Welcome to the spring edition of Sync NI magazine
Withthe UK’s flagship CYBERUK conference in Belfast this month, cyber leaders from the National Cyber Security Centre (NCSC) – part of GCHQ – and the Northern Ireland Executive Office have praised the scale of progress and ambition of the region’s cyber ecosystem, highlighting that over 100 companies with cyber security operations, ranging from start-ups to multinational corporations, are based in Northern Ireland.
This is yet another milestone for the region which marks progress towards to a single, simple, ambition. That there will be 5,000 cyber security professionals in Northern Ireland by 2030.
We are getting there. Our recently published NI Cyber Security Snapshot 2023 highlights that there are now 2,700+ cyber professionals in the region supporting over £230m direct GVA to local economy. The average advertised salary in 2022 was £53,000 making it a highly attractive career for local talent.
In my 11 years at CSIT, my team and I have consistently focused on the potential for regional economic impact. Reaching that target will demonstrate that our research and impact was strong, the education programmes and resultant talent pipeline were equipped with differentiating knowledge and capabilities that grew indigenous companies and attracted world leading Foreign Direct Investment to build a thriving ecosystem spanning sector specialisms such as:
q Identification, Authentication and Access Control,
q Risk, Compliance and Fraud,
q Securing Applications, Networks & Cloud,
q Threat Intelligence, Monitoring, Detection and Analysis,
q Operational Technology (OT) Security & Connected Devices,
q Managed Security Service Provision (MSSPs) & Advisory Services
Northern Ireland has been fortunate to have forward thinking leadership in industry and the public sector that has adopted this ambition and sees the opportunity that cyber security presents. As a member of the Northern Ireland Cyber Security Steering Group, I have seen first-hand how key stakeholders are co-ordinating to deliver.
Foreword
David CrozierHead of Strategic Partnerships & Engagement at the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast
NI Cyber - A cluster of companies developing worldleading cyber security technologies is ensuring that industry is working together to share knowledge, best practice and address this global opportunity for the region’s benefit. That effort is also vertically aligned with the UK National Cyber Strategy. There is close collaborative work with the NCSC, Northern Ireland Office, and other UK Government Departments all supporting that activity locally. That 5,000 cyber professionals target is also a UK Government Commitment in New Decade, New Approach and it has backed up that with investments announced recently.
We must not rest on our laurels, however. Geopolitical tensions mean that the threat landscape is constantly evolving. The rapid pace of innovation in areas such as large language models and Artificial General Intelligence mean those threats are scaling and evolving too. Securing AI’s themselves represents an emerging challenge.
In February 2023, CSIT secured an £18.9m investment in the region’s cyber security ecosystem, including £11 million UK Government funding through the New Deal for Northern Ireland, to help develop a pipeline of cyber security professionals in NI and provide collaborative research and development opportunities with industry through the creation of a Cyber-AI Hub.
This is also supported by £3.3m of funding from the EPSRC, to deliver the third phase of CSIT’s IKC programme, focused on “Securing Complex Systems” cementing its position as a world-leading centre for research and innovation until 2027. CSIT is located in Queen’s Global Innovation Institute which has also just secured significant expansion funding from the Belfast Region City Deal.
I am delighted that CYBERUK 2023 is hosted in our home city of Belfast this year. This event is a fantastic opportunity to showcase the cyber security ecosystem in Northern Ireland, to engage with global partners, and to promote knowledge sharing in this area of strategic national importance.
About Sync NI
Sync NI is proud to be the voice of Northern Ireland’s vibrant technology and business sector.
The Sync NI website and magazine brings readers the latest tech and business news, views, jobs and events in Belfast and beyond.
Sync NI Contacts
Editorial
Phone: 028 9082 0944
Email: team@syncni.com
Advertising & Partnerships
Phone: 028 9082 0947
Email: louis@syncni.com
General Enquiries
Sync NI
Rochester Building 28 Adelaide street Belfast
BT2 8GD
Phone: 028 9082 0944
Email: team@syncni.com
Online: www.syncni.com
Copyright No part of this publication may be reproduced without the written permission of the copyholder and publisher. Sync NI accepts no responsibility for the accuracy of contributed articles or statements appearing in this magazine and any views or opinions expressed are not necessarily those of Sync NI, unless otherwise indicated. No responsibility for loss or distress associated to any person acting or refraining from acting as a result of the material in this magazine can be accepted by the authors, contributors, editors or publishers.
Sync NI does not endorse any goods or services advertised, nor any claims or representations made in any advertisement in this magazine.
28 Why Northern Ireland is a world-leading cyber security hub
30 The Software Alliance: The voice of the software industry in Northern Ireland
34 CME Group’s Conall Bennett shares the latest developments in serverless technology
36 Version 1 celebrates 1 year of Global Women in Technology
38 Can data be the answer to everything?
42 Citi’s recognition for LGBTQ+ inclusion leads the way for other businesses
44 Changing the ideas and misconceptions around IT in schools
46 Healthcare and data sensitivity: It affects us all
48 Breaking the mould in cyber security
The many doors to Cyber: Choosing your path to the cyber security sector
Open University’s Chitra Balakrishna explains the wide array of courses they offer for cyber security and her role in the UK Cybersecurity Council
q Why is there a skill shortage in Cyber Security and why have women not traditionally considered careers in the sector?
Numerous statistics point to a severe shortage of cybersecurity professionals and this skills gap is a global problem. There are over four million cyber security jobs unfilled each year around the world and a recent survey by the Department of Science Innovation and Technology indicates there is a proportional shortage of cyber security skills within UK.
This skills gap is largely being driven by the huge increase in cyber security threats over the last five years due to so many new devices connecting to the internet, without any real thought being given to the security consequences of those technologies, applications and devices. This exponential increase in threats requires more skilled professionals to fix the problems and address future risks.
Cyber security is predominantly a male workforce, so it is very important to remove entry barriers for women who want to
work in the industry. One way to do this is by demonstrating that cyber security is a discipline that requires a wide range of technical and non-technical skills. Cyber security as a sector needs more women for its own good. Protection and safeguarding are traits that are intuitive to many women and will be a natural fit in cyber security roles, helping them thrive in the sector.
The skills gap is further compounded by the fact that cyber security has an image of being 'geeky', ‘highly technical', ‘complex’ and even ‘dark and mysterious’ leading to a relatively small uptake of cyber security-related degrees and careers.
The shortage of professionals coming into the sector also indicates that we are not recruiting from a broad enough pool, often overlooking the skills of women, ethnic minorities, and neuro-diverse individuals. The digital world is all pervasive and consequent cyber security challenges will be varied and diverse, requiring a diverse workforce to effectively address the issues.
q As head of the Open University cyber qualifications, you are also involved in the UK Cybersecurity Council. Can you tell us more about why it was created, what its purpose is and what it's hoping to achieve? Cyber security as a profession only emerged in recent years and is still not a recognised discipline like engineering, for example.
The UK Cyber Security Council promotes and stewards nationally recognised standards for cyber security in support of the UK Government’s National Cyber Security Strategy.
Right now, there is a need for a professional body that brings together a variety of players including training bodies, accreditation bodies, certification providers, industry players and academic institutions that offer cyber security as a degree qualification. All these players require streamlined guidance to take the profession forward to make cyber security a more established profession with welldefined pathways.
As a member of the Board of Trustees, I work quite closely with multiple working groups within the council and one of my first tasks was to define 16 specialisms as part of streamlining cyber security career pathways and offering routes into and through the profession. It's a flexible definition that individual practitioners, current or future, can use to plan out a possible career, in effect a sort of map for people to navigate the profession. These specialisms include areas such as cyber security generalist, cryptography, communication security, cyber security governance and risk management.
q How does your research around Serious Games concepts and behavioural analytics help with training and education?
My research has shown how Game-play coupled with behavioural analytics can help personalise cyber security training
so that it can adapt to the end-user’s current security behaviour and their individual perception of risk.
One of my goals is to demystify cyber security for students, large businesses and the wider population. I'm passionate about changing the way we teach cyber security and firmly believe cyber security is now everybody's concern as we are all going to be affected, influenced and impacted by the cyber security risks of this digital world we live in.
95% of cyber security breaches are caused by human errors and the average cost of these cyber security breaches is more than $3 million, but are humans really the problem? Most businesses have invested in cyber security awareness programs to train their workforce, but these training programs are often dry and non-engaging for the end users. Businesses use it as a tick-box compliance-based exercise without there being any demonstrable reduction in risks caused due to human factors. These training programs offer no insight into the security behaviour of the workforce or why humans behave the way they do in a given cyber security context. Different people perceive risk and security differently. Perhaps humans are not the problem but our inability to understand and empower them is!
Serious Games concepts and behavioral analytics can help us to assess and influence security behaviour among the adult population. People behave in a certain way in a given cyber security context and once we understand the current behaviour and the reason for their behaviour, we can then create personalised training and education for them.
q What Cyber Security courses and qualifications does The Open University currently offer?
The Open University Department of Computing and Communications has a very strong cybersecurity academic group with over 16 senior academic
members with vast experience and wide areas of expertise. We offer a variety of cyber security courses, from formal undergraduate and postgraduate qualifications to informal micro-credential courses and badged courses on our free learning platform, OpenLearn.
With over 3500 students studying our undergrad qualifications and over 100 students in our postgraduate courses, The Open University is the country's single largest cybersecurity qualification provider. Our courses cover the three sought-after streams of computing namely networking, cybersecurity and digital forensics. The program is well-balanced between Theory and Practice with a strong technical focus and centers around the relationship between technology, people, processes and the physical environment and related cybersecurity issues. On completion, students will be able to pursue a wide array of career pathways within public and private sectors, charity sectors, and technology and nontechnology domains.
In addition to formal qualifications, we offer free badged courses on the OpenLearn platform. The Gamified Intelligent Cyber Aptitude and Skills Training course is one of the most popular with over 100K+ learners. We also offer micro credential cyber security courses on the Future Learn platform to help prepare students for the Cisco Certified Network Associate (CCNA) Cyber Ops certification.
The Open University has a legacy of making learning accessible to students whose life circumstances may mean traditional study routes just aren’t possible for them. While many of our students choose to study full-time and work, we have a lot of part-time students who pace their studies around their own life commitments. The Open University prides itself on being open to everyone and offering flexible study that fits around your life.
q You have been with Rapid7 for almost 6 of the 9 years since the office was established in Belfast. How has the Cyber industry evolved over this period?
Rapid7 Belfast has evolved massively from just 100 people to currently over 350 engineers spread across eight floors in a newly refurbished office. From a cybersecurity perspective and from a software perspective, we've seen a continuous evolution of threats and attacks. It’s our goal to stay ahead of the curve so to this end we have continuous deployments of more up-to-date software and products. For example, in December 2021, we saw the widespread, global impact of Log4Shell across the IT and software industries. Our teams were on hand to proactively jump into action and help customers mitigate their security risk.
