk and it was being dealt with at a technical level. I think those guys did a really phenomenal job, but, you know, we keep hearing that businesses need to have a holistic approach and that means that you need all hands to the pump so there are times when lawyers need to lead conversations. There are times when technical people need to lead conversations and there are times when HR people, the operations need to lead those conversations, but, people need to, um, be well versed and they need to have a really good, deep foundational understanding of what it is they're going to talk about before they take the floor, if you like. 

Dr. Rois Ni Thuama: At the moment what I'm doing is I am doing an awful lot of research, so there's been this paradigmatic shift in my view, in how cybersecurity has been perceived. There's a couple of bits of legislation that are going to drive a different way of thinking about it. This is a novel approach in that what they've done in this piece of legislation is that they're requiring the board to train themselves up and to become part of a deeper conversation with respect to the business's operational resilience. We've already learned that this could have a ripple effect and so that's what I'm spending my time doing.  

Dr. Rois Ni Thuama: In 2022, they reckon we will have a deficit of 3.5 million personnel across the cybersecurity sector. There will be a lot of vacancies, and for anybody who's looking to get into it. So you apply the same rules and that's a really good foundation for anybody wanting to get into cyber governance.  

Dr. Rois Ni Thuama: If you have a law degree, then my recommendation would be you can go any one of many routes. You could do a bit of coding. Very few lawyers that do coding. Go and learn risk management. Really understand the privacy legislation, and then just get into the game.