tech workforce generally, and in security, in particular. According to a Petersen Institute research initiative this amount could be as much as $US12 trillion per annum. So, inequality is costing everyone. Lack of gender diversity, and of diversity of thinking, will have an impact on capability, without question. However, simply employing more women is not the
Jo Stewart-Rattray Director of Technology & Security Assurance for BRM Advisory
answer. They must be given the same opportunities at the same rate of pay as their male peers. Inclusion is exceptionally important as part of this journey toward equality. In circumstances where I need to keep the permanent full- time headcount low I like to use appropriately credentialled and experienced external resources. As I have been in the game long enough I have developed a strong, but small network of trusted advisers who I
I
work with. I have developed a strong collaboration with my head a South Australia based advisory practice,
colleagues in Facilities, Risk and Privacy across
BRM Advisory, focussed on technology
security and infrastructure, and we work closely on a
and security, but since 2019 I have been on
number of fronts.
secondment as chief security officer to Silver Chain Group, a provider of in-home health and
aged care services with over 100,000 clients across Western Australia, South Australia, New South Wales, Victoria and Queensland. and I’m responsible for all things security across the organisation. I report regularly to the board’s audit & risk committee and I work very closely with the head of risk and assurance to make sure that cyber is captured as part of operational risk, given that it can easily be material in nature. Silver Chain is big, complex and national. We have nursing stations in some very remote locations in rural, regional and remote Australia. One such nursing station is three hours by boat from the mainland. Connectivity is an issue, to say the very least. Filling roles in cybersecurity is always a challenge, as is finding the right person for each role, particularly because I want a good cultural fit as well as a strong skill set.
34
We have approximately 2000 staff members permanently on the road using nothing but mobile devices. So the pandemic did not really affect that part of the operation, but we did have a challenge to move our two 24x7x365 call centres off site and into people’s homes! Technology is essential to what those 2000 mobile staff members do, but it’s not a core part of what they do. So the human factor and education is very important for cybersecurity. We also need to remember that in organisations where technology is not the core of the business special attention must be given to the human factor and education must be appropriate and delivered using multiple modalities to ensure that we reach everyone. But it’s not only those field workers who need to be security-conscious. We need to ensure that, from the top of the org chart all the way down, appropriate education and awareness raising activities are in
Also, we know that organisations are leaving $$$s on
place. This is particularly important given the evolving
the table by not employing more women across the
nature of the threats we face in the cyber world.
WOMEN IN SECURITY MAGAZINE