We can all see that as things have progressed, hackers are getting smarter. It's getting easier for them to attack organisations, and those organisations are becoming more and more aware of their need to be secure. They are looking at companies like Rapid7 to help them highlight where they may be vulnerable and that's a continuous train that just keeps on rolling. By the very nature of the business we are in, we are always looking at what the next asks are from our customers and how they can mitigate their threats.
q As Senior Director of Engineering, is there such a thing as a typical day in your current role?
I tend to wear many hats in my current role. At the core of this, I'm a facilitator to the team. This means helping them by removing blockers and resolving issues to allow them to execute and drive impact on a daily basis. We actually have a saying here that I think sums it up best ‘We hire smart and intelligent people so I can keep out of their way while they get the job done’.
More generally, the typical day for me involves planning and looking at project execution; working with different stakeholders and meeting with customers as well as looking at the strategic vision for our company. Right now, I’m involved in our intern program and our growth strategy for 2023 and 2024. My role is ever-changing which in itself is what makes it so interesting and enjoyable, and is why I'm still here.
Neville O'Neill, Senior Director of Software Engineering at Rapid 7, shares how Belfast is leading the way for cyber worldwide
How has Rapid7 evolved after nearly 10 years in Belfast?
Rapid7 nearly Belfast?
q Cyber attacks are becoming ever more pervasive, what solutions do Rapid7 provide to counter these threats?
Rapid7 offers powerful, practitioner-first security solutions that deliver bestin-class technology, a unified cloud platform, and industryleading research and expertise. Our technology, services and communityfocused research simplify complexity for security teams, helping them reduce vulnerabilities, monitor for malicious behaviour, investigate and shut down attacks, and automate routine tasks.
Our threat detection and response offerings, InsightIDR, Managed Detection and Response (MDR) and Threat Command, help customers detect, assess, and respond to emerging threats in their environments. Our cloud security offering, InsightCloudSec, gives customers visibility into vulnerabilities in their cloud-hosted applications and environments.
Our vulnerability risk management solutions, InsightVM and InsightAppSec, provide our customers with visibility into vulnerabilities within their environment. It also gives them peace of mind that the products and assets that they have in their environment are patched and secure, eliminating the risk n of exposing sensitive information to potential attackers.
q Northern Ireland has become a global cyber
security hub and the #1 international investment location for US cyber security firms – why do you think this is the case? We've seen such incredible growth in Northern Ireland over the last 10 years In both cybersecurity and development. I think one of the obvious factors for this is the talent we are producing from the universities. This is in part due to the existence of such a good partnership between the local universities and the cyber companies that are local within Belfast. The success of these partnerships has allowed for growth on both sides.
At Rapid7 we are working with the universities at a grassroots level to highlight what we're seeing in the industry, and the universities are taking that feedback and then tailoring their courses accordingly. We’re also working to bring more diversity into the industry as the IT, software and cybersecurity sectors have so many opportunities for people of all backgrounds, genders and identities to come together and collaborate to drive innovative and impactful solutions.
q The Cyber sector is growing rapidly, what advice would you give to anyone wishing to pursue a career in this field?
Information has never been easier to get. In particular, I would advise people to take a closer look at all the meetups happening all over Belfast that are talking about the latest technologies and
cybersecurity issues that are happening. There are regular cybersecurity seminars in Belfast that are often free to attend where people can listen and then meet up and network afterwards. Rapid7 is also planning to host meetups throughout the year to talk about different technologies that are coming as well. We also are going out to more and more schools and universities to talk with students to highlight what cybersecurity is, what software development is, and the benefits of pursuing a career in these fields.
q In the past Cyber had a reputation or almost a sense of being boring. Is that really the case? Cyber is certainly not boring, and sometimes I think Cyber is dramatised a bit on television. However, there are definitely challenges within cybersecurity that make it insanely interesting. There is nothing better than the satisfaction of finding a vulnerability or finding something that you can better protect. With regards to vulnerabilities, that’s a 10 out of 10 in our industry. There is a huge degree of satisfaction from the engineers here when they work on getting patches available so that we can tell our customers if they were vulnerable, where they were vulnerable and what the mitigation steps are to fix that vulnerability. For me and my team, that's a really good, satisfying feeling so I don't think cybersecurity is boring at all. Yes, it has its daily challenges, but that’s actually fantastic in my eyes.
q At what stage during your education did you decide to work in tech and what were the main influences for this decision?
When I started my A-Levels, I had no idea what I wanted to do. I studied IT, geography, religion and maths. At first, it was such a random combination however I very much enjoyed IT. I think the main influence for me would have to be my former teacher, Mrs McElroy. Her husband was a software engineer and he said for someone with my outgoing personality and communication skills, I could really do well in a field like tech.
q Before graduating from Queen's University with a First Class Honours in Computer Science you spent 12 months as an intern with Rapid7 before returning full-time. How valuable is the internship experience for undergraduates?
A placement year is invaluable and I can't express enough how much I learned in my year here. Obviously, in university you learn the fundamentals and the logistics behind everything, but once you get into the industry you start learning on the job. I probably learned more in three months than I did in the first two years of my degree.
One of the other things about our internship is that we were taken very seriously and always treated as a member of the team. We hit the ground running with the code and I was worried at the start that it would be such a big step up technologically. From day one, all of my team members took the time to go through the programming and talked me through our entire code base.
We also had access to different learning platforms like Pluralsight, so anything I did come across that was new I was able to do training courses paid for by the company. That support really helped with the learning curve.
The comparison between those in our class who'd done placement years
against the ones who didn’t was night and day. We were more advanced because we had been learning on the job for a year. All of that really helped us with our final year project, and also in terms of time management, communication skills and accountability. Things that you learn from being in the working world that I wouldn't have experienced previously.
q Starting a first job in a multinational global corporation would be a daunting experience for many young people. What sort of support and mentoring did you receive? With Rapid7 it was clear from the outset, even through the hiring process, that the culture here is a huge part of the company and everyone really looks out for one another. Obviously, I was nervous going into my first day but straightaway everyone makes you feel so comfortable. Plus, there were loads of events set up for us to network with other people in the office.
From when I started my placement year to now, I have bi-weekly one-to-one meetings with my team lead to make sure that everything is on track and that both he and I are happy with how everything is progressing.
We also have a really strong community of women in Rapid7 including our Women Impact Group and Belfast girls. These are communities where we can talk about anything from a conference that's coming up, to more personal things. This adds another layer of support and community.
q There is a misconception that working in technology is maybe not as exciting as other sectors. How would you respond to that?
I have to disagree. I know that from the outside looking in, a nine-to-five office job in tech doesn't seem like the most exciting job in the world but there are just so many different aspects to it. It's constantly evolving and every single day we are learning something new. I
think what makes it really exciting is that you can't stand still in tech as you have to always be learning and always advancing.
There's so much more to technology than I could ever have imagined. I'm a software engineer and within that, you can be front-end or back-end, or you can be full stack. Each of those things have hundreds of languages that you could do, so if you don't like one you can move on to the next.
There's much more to tech than software engineering such as data analysis, user experience engineers and user experience designers. In fact, there are literally hundreds of jobs that fall under the umbrella.
q As a female working in a maledominated sector, what would you say to other young women who might feel intimidated to follow your path?
It can be intimidating to be a minority in any sector but what struck me is just how strong the community of women in STEM in Belfast really is and it is just growing and growing. There are so many outreach groups, events and even conferences popping up in Belfast. I would encourage anyone who is considering the field to go to some of these events because they're such safe spaces for learning and networking.
I actually had the opportunity a couple of weeks ago to represent Rapid7 on a panel for young women in STEM who were thinking about pursuing a tech career. We all just shared our advice and our experiences in the industry so far and it was all very relaxed and everyone is so supportive of one another. I think that regardless of gender, everyone has something to bring to the table. Everybody has their unique perspective and their unique skill so if you're confident in your ability and confident in what you can bring to the table, then it's definitely something that you should go for.
The rise of low-code and hyper-automation
eir evo’s Paul Gilbride explains what low-code can do for your business and his advice as Microsoft partner of the year
q As Head of Emerging Technologies at eir evo, what do you believe is the most significant technology trend or development that will have a profound impact on businesses in the next 3-5 years?
Generative AI is the most obvious trend that immediately springs to mind, particularly in its current form being generative AI. This is certainly a foundational technology upon which other technology will be built.
In the broader view, AI is another way to manage Intelligent Automation and from what we have seen in the real world, it’s not a simple case of what you can automate but actually, the speed at which you can automate. So for me, hyperautomation is the next big emerging technology and it's all about how fast we can innovate and with what technologies. AI such as chat GPT, low-code composable applications and
RPA are all part of that hyper-automation strategy within emerging technology.
q As Microsoft Partner of the Year, can you explain what Power Apps is and how it fits into the overall landscape of hyper-automation and digital transformation? Power Apps is a form of low-code technology and in simple terms, the code has already been built, it’s essentially available in modules and you can pull in different things at different points to build an application, where previously you would have had to fully code it. What that actually means is that basically, people have gone before you and have created elements of an application or process and you're reusing that to speed up development time by about 70%. It’s a Microsoft Office 365-based solution and completely integrates with a number of applications such as Teams and Outlook.
q What are the common use cases you’ve seen for Power Apps in businesses today and how have they helped improve productivity and efficiency?
The most common Power App applications would typically be approvals and requests. These days, everybody has to get a process approved and through automation, we can speed up these processes. So for example, if the finance department needs to approve something and your line manager needs to approve it before that, then low-code technologies can build it and get all that automation done really quickly for you. The same applies to requests processes such as the need to request a new piece of machinery or something like leave or a travel request, and these are very common areas where the technology is deployed successfully.
Another good example would be in the healthcare sector where lowcode technologies really help with the referrals process because it effectively automates a lot of those processes that dramatically improve patient times to care. This also applies to compliance and audit applications. People get audited on a regular basis so when multiple stakeholders need to be involved in an audit process, we can build an application that comes back with all the correct information in a timely and efficient manner.
q Low-code platforms are often perceived to suit the development of simple or small-scale applications. What would you say to those who may underestimate the potential of low-code and how can organisations leverage platforms such as Power Apps to build complex and missioncritical applications?
Enterprise full-code stack development for many years has been the established method of building applications however, in the past two to three years this has changed significantly as the technology has evolved so much. Today, low-code technology such as power
apps has advanced so much that eir evo have deployed critical business applications into large-scale enterprise organisations, not just on the Island of Ireland but globally.
