I work with the most brilliant team and a supportive manger. My boss, Sasenka Abeysooriya, has written a great article explaining how data governance is essential to cybersecurity. I am supported and encouraged to take every opportunity I can to build new skills and grow professionally. Since taking this role: I have started presenting to staff at UQ on cybersecurity awareness along with our cybersecurity manager; managed our data and cybersecurity awareness campaign;
Shelly Mills Program Coordinator & Business Analyst The University of Queensland
assisted in conducting a comprehensive threat analysis on UQ’s data and information, which in turn informed UQ’s data handling procedure. All these activities have been enabled by the work I am leading in the information security classifications space. At the time I started at UQ, Mandy Turner also joined as CSOC manager. She is a true champion of diversity, and a brilliant, talented mind. She always encourages you to think creatively, approaches
I
scenarios from different angles, and empowers people to use their strengths in their roles. I have ’m a business analyst and program coordinator
seen our CSOC really strengthen under her leadership,
in the data strategy and governance team at
and she provides an environment where our amazing
the University of Queensland. That at least is
analysts are supported to make full use of their
my title. In reality, my role is much wider. I do a
abilities.
bit of everything: project management, change
management, communications and business analysis activities to develop practices and processes concerning the formal governance and management of UQ’s data assets, and maturing UQ’s information management capabilities. This includes: privacy and consent management, data accessibility, metadata management, data ethics, data security, data literacy, and providing operational advice and support as a data governance subject matter expert as the field of data governance continues to mature. I also run our data security and cybersecurity awareness campaign, manage a project to roll out Office 365 Sensitivity Labels, and have recently begun assisting our information architect with data modelling. We work with the Cybersecurity Operations Centre (CSOC) to complement our respective areas of work and goals.
38
WOMEN IN SECURITY MAGAZINE
I would describe the culture of my team as supportive, hard-working with balance, innovative, friendly. In a word: great. I would say my team is an exemplar of gender equality and my boss certainly drives and champions this. I think diversity in every form will always bring benefits in terms of new ideas, perspectives and approaches. So, in that sense I certainly believe closing the gender gap will bring positive improvements. I’d love to see all areas embodying true gender equality and diversity. I think we face the same cybersecurity challenges as many workplaces, primarily; culture and awareness, and budget for cybersecurity staff and tools. A key concern for me is security around IoT devices. I took my current role after leaving my previous job in cybersecurity projects, which included a focus on cybersecurity awareness. When I started in that
