3 minute read
Digital trust: A collaborative responsibility towards cyber resilient digital ecosystem
By Catherine Lee PY, Singapore
Catherine Lee (CISA, CISSP, CRISC, CDPSE, CCSK) is the Regional Senior Cybersecurity Risk & Compliance Strategist specialised in Cyber Governance, Risk and Compliance (GRC). She has profound experience in providing strategic consultation and leading cybersecurity risk assessments, third-party security risk management programs, and driving cybersecurity transformation roadmap implementation for global MNCs of various industries including financial institutions, pharmaceutical, oil & gas, and emerging tech.
Catherine is the AiSP Co-opted Exco Member and is passionate about driving diversity in the cyber ecosystem. In her personal capacity, she volunteers in different communal initiatives including mentoring female students as well as shares her experience in a series of school talks and conferences.
She holds strongly in her personal CIA guiding principles where she believes “Confidence, Inspire or be Inspired and Adaptable” are key elements to excel and reach new heights in tech and cybersecurity careers. In this technology-blooming era, the demand for digital transformation and innovation has been rising more than ever. Many companies are accelerating goto-market strategies with evolving digital solutions and migrating to the cloud to improve operational efficiency as well as optimise cost. Building secure and reliable digital solutions, or digital trust tenets, are increasingly important to enhance a company’s reputation and brand loyalty as consumers prefer to buy from companies that are transparent and equally care about protecting the data rather than profitability.
Digital Trust is More Than Just Cybersecurity
Any new technology or digital solution introduces new risks and no technology is completely risk-free in the ever-changing digital landscape. A holistic and collective approach from cybersecurity, risk management, privacy, data governance, and ethics coupled with the Security Shift-left mindset is therefore the imperative elements in building a trustworthy solution for digital interaction. Bridging compliance and development makes it possible to identify defects much earlier in the Software Development Life Cycle (SDLC). This also improves the product quality with a high level of security by embedding the security controls needed at every stage of SDLC which can then reduce the time and cost of fixing the vulnerability detected instead of dealing with security as the afterthought.
Enforce Governance and Take Ownership of Risk
Business is about taking risks and Security is a decision that can only be achieved through collaboration and not confrontation. It is with proactive communication, strong continuous governance and taking ownership of risks, the senior management can have the appropriate visibility and make risk-informed decisions to strike the right balance between the business strategy/investment and treatment action needed for the identified digital trust risks to ensure the company’s business continues to grow and at the same time continue to stay in compliance with the applicable laws & regulations.
Diversity is an important digital trust enabler
In the male-dominated industry, diversity is important in cybersecurity as different people and disparate backgrounds bring broader perspectives in building a more resilient cyber ecosystem. Let’s continue our effort to create more opportunities and mentorships to encourage even more ladies in joining us in this field.