We've deployed mission-critical lowcode applications into some of the largest organisations in the world. The logic and the theory is that you already have one of the most secure application platforms available in the Microsoft Office 365 stack so once you go through the rigors of full-code security with your low-code application, you actually solve a significant number of the challenges that were traditionally faced by lowcode.
q Security and privacy are top concerns for organisations today. How do Microsoft Power Apps ensure that data is secure and protected from potential threats? Microsoft spends over a billion euros a year on security and privacy within their Cloud ecosystem, named as one of Gartner’s top cloud security vendors. So basically if anybody uses Outlook, SharePoint, MS Teams or any of those technologies that exist, you can be sure that Microsoft has invested significant levels of time, effort and expertise into securing that. They have multiple white papers on security, the protection of IP and the protection of data from a GDPR perspective across many different elements. Basically, you're building inside that platform and you get the peace of mind to know that Microsoft has invested massive amounts of money into security and it all sits inside the Office 365 platform guaranteeing it's secure from that perspective as well.
q With the growth in low-code/ no-code app dev, how do you see the role of traditional software development evolving in the future? I would say Full-Stack Developers are potentially going to become some of the most important people in the lowcode revolution. It won't just be lowcode into the future, it will be a bimodal
approach to development which means that we have applications that could be 60% low-code but 40% traditional development model. That's the model that exists, they are symbiotic and work in a bimodal way with development. So when looking at delivering a particular low-code solution, you need to do constant development for specific reasons such as within a pharmaceutical production environment and we still need to do that. For fullstack developers, low-code is actually making it easier for them to apply their expertise.
q What advice do you have for organisations who are just starting to explore the possibilities of Power Apps and Automation and how can they get started with these technologies?
My advice comes straight from Einstein and might seem a bit outlandish but I use it everywhere, only because I believe in it so much! Einstein said if he had 60 minutes to save the world, he'd spend 50 minutes figuring out what the problem was. With low-code power apps, it’s important to have a really intense session on all the questions around licensing, governance, delivery, security and everything that goes with that. It's important so that you don't take a year to figure out what low-code is when you can literally figure it out in a week.
From our side, we actually offer master classes specifically in figuring out what low-code is and how to use it. We explore the restrictions and what back ends to use from a data perspective, so over two days we can answer all your questions and then you will know what your strategy is. For most companies, it can actually accelerate and hyperautomate their whole advancement into low-code technologies by up to 18 months. It speeds up people's time to actually start to automate because they understand the technology quicker. It’s the fastest way to empower change in your organisation.
Assured Skills Academies help make IT a sector for everyone
Orlaith McEneaney, Analyst at KPMG Ireland, shows how the programme helped her achieve her dream of working in tech
If you’re unemployed, underemployed or want to change careers, the Assured Skills programme offers pre-employment training to get the skills you need for the job you want.
Fully funded by the Department for the Economy, Assured Skills is a demand-led, pre-employment, industry-focused training programme, helping individuals gain the skills needed to compete for guaranteed job vacancies with Foreign Direct Investment companies as well as new and expanding locally based businesses. It simultaneously assures investors, creating new employment in Northern Ireland, that the skills they require will be available.
In the last three years, the programme has upskilled, 1606 individuals across 94 academies, resulting in 1406 people obtaining full-time employment, representing over 85% graduation to-hire rate. Assured Skills academies have been instrumental in supporting a range of individuals, including unemployed and under-employed people with the opportunity, through intensive training, to set themselves on new career paths.
Employers involved in the programme are exciting, highgrowth companies looking for people with drive, a positive attitude and determination to succeed. The Assured Skills programme has proven successful for people wanting to start careers in IT. Previous graduates have secured full-time jobs in data analytics, software development, software testing, cyber security, games development and other IT roles.
In 2021, KPMG launched a strategy to grow a new Centre of Excellence in the heart of Belfast that would attract local technical talent and provide an environment for them to grow and thrive. As part of that strategy, KPMG worked closely with the Department for the Economy and Belfast Metropolitan College to define an industry-leading Data Academy.
Orlaith successfully completed this ten-week Academy between April – June 2022 delivered by the Belfast Metropolitan College. Upon completion of her training had an interview with the KPMG Applied Intelligence leadership team and successfully gained employment as an Analyst.
q How did you first hear about the Assured Skills Academy and what inspired you to apply?
I spotted the Academy on Instagram one day, just as I was beginning my job hunt. When I saw the advertisement for the KPMG Applied Intelligence Academy, I swiped up, read through it and thought that's definitely something I want to apply to.
I studied Politics, Philosophy and Economics at Queen’s University and graduated during COVID but I wasn't sure where to go career-wise, so I stayed on and completed a Masters in International Public Policy.
My dissertation focused on how the UK and the Australian Governments were handling big data and the deployment of artificial intelligence, before adopting it within the public sector. I found the topic incredibly interesting and uncovered an ambition to get into tech. The challenge was I didn't really know how to code, and I didn't know what I had to do to get a tech job. I watched a lot of online videos on coding for beginners but wasn’t sure if that is what tech companies wanted or needed. This is where the Assured Skills programme really helped.
q What was your experience of the process and how difficult did you find the Academy?
The whole Academy was well structured. It started at a beginner level with Excel and Data Fundamentals before progressing to more intermediate levels with Python and other coding modules. The instructors were always very patient and supportive.
We learnt a lot very quickly and I felt like I had completed a
university degree in those ten weeks. For the exams, some were more difficult than others, and I guess it depends on what your skill set is and what you liked the most. While there were a couple of exams I did find difficult, they were not impossible to pass.
q How did the Academy prepare you for work within KPMG?
Another great thing about the Academy is the additional focus on soft skills including presenting, creative thinking, communication, and business acumen, which are all key skills in the workplace. On the first day, you present who you are and introduce yourself to the team, which immediately demonstrates the importance of communication.
The Academy is in partnership with the firm, so they are also part of the process. Every few weeks, KPMG Managers and Consultants would join topics, and we would present to them. They would then provide
valuable feedback. We also had the opportunity to visit the KPMG Belfast office and meet members of the Applied Intelligence team. It didn’t feel like going into a new workplace as a newbie, as I already knew five or six people, so going from the Academy into a new job felt seamless.
q What does it feel like to be working ‘in tech’?
It feels exciting! There's always so much going on and it's such an expanding sector. No matter what your interest is, it's always linked to tech in some way. I think what's great about the Belfast Centre of Excellence is that so many people in our office came through the Academy and everyone has different backgrounds. We have people that were in Archaeology, Computer Science, and then Social Sciences like me, and everyone brings something new to the table. It's a diverse team and even though we're all in one sector, we all have different personalities and I think
that's great.
q What advice would you give to anybody considering a career in tech?
I would say go for it! No matter what your interest is, whether that's Health, Finance or Sport, there's always going to be a connection to tech. If you don't want to put yourself in a box for your career, tech is a good place to go because there's so much room to grow and move.
To find out more about the Assured Skills Programme and the current opportunities available visit www. nidirect.gov.uk/assured-skills
This article has been sponsored by the Bring IT On programme, promoting opportunities and career pathways into the IT Sector in Northern Ireland – www.bringitonni. co.uk
Apex Fintech Solutions believe cyber security is the key to incomparable wealth management
We sat down with Jaimin Shah, their Chief Information Security Officer, to learn about the state of cyber security today
q Can you tell us about your role?
As the Apex CISO, I am responsible for our enterprise security programs with a focus on today’s increasing cyber threats. I also make sure our security initiatives align with our vision of democratizing access to investment opportunities.
As a cyber security professional, I have a crucial role as the defender, protector and guardian of the digital world — and it’s one I take seriously. I have the pleasure of being a trusted advisor to our leadership, and I have an exciting opportunity to contribute to the growth of our company with innovative solutions.
q Why is cyber security so important?
Just look at our daily lives. We are becoming more reliant on social media, apps, and the Internet of things. As individuals, we have large digital footprints and they’re growing rapidly. As our digital lives expand, we need to safeguard against threats, which include cyber-attacks, fraud and other malicious activity.
For companies, protecting their ever-expanding digital footprints is vital. Digital security plays a crucial role in safeguarding the company and its brand reputation. Everyone including companies, governments, and individuals, must work to create a safe digital landscape. For me, it’s a very personal responsibility.
q How do you future-proof cyber security within the fast-paced financial securities industry?
To future-proof any industry, it’s crucial to take a proactive and holistic approach. Start by emphasizing a culture of cyber security with your people. Educate them and empower them to take an active role in protecting the company’s cyber security. It’s what we do at Apex and by sharing responsibility for security, we’ve created a culture of vigilance.
Then, create a robust incident response plan. In today’s world, a quick recovery can help companies overcome and repair any damage that may have occurred. This response plan must be
believe that to providing management
calculations such as the data processing that we handle at Apex. Shifting to this new paradigm will certainly change the nature of cyber security as we know it today. Of course, cloud computing is still on the rise, requiring new types of encryption and other security measures.
I would ask all security leaders to prioritize their cyber security efforts especially when it comes to ingraining a culture of security across their enterprises to protect their people, their assets, and customer data.
q What attracted you to Apex? What was exciting? Honestly, I was drawn to the company culture. I did a lot of research before my interview and discovered that the Apex core values basically aligned with many of my personal values and beliefs. That was a key deciding factor. Plus, the role offered me a unique opportunity to make a tangible impact on many organizations.
example, there are a lot of free resources for people who are willing to learn, such as local events and online information. The cyber security world is extremely friendly and supportive — it’s easy to network, ask questions, get insights and find mentors around the world.
The key to success in this field is a dedication to continuous learning. In this career, you are constantly investigating new technology and challenges. A lot of people are surprised that a technical background is not a requirement. In fact, the more diverse our teams are, the better our work is and better work is extremely rewarding.
q Why would you encourage cyber security pros to join Apex?
well-defined and well-tested so fast action can be taken.
Third, invest in technology that provides world-class cyber security. An internal security team needs to keep up with new threats and the technology that can help improve their security posture. I recommend joining industry groups and keeping an eye on emerging trends.
q What do you think cyber security will look like in the next 10 years?
It’s very hard to even predict what is going to happen next
year, never mind 10 years! But one thing is certain: technological innovation will continue, and cybercriminals will evolve their strategies. As for the next decade, Artificial Intelligence and Machine Learning will play a larger role in cyber security. We’ll have new ways to detect threats, conduct investigations and respond to incidents.
Another interesting development is quantum computing, which is also emerging as a powerful way to handle immense
Since joining Apex, I have been so impressed by the executive leadership and their commitment to their core values every single day. It’s super exciting to contribute to the overall success of this company.
q What advice would you give someone looking to get into cyber security?
In my opinion, cyber security is a noble, exciting, fulfilling and rewarding career path. The opportunities are abundant and you don’t need to invest a lot of time or money to get started. For
If you want to have an opportunity to put your fingerprint on developing the next iteration of cyber security, Apex is a great place. Our work in financial services is an ever-growing space which demands topnotch cyber security. We have a lot of important data to protect since we power many of the largest brokerages and investment companies — and their customers’ money.
I invite you to look at the job openings in our Apex Fintech Solutions UK Belfast office. This location is a critical part of our “follow the sun” strategy because it extends the important cyber security coverage we offer to protect the Apex brand and our customers.
Liberty IT recognised as one of the best workplaces for women
Senior Director of Talentq What are some of the initiatives Liberty IT has in place to ensure it’s a good place to work for
women?
At Liberty IT, we are delighted to have been recognised once again as one of the Best Workplaces for Women by Great Place to Work UK for the second consecutive year, having made a concerted and continuous effort over the last number of years to ensure we attract and retain great female talent.
We have an active Women in Tech
committee in Liberty IT which has introduced a number of initiatives to support our female employees. Alongside regular Women In Tech mingle events, which give female employees and their allies the opportunity to drop in and network, we have also set up Female Mentoring Circles and Buddy Schemes. All of these activities support our female employees in accessing and growing their internal networks and to avail of support from others while they grow their careers.
We also designed and rolled out the “The Power in Me” workshops for all of our female employees. These workshops aimed to empower our
female employees and offer support to overcome any perceived barriers to career success.
Alongside offering great flexible working arrangements, we are delighted to say that we have also recently revised our maternity policy and now offer all new mums full pay for the first six months of maternity leave, which will give added financial security to our female employees during this period of leave. Our “Family Leave Toolkit” supports new parents to prepare for their maternity leave and upon returning from maternity leave we also offer coaching from an external coach, which helps to make the “back to work”
adjustment easier.
q What more do you think needs to be done in the tech sector to ensure women are supported in the workplace?
Girls in school should be encouraged to explore a career in technology and those interested need to be properly supported. The tech industry can play an important role in this, but more work needs to be done earlier in education so we can increase the supply of girls studying Technology at third level.
Unfortunately, when girls do go on to study technology at third level, significantly fewer complete the courses than their male counterparts. We need to understand why this is happening and put measures in place to reverse the trend.
The industry needs more female role
models so that female students, both in school and third-level education, can see themselves working in the tech industry. At Liberty IT, we are proud of our female leaders and we are making a conscious effort to support and profile them – both externally and internally –as we know the important role we play in encouraging other females into the industry.
It is still the case that many women have additional caring responsibilities outside the workplace and like we have done in Liberty IT, the industry on the whole needs to provide flexible workplaces and the time and support to develop networks, skills and careers.
q What advice would you give to other managers/companies on how to become a better workplace for women?
Ask yourself what else you need to implement to become a better workplace for women, for example,
coaching, mentoring, and creating networks to ensure women have the environment to feel supported and thrive. We have found that running focus groups with our female employees, where we actively seek feedback has shown us where we need to direct our attention to.
Consciously ensure there is no gender bias in your people processes. Review job specs, implement gender diverse panels for recruiting where possible and allow flexible working patterns –as basic. Look at your family policies around leave, maternity and re-entering the work place.
It is also important to have vocal male allies for female progression and that leaders in the organisation are clear champions for DEI. Together these things make an organisation a safe and supportive environment for women to thrive and have great careers.
q Tell me a bit about your role and career background?
Well, it’s been a varied journey. I had my daughter in my early 20s so I didn’t start my higher education and career ladder until later in life. But that really hasn’t stopped me!
I graduated from University at the age of 31 and secured a graduate position with a well-known high street bank managing a team in their Mortgage Lending Centre. After eight years with the bank, I went into business with my husband, running an antiques and pre-loved furniture shop. Not long before the five year business lease was up, I started doing some additional temp work at the local University which ultimately led to my next full-time role. It was a compliance focused role overseeing attendance of the 6,000 strong International student base.
I then moved to Ireland, where my husband is from, and started a new career journey. First with a compliance role (to get my foot through the door) and then I retrained, with the company’s support, to become a Business Analyst which ultimately evolved into the role of Product Owner, which I do today – and I love it! Not that I consider myself to be ‘done’ just yet – there’s still some mileage left in the tank and I am always interested in learning and evolving my career.
I guess I feel lucky in many ways as opportunities have presented themselves as I have moved through my working life, but you can miss out if you don’t stay open to seeing those opportunities and taking a leap of faith from time to time.
q What made you decide to work at Liberty IT?
You’ve probably gathered from my career history that I like change and
variety (did I mention that I’d also taught aerobics and designed and sold kitchens – not to mention the obligatory bar work and waitressing during my studies??).
So there I was on another career precipice and ready to make a change. Liberty IT looked like a really great place to work – all the reviews I had read on the company showed that the company lined up well with the values that I hold dear - putting people first, investing in people, supporting and welcoming diversity, an enriching factor of any company, and also having an approach that didn’t shy away from embracing new technologies and exploring how they can be harnessed to deliver real customer value.
you develop your potential in whatever career path works for you at Liberty. What a great experience it has been!
q What makes Liberty IT a good place to work for women?
There is absolutely no sense that you are held back by being a woman at Liberty IT. And I do know what that feels like. Many companies pay lip service to supporting equality, in all its forms, while quietly still discriminating over who they give career opportunities to and whether they pay the same wage to a given individual for the same skills and experience.
There has been so much good work and progress in this area, but many companies still have far to go. For me, Liberty IT again stands above the other companies and Institutions with which I have had personal experience. Here I am paid a fair wage for my skill-set and experience and I do not see any barriers to being able to progress as far as my ambition and interests take me. I am not in the least surprised that the company has once again been named one of the UK’s Best Workplaces for Women.
Added to that, some of my previous colleagues, whose opinions and judgement I really rate, had already made the move to Liberty IT and were singing its praises loud and clear. I was sold!
I joined Liberty IT just last year, but you can judge a company pretty well in a short space of time and they have been head and shoulders above previous companies that I have worked for, in every way that really matters. From the really personable recruitment experience, to the supportive onboarding process, the great internal communications, the welcoming team and a manager that makes it clear from day one that they want to help
I feel genuinely excited about my future with Liberty IT and I’m even more excited now I am here, than before I joined – and that speaks volumes! I’m looking forward to getting involved in the mentoring programmes to ‘pay it forward’ by sharing my experiences to support others and to benefit from the support of others in return.
My key message to women out there would be that it is never too late to make changes in your career – if you have some bumps and stalls along the way, it’s probably just life opening up a new and potentially better pathway for you. You just have to have the courage to take it. Never stop learning and being curious and never let that voice inside your head that tells you you’re an imposter get the better of you! Life can be a marvellous and varied journey.
Tackling the tech skills shortage
David Collins, CEO of First Derivative, states how improved education and flexible
will be
to successfully overcoming the demand for tech talent in NI
q What makes NI in general and First Derivative, in particular, a global leader in FinTech?
I think the easy answer to that question is quite simply ‘Talent’ and this is why we put so much emphasis on Northern Ireland. We do so by connecting a very strong, well-educated talent pool, people with good attitudes, good work ethics and a desire to see the world and experience things. As a professional services firm, we provide services to
Fintechs as well as services to clients to enable other Fintech companies to land, expand and deploy their software and obviously there is a great deal of connectivity in that ecosystem. Having a great talent pool with good people is a huge benefit.
q As the Northern Ireland tech sector has grown exponentially, are we noticing a skills shortage? Yes we are, it really became apparent
last year post-COVID when we saw the great resign coupled with some of the X Generation starting to exit the market, at the same time many boomers also left the sector so the workforce has somewhat shrunk. The workforce is smaller as the demand for skilled capability is much higher, so I think we're entering a new paradigm of work that most of us have never really experienced before and we are going to have to learn to live with
working
key
global skill shortages. The market has got softer but actually, you wouldn’t say we are witnessing mass unemployment or announcements on job losses and even in the tech sector with the likes of Google and Microsoft laying off some of their talent, most of those people have found jobs relatively quickly. The market requires this type of talent so ultimately we are all going to have to learn to work in a world where we are going to have to do a lot more with less.
What is going to be really key for Northern Ireland is that we're going to have to start changing the nature of the work that we're doing to make it more highly skilled by supplementing the expertise with technology. We will need to make the technology work harder to do some of the simplistic tasks, which should actually be great for everybody because it means that the people then are left to do the more interesting tasks, the machines will do the boring tasks and it'll be higher value work.
q What do you think can be done to improve skills in the tech sector?
We need to look at education. For a long time the education system has been completely failing the modern economy, particularly in the UK. We're not teaching software development skills early enough in the educational system, we seem to be stuck doing things the way we’ve always done and it's
not evolving fast enough. The tech options available in many schools are extremely weak and it's almost like skill sets for older people, like how to use a computer. Children now are born with computers at their fingertips and they know how to use them. Using applications is easy and of course, they’ll work their way around Excel but in reality, we need to introduce them to coding much earlier so they get a better sense of what's possible. Of course, we need way more girls getting into it as well as there’s just not enough ever, anywhere. It’s a global issue that urgently needs to be addressed.
We need to recognize that the world has changed and it's very much tech orientated and people need to have a far greater education in core technical expertise, not using the tech but actually writing it. We've got to go all the way back to the beginning to make this work and recognise that we are talking about very long-term trends here, so changes we can make in the education system now might take ten years to feed into the marketplace. We have got to do it and yet governments don’t seem to be able to embrace the challenge.
q What pathways are available in First Derivatives to anyone wishing to start a career in FinTech?
As a business, we try to create multiple pathways through the system to ensure we attract people with a diverse range of skills
and experiences into the business.
For the sector in general, you can get exposure to FinTech in a lot of different ways. The most obvious way would be coding, so anybody with software development skills has a natural pathway into it but there are a whole lot of roles required for implementation, connectivity, design, frontend integration experts and system analysis and all sorts of different roles created around these. It doesn't matter if you didn't do computer science at university you can still find your way into this sector and different and diverse skills are required to bring everything together.
q Post-pandemic and new technology tools have changed traditional working practices – what does the future of modern working look like from your perspective?
That's a challenge that we're all going to be facing for a while yet, certainly within the main metro centres traditionally associated with a long commute into the office. People who can work from home will often say, "I'm not coming in because I don’t need to". Companies are now reluctant to try to force people to come in for fear their people will just walk, as it's easy enough to find another firm that will allow them to work remotely so people have made their choices really clear. All these trends were present before covid already but now they’ve just been massively
accelerated.
Hybrid working is actually very good for certain things like work-life balance as well as improved productivity. These days, most of us are feeling like we're getting a lot more done partly because we have swapped commute time and then split it with the company. While tech is able to substitute for those in-person meetings, chat systems like Teams or WhatsApp can do some of the things that the watercooler chat would do, they still can’t do everything. What I think we are missing, is connectivity to each other that we took for granted in the past and making sure that we're all going in the right direction.
One of the challenges I give my people is to meet with purpose so when you do come into the office, don't do the things that you do when you're at home. Do things that are different like retrospectives, sprint planning, design analysis, architecture reviews, problem-solving and demos. Some people underestimate the value of demos but showing others what you've been working on and what the outcome has been is really valuable. We have to learn to work in this hybrid world so that when we come in, we create real value and we energize each other by being together. Remote working definitely has a place and a value, just the same as coming together definitely has. We just need to find that balance to get the most out of it.
PA Consulting’s market-leading Data Diodes business
We caught up with Fraser Nicol, Partner at PA Consulting, to discuss their product business, Oakdoor
q You have worked in the Consulting trade for 24 years, how did you get involved in Oakdoor?
I joined PA last year because I wanted to get more involved in working directly with clients and helping them address the really big things that concern them. The last thing I expected to be doing at PA was running a data diode manufacturing business. I actually got to know the Oakdoor team because we shared a stand with them at last year’s Cyber UK, but I was still surprised when the opportunity to lead them came my way.
However, when I looked into what they do I realised that with our impressive technology we are helping clients safely do things they couldn’t do before – like gathering data from their operational technology or securing the cloud. What’s more, we have the capability to develop our software to really push the boundaries of what the diode can do.
q PA Consulting is known for being a Management Consulting Firm, where did Oakdoor originate and how does it fit with the wider business model?
PA has actually been in the product innovation game for a long time, and some of the products developed for clients by our Global Innovation and Technology Centre in Cambridge have been particularly impressive. This includes packaging for the drinks industry, ventilators for the NHS and even iconic electrical vehicle recharging points. However, what is new is our ambition to establish and scale product businesses in their own right, as opposed to developing products on behalf of clients.
PA is a fantastic place to incubate what is effectively a startup as not only do we have access to world-class engineering, sales and marketing talent, we have well-developed support services and can draw upon our consulting business for advice on everything from reward and recognition to organisational design.
Oakdoor sits within our new (as of 2023) Alliances, Platforms and Products business which is incubating a number of products businesses of which Oakdoor is the most mature, but which is followed by other exciting businesses like PulPak. We envision a time when 50% of PA’s revenue comes from our products businesses.
q What are Oakdoor Data Diodes?
Diodes control the flow of data between networks and this enables our customers to ensure that data flows are safe and so enables “untrusted” networks to talk to “trusted networks”. This is of tremendous use to parts of the government where data needs to be shared and communicated securely across networks. It is also of use in sectors like healthcare and manufacturing, where secure networks need to gather information from operational systems which may be less secure, in property management for the management of data coming from building access systems, in critical national infrastructure and also within financial services. Our 1G diode and Gateway products are designed primarily for on-premises IT solutions, while our 10G diode is suitable for supporting cloud-based services.
Oakdoor diodes sit at the heart of a wide range of Cross Domain Security (CDS) solutions and we develop software to support a wide range of use cases for our clients.
q In the wider cybersecurity industry landscape, where do hardware security solutions stack up against software solutions?
Put simply, diodes are cheaper and more secure than firewalls. They are almost impossible to hack and do not require security patches in the same way that firewalls do. While firewalls remain a critical part of overall network security, for enabling networks to speak to each other securely diodes are hard to beat.
Cyber Security has always been a race against well-funded threat actors. For example, technological innovations such as AI are used to both defend and attack organisations. “Hacking as a service” offerings are now commonplace. In contrast to complex and flexible software-based tools that give cyber adversaries abundant opportunities to exploit, hardsec controls are comparatively simplistic but hard to crack.
q Who makes up the Oakdoor team?
At its core, the Oakdoor team is made up of world-leading scientists and engineers, both product engineers and software engineers. Around this core, we have built a small but very busy management team, a service support capability, a manufacturing and production line, and a sales and marketing
capability. We are recruiting all the time and are looking to build up our engineering teams, pre-sales and support capabilities.
Everyone in Oakdoor is passionate about our product because we see every day the massive difference it is making to our customers. There are many people in this team who would be simply irreplaceable and who would be snapped up in an instant by another part of PA or another organisation, but they chose to work with us because they believe in our purpose to make the world safer by making innovative, cost-effective products.
q How is Oakdoor placed to solve the bigger cybersecurity industry problems in the middle to long term?
Oakdoor was designed to meet a real need right now, which is the need for cost-effective, governmentstandard diodes that can be deployed at scale across a wide range of settings. The use cases and environments Oakdoor is being deployed within are evolving by the week. Since the start of the year, we have delivered Oakdoor and its supporting software capabilities to organisations in the defence and security sector, in the nuclear industry and across the public sector. Our plans are to reach into the US and to broaden our footprint here in the UK, focusing on our current clients and also expanding into new sectors such as Health and Life Sciences, Critical National Infrastructure and Financial Services.
Working at Kainos: Alternative routes to tech
q What made you choose the higher level apprenticeship scheme with Kainos?
Every year, Kainos runs their CodeCamp where anyone aged 14 and up can spend 1-2 weeks with Kainos and their mentors as part of a coding competition. I took part in 2016 during my GCSE year and I would describe it as two of the best weeks of my life. I ended up winning that competition which I didn't expect, but I obviously loved it. It wasn't all about just teaching coding or engineering, I learnt a lot about Kainos as a company as well as how to develop your own skills.
When I heard about the Earn as you Learn scheme, it seemed like the perfect opportunity to break into the industry without having to wait four years doing a fulltime degree and a one-year placement. In the summer between lower and upper sixth, I did a placement at an IT firm for about six weeks and I found that working on real code with real customers at such an early age had a really profound impact on me, it felt like I was fixing real problems and helping real people.
My experience of the higher-level apprenticeship has been fantastic from
day one. It started with four weeks of dedicated training to bring everyone up to the same standard followed by two 6-month rotations on different projects to get a really good feel for different areas of the company. At the same time, you're doing your first year of university with one day a week at university
and then four days a week in the office getting used to projects, picking up new skills and really finding your feet. I found that by the second year whenever a new university module came along it felt like I'd done it before because I had already done it in the offices of one of the best software companies in the world!
q How did the pandemic affect your experience?
Being a higher-level apprentice during the pandemic affected two parts of my life. One of them was university and the other was work. Everything very quickly had to move remote but as a technology business, all the essentials for remote work were already in place. I wouldn't say it affected the academic side of things so much as all our resources were already online, so it was mainly a difference of not having the in-person teaching.
In terms of working over the pandemic, I had my first independent security project, and it really gave me the fundamental experiences that I'm currently taking forward into my career in cybersecurity. Things such as reverse engineering, figuring out how systems work and even valuable soft skills such as how to approach someone in a business you've never spoken to before.
q As a cybersecurity engineer, how much of your day is involved in coding?
I've seen this shift slightly as I've progressed from trainee to associate and in my current role as a senior associate. I'm looking more
at big-picture design stuff now trying to catch flaws before they're even written into code. Typically, the design process follows a blueprint, or a design proposal and I find that that's the best opportunity to catch flaws rather than further down the line.
I'd say about half of my day is involved in the technical side of things such as running audits, technical scans or reviewing code and the other half is involved with calls, planning proposals and even education. A developer will have a query and I'll spend half an hour explaining what I feel are the best practices are for them and their specific scenario.
q What would you consider to be the main threats organizations face today?
The first one would be the users themselves and making sure that they're well informed about what the risks are, such as not clicking on dodgy emails or installing third-party software. In my experience
of doing penetration testing, a hacker will spend hours trying to find a flaw in a technical system but most commonly if we look at the biggest cyber-attacks, it's often been the user doing something to compromise their own security. So, it's very important in terms of education to make sure that users are aware of what the risks are but also putting technical controls in place as well such as scanning email attachments to make sure they don't contain viruses.
The second one would be, if you're a public infrastructure or critical national infrastructure, you have to ask questions like "are we at risk from advanced persistent threats or APTs?”. We have to keep in mind their tactics, techniques and procedures as we've seen them hack other things in the past so we can learn lessons from that and apply them to our own infrastructure. Quite often, it’s the easy security wins that provide the biggest improvements to security posture.
q What makes cybersecurity an interesting and exciting sector to be in?
It's different every day, so you always have to come to work with your thinking hat on. Whenever you're presented with a problem and someone makes a suggestion such as “this can't be hacked” or ‘’it's very secure” you have to be the one person in the room to say "Obviously I trust you but I need to verify what you're saying". Even though people sometimes see cybersecurity as people that find magical technical exploits, hacks and vulnerabilities, what they don't see are the four weeks of hitting your head against the keyboard for one day of success.
A developer may write code and be happy that it works but as a security engineer, I'm really interested in what's going on under the hood. Whenever you have that transition from having no idea how the system works to knowing it inside out, it is a magical moment and I can't really describe it
as anything other than that. It's taking something that seems impossible and then finding a solution is what I love about it.
q A common perception around cyber is that it's a very male-dominated industry. Are you noticing women getting involved in the sector?
I help manage and mentor several colleagues from underrepresented backgrounds who have recently joined the cybersecurity capability and I really feel that it's a capability that anyone can join regardless of demographic, background or previous experience because all you really need to have is a passion to learn. As cliché as it may sound, you can't teach someone who doesn't want to learn and that's a prerequisite for cyber. I could be in the industry for 15 years, wake up tomorrow and a new bit of technology is dropped or a new paradigm has been adopted. So, it's a constant battle of staying on top of what's new and what's fresh and as a result, an attitude to learn is absolutely essential.
What I really am happy to see are initiatives like CyberFirst or Women in Cyber which are really encouraging people who think they can't to realise that they are more than capable. I think we're making steps in the right direction, but we just need to keep at it and find those people who just need a little nudge to say you can do it and let us help you get there.
Why Northern Ireland is a world-leading cyber security hub
Jeremy Fitch, Executive Director of Business Growth at Invest NI, reflects on Northern Ireland’s increasingly strong presence in the cyber security arena
As the world’s economies move further towards digital models, the issue of cyber security has taken centre stage and Northern Ireland’s sector has grown rapidly. Northern Ireland is now a globally recognised cyber security hub with innovative startups, an impressive cluster of international investors and world-leading university research centres.
Our cyber security sector employs some 2500 professionals working in over 100 companies that include both indigenous businesses and large multinationals.
This dynamism within the sector and its impressive success in recent years is due to the timely combination of research excellence, cutting-edge technology, collaboration between academia and industry, a strong skills pipeline and targeted government support.
Research coupled with commercialisation
The growth of the cyber security sector in Northern Ireland has been supported by the Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast. Set up in 2009 with a strong emphasis on the commercial exploitation
of cyber security innovations, it marked a significant moment in the growth of the sector.
CSIT brings together research specialists in secure hardware and embedded systems; post-quantum cryptography and advanced cryptography architectures; security intelligence — AI for cyber security and mobile security; networked security systems, analytics-based monitoring and forensics in new network architectures; and industrial control systems and operational technology security.
It is supported by Innovate UK, the EPSRC, UK Government in Northern Ireland and Invest NI, and certified by the UK’s National Cyber Security Centre, a part of GCHQ, as an Academic Centre of Excellence in Cyber Security Research and Education. It is a core player in the global cyber security research network.
CSIT’s research has acted as a magnet for companies that recognised the impact that it would have on the sector.
As a result, CSIT has carried out collaborations with many world-leading companies and its research priorities are driven by its Industrial Advisory Board, which includes Rolls
Royce, Seagate, BAE Systems, eBay and Thales. CSIT has been cited as a key factor in the decision by many global cyber security firms to set up in Northern Ireland.
Global players and local talent
The strength of our cyber security sector is reflected in the fact that Northern Ireland is the number one international investment location for US cyber security firms (FT fDi Markets 2023). It has attracted a raft of toptier companies, in both the product development and cyber security services fields. These include Anomali, IBM Security, Proofpoint, Rapid7, Imperva, Contrast Security, Synopsys, Nisos and Agio. In 2020, on the back of the growing level of cyber security expertise within Northern Ireland, Microsoft chose it as the location for a new Cyber Security Centre.
Northern Ireland is also home to a number of international financial services companies such as Allstate, Aflac and CME, which have located their Cyber Security Operation Centres in Belfast.
We also have a strong cluster of locally grown firms such as Metacompliance, Angoka, Salt Communications, Ampliphae, Skurio, Ansec IA, BSecur, Loughtec and Vertical Structure that are making a name for themselves worldwide.
All these firms rely on having access to a pool of talented and well-qualified staff, and that is something that Northern Ireland delivers in spades.
Top-level education and skills
Northern Ireland is considered to be a leading region for cyber security education and skills development and we punch well above our weight in cyber employment; 4% of the UK cyber professionals work in Northern Ireland but we have only 2.8% of the UK population. Our education system is recognised as among the best in Europe
and a number of vocational courses at our Further Education colleges, as well as academic courses at undergraduate, postgraduate and PhD level, have been developed by our universities in partnership with industry to ensure a pipeline of relevant skills.
The Assured Skills programme has played an important role, enabling those who already have a degree qualification to enter the cyber security workforce by undertaking the Cyber Security Assured Skills Programme. Unique to Northern Ireland, the programme is fully funded by the government and is delivered by local universities and colleges. Companies such as Synopsys, PwC, Whitehat and Microsoft are among those that have used it.
the local technology ecosystem. Invest NI also supports collaborative work such as the partnership between BT and the Ulster University at the BT Ireland Innovation Centre, which is undertaking research and development in a range of areas including in the cyber security space.
Building on success
We know that international companies that have already invested in a Northern Ireland presence tend to reinvest because of the positive experience that they have. Boston-based Rapid7 is one such example. The company set up a Software Development Centre in Belfast in 2014, creating 75 jobs. The centre now employs in the region of 430 across a range of functions and is the company’s largest research and development centre globally.
It is just one of many cyber security companies that recognise the benefits that Northern Ireland has to offer: the high quality of skills; competitive operating costs; world-class universities; high-speed telecoms links and effective government support.
Moreover, according to the UK Cyber Security Skills Report, Northern Ireland is one of the most affordable regions in the UK for securing cyber security talent.
Targeted government support Cyber security is a key sector for Invest Northern Ireland and we provide a range of financial incentives and support schemes to underpin its growth. This includes financial support to encourage employment, training and research and development.
For international companies that are new to Northern Ireland, Invest NI provides a “landing service” to help them to secure property, manage talent onboarding and to integrate quickly into
Our ambition is to continue to support the growth of the cyber security sector in Northern Ireland in the coming years, helping to achieve the target of 5000 cyber security professionals in the region by 2030 that has been set by the UK Government.
So the announcement in February that the UK Government is investing £18.9 million to boost Northern Ireland’s cyber security capability even further is welcome. The investment will see the creation of a new CyberAI Hub at CSIT, creating jobs, helping to ensure a pipeline of world-class cyber professionals and supporting the research and development of AIenabled cyber security projects.
Find out more about the cyber security sector in Northern Ireland. Visit InvestNI.com/CyberSecurity.
Established
The non-profit organization exists to champion the local software sector, which contributes £1.7 billion annually and employs 23,000 people across approximately 2,200 businesses as a world leader in innovation. The Alliance will work to support policy development to ensure that Government and other key stakeholders engage with and understand the needs of the sector in relation to labour skills, R&D and investments to ensure that Northern Ireland becomes the world-leading region for innovative software businesses, leading to a sustainable and prosperous economic future.
At a well-attended launch event at the Merchant Hotel, John Healy, Chairman of the Alliance, spoke about the wider implications for the tech sector and also welcomed the head of the civil service in NI, Jane Brady, to address a room filled with a wide cross-section of the local tech industry. Jane talked about Northern Ireland being at a point of inflection and encouraged the sector to not be content with where thing have got to, but actually push on and ultimately the software alliance can be a force to help do that. As an industry John stressed the need ‘to move away from what has been traditionally a sector dominated by foreign direct investment and call centres and get
The Software The voice of software industry Northern Ireland
in 2022 by a group of independent companies in the industry, The Software Alliance is the only representative body for software engineering companies in Northern Ireland
Software Alliance: of the industry in Ireland
to a place where we're building truly wealth-creating product businesses here in Northern Ireland. That's the opportunity that's ahead of us and it’s the ambition of the software alliance to help push and promote that’.
Sync NI sat down with the founding members of the board to talk about the need for a body to coordinate with all the technology companies in Northern Ireland, to ultimately align into a one-stop shop for interaction with government, universities and schools, and become the voice to wider society in Northern Ireland for the tech sector. We discussed the goals and priorities that the alliance wishes to focus on and ultimately the benefits that will accrue to the entire sector and society at large.
Lorna McAdoo, ESG Group Director at Version 1, spoke at length about the importance of the alliance being an important step forward and an avenue for giving everyone in the sector a voice. Lorna impressed the need to ensure that sustainability and diversity across the organization were evident from inception, "which means diverse in the companies and the organizations that we work with, diverse in the way in which we set ourselves up and in making sure that we are representing everybody in the tech sector".
The panel were all in full agreement about the importance of diversity, particularly with regard to the access of opportunities within the software sector, by strengthening the traditional pipelines and making sure that they're optimized in terms of the curriculum, the course content as well as career advice. Sam Mawhinney, Director of Emerging Business & Technology at Liberty IT, also spoke about how the alliance could also support alternative pathways including apprenticeships, especially for people who haven't traditionally thought of the software industry and might have already left the education sector.
Having been involved in a number of educational initiatives including Digital Awareness week for Northern Ireland, Mark Owens, Managing Director of Civica, spoke about how the digital skills gap ultimately starts in primary and post-primary schools. Therefore, there was a need for the alliance to help promote and educate in the education sector to ultimately solve a lot of issues downstream. While recognizing that schools are ambitious, they still need guidance and more support. There was also more work to be done for raising awareness and educating parents, so they too are better positioned to inform their children that the tech sector provides a plethora of exciting opportunities and advantages over other traditional career paths.
Continuing the sustainability theme, Andrew Gough, Managing Director of GCD Technologies, highlighted some of the immediate threats to the industry in Northern Ireland. As more companies are looking beyond Northern Ireland for opportunities for growth, indigenous companies face limitations, particularly as wage inflation is actually making it harder to compete in a global market and this is further exacerbated by the skills gap.
While there are many existing programmes that promote and champion careers in the tech sector, there is still a lack of joined-up thinking. Andrew went on to say that these programmes were not all pointing in the same direction and sometimes gave conflicting advice as to how to get involved in this sector. "The alliance can help be an arbiter of the message that educational initiatives provide to schools to help ensure that they're all pointing in a unified direction that helps the whole industry. 'A rising tide raises all boats' and it's by coming together, we can raise the tide for all the companies large and small across the industry".
The entire alliance is in full agreement
on the principle of simplifying the voice of education with government. Tom Gray, Deputy Chair of The Software Alliance and Chief Technology Officer at Kainos, spoke about the requirement of the alliance to get a representative core membership from across the entire sector and thus ensure that everyone's voice is acknowledged and recognized as being viable in any of the meetings or any of the initiatives. It was felt that over time, the alliance would become the trusted voice for the industry at large so it becomes less fragmented. Tom expanded on the need to simplify the system to be more efficient and effective in solving the most immediate problems facing the sector "Government wants to engage with industry but they ask 100 companies and they get 100 different answers. That's inefficient for them and it's also inefficient for the companies because they're asked all these questions all the time by different parts of government. I think the alliance can ultimately save a lot of time for our members and also for our government colleagues".
As former Chairperson and a founding member of The Software Alliance, William Hamilton spent almost two decades as Managing Director of Liberty IT and is a keen advocate for ensuring Northern Ireland's indigenous companies have more of a voice in the sector. He sees the alliance having an important role to play in opening up additional pathways for those who are either underemployed or financially inactive. Despite Northern Ireland approaching full classical employment, there still remains a significant number of economically inactive people for whom opportunity has not presented itself properly. For those who are employed, he argued that many of the jobs locally are not high-value jobs and the sector has the potential to increase the value of those jobs. This would thereby increase the financial strength of Northern Ireland to ultimately build a better country. William felt that the alliance would address the imbalances
of employment opportunities across the wider economy head on "It's about leveraging this fantastic opportunity. Northern Ireland was historically the UK's engineering capital, we have that track record, we have that ability and we have an opportunity to do it again".
Ultimately, the Software Alliance is a vehicle that has the potential to positively influence government policy. Working with the Department of Education, the alliance wants to promote computing science as an area of learning in its own right and become part of the curriculum for all schools. Currently, there is a disparity of equality of opportunity for young people and the current consensus is that a lot of schools will teach ICT but they don't actually teach the qualifications that the industry value and that can lead them into a job in the industry. In other areas, the alliance is already making good headway around the technologies that support the 10x economy with a renewed focus on software and AI, changing the emphasis from what was regarded as the digital, ICT, creative industries, including the cybersecurity sector. It was widely acknowledged that the key element to achieving these policy changes is having the assembly
back up and running and having the ministers in position to make those very decisions that benefit all stakeholders across the entire sector.
It was clear and obvious that an enormous amount of work has already been done over the last 12 months in advance of the launch of the Software Alliance. Looking forward, Lorna McAdoo referred to the current strategy document drawn up by the alliance and how crucial this will be in driving and developing the key objectives and priorities for the industry, not just now, but into the future as well. Once Stormont is functioning again, Lorna was confident that the alliance has the strategic vision for the longer term to tackle the inherent problems facing the sector "When we start to have more detailed conversations with the bodies, it needs to be in line with what we need right
now but also what we've got a need for over the next two to three year,s so the strategy piece that we're going to be looking at is hugely important".
Despite the lack of a functioning executive at Stormont, Tom Gray felt it was important to not stand still and wait but rather get on with addressing the issues as a collective so where any government-related activities or interventions come into play, the alliance will focus on those things that are under its own control. The key message being "If we can start to build a more nuanced and more accurate view of the sector, its opportunities, the potential for both lucrative employment and global good, I think that is going to lay the groundwork for everything else that we want to do. I think the young people, the parents and the teachers need to have
a better view of what the industry is really about as a priority".
Notwithstanding this, The Software Alliance fully understands that this is a long-term game. They're not going to fix the skills shortage overnight but have started looking at how they can encourage primary school kids and high school kids to appreciate what a career in the technology sector might look like. The alliance is building a longterm pipeline for long-term success and a long-term mission that can ultimately intersect with the industry's long-term needs. While there is an obvious need to have the ministers in place to be able to help to make the interventions on a governmental level, the alliance is not sitting back waiting for them, they’re up and going already.
Tara Simpson, CEO of Instil Software, has been a long-term advocate for changing the way schools teach ICT and believes it is actually putting kids off and effectively turning them away from the industry. He believes that in the current environment, it can appear that software is very boring. The consensus within the sector is that there is an urgent need to change this perception and open their eyes up to the opportunities and reinforce the fact the world of software is not just about developing software. The software industry is multi-tiered and open to kids from a variety of different backgrounds, skill sets and
disciplines. The industry needs diverse thinking and new approaches requiring a vast range of skills. In support of this, Lorna McAdoo also emphasized the need to make the industry more exciting and appealing to the younger generations. "These are kids that are going home at night wanting to get out their iPads and all sorts of technology and play with it, so they've already got the passion for it; they've already got the drive but yet in the schools we're making it such a boring subject that actually they can't see the relation between the two. As an alliance, we can help change that".
At the end of the day, the Software Alliance is about speaking as a single voice to influence the very people in our local institutions and organisations that can effect real and meaningful change. The alliance will help these organizations, educate them about the technology sector and help them ask the right questions which will ultimately help them get the answers that are reflective of the software industry as a whole. It’s not just a voice, it’s a network of individuals and companies across the sector, regardless of size, coming together to contribute as a collective. The Software Alliance can ultimately be a game changer for the Northern Ireland software sector and has the potential to impact positively on the economy and society as a whole, leaving a lasting legacy for future generations.
CME Group’s Conall Bennett shares the latest developments in serverless technology
q Serverless Days, an annual software community conference focused on the movement of the industry towards serverless and modern cloud technology returned to Northern Ireland in February this year. How important are events like these to the local NI tech sector?
These events are vital for the local tech sector and represent a great opportunity to showcase the strength and depth of technical talent available locally, as well as providing a platform to highlight how and why the software engineering industry is thriving in Northern Ireland. These events are an ideal opportunity for the sector to come together and share
the latest developments in Cloud and Serverless technology and demonstrate how these are driving change and innovation for the companies we work for.
q For those unfamiliar with cloud computing, what are the key differences between serverless and cloud?
You don’t strictly have to be in the cloud in order to explore serverless technologies, but for the most part serverless is becoming synonymous with cloud platforms and cloud services. Most cloud vendors are investing heavily in making it easier for businesses and technology professionals to access, use, build and operate serverless tech, because it’s a very
As Technical Specialist in Test at Chicago Merchantile Exchange (CME Group), Conall has over 20 years of experience testing software in Northern Ireland
attractive way to run your IT and build products.
The shift to serverless is usually driven by two objectives, the most important one I believe is product time to market. Serverless is about being able to dramatically speed up the time between coming up with an idea for improving or creating your business and getting the software needed into production in front of customers, with as little digital friction as possible. Serverless technologies help by enabling engineers to really focus on building solutions faster and more robustly.
The second goal is reducing the time and cost any organisation has to spend procuring, connecting, securing, housing, powering, maintaining and patching, replacing and recycling the server hardware and infrastructure needed to build and deploy the software that powers their business.
q Can you give us a few examples of the types of serverless services offered by cloud providers?
Probably the most wellknown and popular is ‘function as a service’ (FaaS), like AWS Lambda, which is used to power all sorts of products people use today. Google Nest and Amazon Alexa are examples of products which are powered by serverless technology like FaaS. Each cloud vendor has their own equivalent of this, for example GCP functions.
FAAS solutions like these are known as “ephemeral” services, meaning your serverless software isn’t always up and running on some server. An ephemeral service will only run for as long as it is being used or invoked by someone or something, and then it shuts itself down when there is no usage.
The advantage is that rather than paying to rent a server from the provider, when using a lambda or FAAS you pay per invocation of your software, that is to say how many times a customer or consumer or user tries to use your software. You are not charged for anything if your software isn’t used, whereas if you rent a server you have to pay for that regardless of the level of usage, and you have to maintain and patch that server which is an additional cost.
A serverless service also has the ability to auto-scale based on usage, if you have a sudden surge in traffic or usage the serverless technology automatically
detects and creates more instances of your software in order to handle the surge. If you don’t use a serverless technology, you need to figure out how to do that auto-scaling yourself, which usually means a lot more work for the engineering teams. This kind of FaaS model is what is powering more and more cloud provider services, like Google BigQuery and Dataflow or AWS’s Athena and Lake formation services, which we currently use and have used a lot internally at CME Group.
q This year’s theme was ‘The fantasy and reality of Serverless - Building Serverless teams and making it real’ As a main speaker at the event can you give our readers a brief overview of what you covered?
We covered how the teams we work with in our organisation are adopting serverless technology on the Google platform to help drive solutions for our business, as well as some of the organisational change we’re going through
to make that journey successful. We touched on themes like “what does low latency in the cloud mean” as well as our thoughts on infrastructure as code and how to think about adapting engineering and product teams to the change. There were quite a few Game of Thrones references and memes as well.
q In such a fast-paced industry, what do you think will be the main trends for serverless technology in the coming years?
It’s always hard to predict where technology will go next. Reducing complexity, lowering cost and barriers to usage are always safe bets. For serverless, I’d guess being able to help businesses retire or replatform legacy monolithic software and expanding the use of serverless technology to more tailored use cases for specific business domains and providing more features which enables environmentally sustainable or “green” development.
q What are the ideal qualifications and experience required to forge a successful career in the serverless sector? Many of the same core skills that make good engineers such as curiosity, a drive to innovate and experiment to build robust solutions. One key thing which stands out more in Serverless is the need to better understand the business you want to use the technology for and to understand customers or stakeholders better.
Version 1 celebrates 1 year of Global Women in Technology
Since the beginning of their diversity, Inclusion and Belonging work many years ago, one of Version 1’s key focuses has been to increase the number of women entering the tech space and thriving within the organisation
There is a growing emphasis on hiring a diverse workforce in the tech industry, as companies increasingly recognise the benefits of having a diverse team resulting in increased creativity, innovation, and productivity.
Version 1 has been a long-term pioneer for this cause and has several initiatives and programs aimed at promoting gender diversity and empowering women in technology. This is driven largely by their Women In Technology (WIT) network which operates on a global and regional scale to provide a platform for women to connect, share experiences, support each other,
and instigate change across the organisation and into the wider community.
Beyond what happens internally, Version 1 knows that the impact should not just stay within their company walls. They also put a large focus on community work and over the years have supported events and partnership such as Teenturn, Sister In Girls Who Code, School Reach Out, Women’s ReBoot, sponsoring the Women in Tech Initiative at the Women in Tech Awards and STEM Ambassador Programme to Women in IT.
In recognition of these initiatives, Version 1 was named as
Best Workplace™ for Women 2022
By Great Place to Work® for Ireland, UK and India (and have already gained the recognition for Ireland again in 2023). In addition, in 2023, they have notched up 2 additional recognitions, being named a Best Workplace™ UK for Wellbeing by Great Place to Work® , a Best Place to Work™ UK By Glassdoor, and the Number 1 Best Large Company at Great Place to Work Ireland. These recognitions are great, but it’s the work that goes on behind closed doors that allows this success. They are a Bronze level Diversity Mark NI Awardee, and an Investors in Diversity Silver Level Awardee in Ireland. Both of these partnerships help their accountability and strategic direction into the future.
Having initially launched WIT in Northern Ireland, the WIT team was then rolled out globally and this year the Global WIT team celebrated its first anniversary in Ireland, Spain, UK and India.
Some of the internal initiatives they have been driving are: Menopause support, Fertility session , Fireside chats, Work experience for girls, Health and financial wellbeing.
Version 1’s Women in tech Lead HoneyBell Oke commented: “The launch of our global Women in Tech Network has been a resounding success. We now have leads for each of the regions we are present in to ensure that we are giving the right support to our women, personalising it to their wants and needs. We want to ensure that all our women have access to support, not just in their careers but on a personal level, and this network continues to do both. We have an incredible bunch of women across our organisation, and when we all get together it’s nothing short of inspiring.”
Sync NI spoke with a few of the WIT global leads continuing the work that originally started in the UK and has been successfully deployed globally
across the entire business.
Dana Law has been a Business Applications Consultant with the company for over 5 years now and is currently the Women in tech lead in Dublin and was originally inspired to join Version 1 because of this very culture. Dana is passionate about supporting not just women already working in tech, but also women who aspire to enter the industry. She was keen to emphasise that the tech industry is made up of a multitude of disciplines and transferable skills –testing, project management, business analysis, business support, data analytics, cybersecurity, cloud; the list could go on for days! She was drawn to the WIT as it was led by a group of women in Version 1 ‘who genuinely want to drive an inclusive and equitable environment – and having this network and support around really makes it a joyful group to be part of’.
It is indeed Version 1’s company values that also attracted WIT Cork lead Marion Cummins, a Senior Bid and Proposals Manager with over 6 years experience. Marion was drawn to lead the initiative in Cork like her global counterparts to benefit from ‘a friendly group of inspirational women who help, empower and encourage each other to be the best they can be.’
Aside from regular coffee mornings and monthly social meet ups, they have organised a number of events, including Drink and Draw, Fireside Chats regarding Resilience, Mindfulness talks, and a week’s STEM module with Teen Turn Ireland, an organisation that works with girls from underserved areas to gain STEM experience.
When asked about how these events have made a difference within the wider industry Marion says: “The key takeaways when running these events has been a common theme regardless of geography and the message is
uniform: it’s our differences that make us unique.” Dana stated: ”Inclusivity and change can only come with intentionality and an action plan – and I’ve seen Version 1 put in the work and make a sincere effort in increasing the sense of belonging in its culture”.
Looking beyond the shores of the UK and Ireland, we also managed to get an idea of how the WIT initiative was working further afield and caught up with the Malaga Spain WIT lead Viktoria Brandstadter, who for the last 3 years has worked as a software developer test. Also attracted to Version 1’s core values, Viktoria recognised how much the group has helped support her colleagues in Spain. After each of the sessions, Viktoria felt her teams always felt much more motivated and it was a great opportunity for everyone to share their experiences in an informal and relaxed environment, providing practical and emotional support to develop their careers within the business. For those thinking about or considering a career in tech, Viktoria pointed out that ‘Lots of endurance is needed, but the job is extremely rewarding. Everyone works as a team, so if you stick to your guns and don’t give up, you will reach your goal, you can make it in the end, even if at the beginning it seemed like finding a needle in a haystack’.
Version 1 has a great variety of people and cultures, which makes the organisation what it is, and encourages people to be themselves and “bring their difference’.
Version 1 is continuing their growth within our Tech Sector, with numerous open roles that are both tech and nontech focused.
To get to know more about the Women in tech at Version 1, visit: www. version1.com/careers/women-atversion-1/
Or to see what roles are available, visit: www.version1.com/careers/
q With nearly 2 decades working in data analytics what do you consider to be the most important technological development in the field during this period?
It’s extremely difficult to pick just one technological development above all others. Throughout my career, I have seen so much change right across the spectrum of technology and data. I have narrowed it down to 2 innovations that I feel have transformed not only our profession, but the world we live in.
AI – AI has actually been around for a long time with some of its founding principles being discussed by early philosophers in an attempt to symbolically describe the human thought process. Modern AI really began to gather pace in the mid 1950’s and by 1997, IBM's Deep Blue became the first computer to beat a chess champion when it defeated Russian grandmaster Garry Kasparov. The pace at which AI has evolved has been staggering with GPT-3/GPT-4, the latest in technology known as "large language model tools", really capturing the world’s imagination.
Chat GTP and its competitors represent a real step in human augmentation providing access to vast amounts of information curated through an intelligent interface. Chat GTP can perform tasks like writing papers to creating poems and can even help a savvy student do their homework. Teachers are not happy!
To most, the only perceived limitation of these tools is a human’s capacity to process and utilise the outputs. Human
Can data the answer everything?
Gareth Kelly, Data and Analytics partner at EY, speaks about the advancements in the field and how diversity is the key to tech evolving
data be answer to everything?
bandwidth, upload and processing rates can’t keep pace! However, these tools do not speak with sentience and do not "think" the way people do. They consume vast amounts of knowledge at pace and process and respond to commands accordingly. I believe we are safe from computer selfawareness and a Skynet takeover…for now.
Cloud - Cloud has transformed how we use software, store data and access computer processing power. It has made advancements in AI possible through almost infinite scalability. It has helped businesses to increase their agility, reduce costs and improve their security and reliability, making it an attractive option for small start-ups right up to the largest companies in the world.
Cloud computing offers numerous benefits, including:
• Scalability: It allows businesses to scale their computing resources up or down as needed, without having to invest in additional hardware or software.
• Cost Savings: Companies can avoid the high costs associated with purchasing and maintaining their own hardware and software. This can result in significant cost savings for businesses of all sizes.
• Accessibility: It allows users to access their applications and data from
anywhere in the world, as long as they have an internet connection.
• Disaster Recovery: Cloud computing providers typically have multiple data centres, which means that data can be easily backed up and restored in the event of a disaster.
• Flexibility: Cloud computing offers a range of deployment models, from public clouds to private clouds and hybrid clouds, allowing businesses to choose the model that best meets their needs.
• Security: Cloud computing providers typically invest heavily in security measures to protect their customers' data. This means that businesses can benefit from advanced security features without having to invest in them themselves.
q As more and more data is consolidated in the cloud, has the security risk increased proportionately?
As more data is consolidated in the cloud, the security risks associated with cloud computing have certainly increased. However, this does not necessarily mean that the risk has increased proportionately.
Firstly, data regulations, GDPR and freedom of information requests have helped control and govern how data is stored, redacted and shared. This means what reaches the cloud is often well thought through and monitored to adequately manage the risk
and the impact of potential data losses. Internal audit procedures have really advanced in this space to help protect our clients and their customers through enhanced processes, data governance and management. We work closely with clients to monitor their first and second lines of defence to support their cyber resilience.
Secondly, Cloud providers have invested heavily in security measures to protect their customers' data and as the adoption of cloud computing has grown, so too has the focus on cloud security. Today, the success of a cloud provider can rest entirely on their ability to secure your data against cyber threats with an expected service level of almost total infallibility.
Cloud providers use a range of security measures including encryption, firewalls and intrusion detection and prevention systems to protect data stored in the cloud. However, the security of cloud computing also depends on how cloud services are configured, used and managed by the customer. Poorly configured cloud services, weak passwords and inadequate access controls can all increase the risk of a security breach. We work with clients to build and secure market-leading platforms to underpin their analytics capability.
Cybercriminals continue to develop more sophisticated attack methods and the security risks associated with cloud computing are ever-evolving. Cloudbased ransomware attacks and supply chain attacks that target cloud service providers are becoming more common. We have experienced such attacks right here in NI and ROI in government and public services! We support our clients through incident response and the processes of recovering and rebuilding their critical cloud services.
Overall, while the security risks associated with cloud computing have certainly increased, they can
be effectively managed through a combination of robust security measures and good security practices by both cloud providers and customers. It is important for businesses to understand the security risks associated with cloud computing and take steps to mitigate those risks.
q What part does AI play in modern data analytics?
Our team at EY is problem led, with a clear focus on value and providing a return on investment for our clients. I spend a lot of time to first understand a client’s problem before we consider the right technology or data-driven approach. AI is a great accelerator for solving problems and in modern data and analytics, it has a role to play in almost every client issue.
I am a real believer in practical AI and at EY we have been able to embed AI in almost everything we do from transforming the traditional across audit, tax and accounting to pushing the realms of what’s possible in helping companies to make money, save money and manage risk. AI has reduced the cost of prediction, enabled better decision making and, with human input, helped our clients transform the way they work. I still believe we need to put human minds in the machine to train the models, refine their application and deliver even more AI-driven value!
Some amazing use cases we have delivered in UK and Ireland include:
• Transport – route planning, load management and optimisation for a public transport provider
• Utilities – helping utilities keep their network running through monitoring asset health to deliver more efficient maintenance, workforce planning and capex and opex expenditure.
• Banking – Risk modelling and automated customer eligibility for financial products
• Customer – revenue optimisation through improved customer experience, customer acquisition and portfolio optimisation
q Can data ultimately solve every problem and if not, what are the limiting factors?
I would love to say data can solve every problem but unfortunately, I would be telling you all a lie. However, I would say data has a role to play in the majority of conundrums. We create data every single day via the devices we carry, use and interact with. This provides us with an immense amount of information to consume, to hypothesise with and to create an evidenced-based approach to solving most problems.
Google, Meta and Amazon have solved a lot of our day-to-day problems with data. They harness it, use it to understand our needs and preferences, and deliver tailored products and services to us via our phones, tablets and computers. But they also have a huge power to influence, govern and manipulate our behaviour from the information they gather. This can create as many problems as it solves.
I always like to believe in its purest form, “data doesn’t lie”, but human interaction with data, how it is manipulated, presented and ultimately consumed means we can’t always trust the narrative. This is where the power of human judgement comes
in. The best solutions are data-driven but human-led. The power of teaming, collective perspective and conversation still plays a huge role in solving our client’s biggest problems. To solve a problem, you need people to buy into the solution, engage with it and adopt it. The power of persuasion, marketing and understanding human nature still requires a little bit of magic that can only be manifested from good oldfashioned human intelligence. Our client relationships, our people and our collective capability are still our biggest assets. When we combine the mind with the machine we are unstoppable.
Put your phone down, talk to a friend or family member and go for a walk.
Create less data but more experiences!
q When managing a team of 200+ analytics professionals what advantages does a diverse workforce provide?
We have really grown at pace from 60 people in 2017 to 230+ people now. We are an Island of Ireland practice operating across Belfast, Dublin, Cork and Limerick. We have always had a start-up mentality in that we strive for innovation, rapid growth and disrupting the status quo. This has positioned us as the number 1 analytics practice in the market.
The key to this success is our people. In our practice, we really believe that you are only as good as the people that stand beside you. Our people are our most important asset. Having a diverse workforce leads to diversity of thought, better culture, increased collaboration and a happier and healthier team. We have made huge strides in hiring a diverse workforce from across the world, investing in talent from across Europe, Asia and Africa. At EY we believe it’s important to feel a sense of belonging, to be your best self and be comfortable in your own being. Be yourself, everyone else is taken!
We are proud of the work we are doing to address the gender imbalance in our industry, support our LGBT+ colleagues and create an environment suitable for different physical and neuro-diverse abilities. We simply celebrate our differences and bring together people from all backgrounds to solve really difficult problems with data.
Diversity and inclusiveness (D&I) are core to who we are and how we work. To help EY clients tackle their toughest challenges we need the best ideas from the broadest group of people, who in turn, should feel that they belong, that their unique contributions are valued and their voices are heard.
Citi’s recognition for LGBTQ+ inclusion leads the way for other businesses
Following Citi’s recent recognition for LGBTQ+ Inclusion in the Workplace by Stonewall, and Citi’s Odhrán Devlin being named ‘Changemaker of the Year’, Odhrán highlighted the importance for local employers to address LGBTQ+ equity and inclusion in the workplace and the best approach for creating genuine culture change when it comes to LGBTQ+ visibility in the workplace and beyond.
Globally, Citi’s employees reflect the remarkable range of cultures and perspectives of their clients across the more than 160 countries and jurisdictions where they do business – a powerful advantage that combines global insights with deep local knowledge. The company actively seek out diverse perspectives at all levels of the organisation.
Speaking about the Stonewall Changemaker of the Year Award, Odhrán Devlin said, “I am honoured to have been awarded one of Stonewall's Changemaker of the Year awards and I am proud to contribute to the outstanding work that Citi’s Pride network continues to do, internally and externally across Northern Ireland. It has been great to be able to partner with local LGBTQ+ sector organisations that provide invaluable support to LGBTQ+ people across Northern Ireland.
At Citi, we have taken steps to ensure that marginalised and underrepresented groups feel welcome and respected. Individuals at every level of the organisation have been provided with the opportunity to educate themselves and engage on LGBTQ+ issues and understand how they may impact people’s workplace experience.”
Talking about his role within the Citi Belfast Pride Inclusion Network, of which there are over 550 local members, and their work within the local LGBTQ+ community, Odhrán commented: “Citi has a focus on continuing to evolve in how DEI issues in the workplace are tackled. We understand
the importance and value of engaging with local partners to support people to realise their full potential and provide an open, inclusive accessible workplace for all.”
He continued: “The Pride Network has had the opportunity to partner with and build relationships with key local LGBTQ+ sector organisations across Northern Ireland for many years. These include The Rainbow Project, Cara-Friend, and HERe NI. All of which have helped the locally lead network and its members gain a better understanding and insight into the potential issues local community in NI can face. We have also had the opportunity to support local campaigns to drive and deliver change. We are proud to collaborate with leaders who provide invaluable services and expertise to people across Northern Ireland.”
Citi Belfast currently partners with Cara-Friend, Northern Ireland’s longest established LGBTQ+ organisation, as the lead sponsor of the LGBTQI+ Inclusive Schools’ Charter. This includes the delivery of ‘All Out’ anti-bullying workshops to students and school staff across Northern Ireland. These workshops provide an introduction on LGBTQ+ awareness as well as the themes of respect and tolerance which are relevant and applicable to everyone. In 2022, workshops were delivered to more than 4600 students and 800 school staff, with feedback being overwhelmingly positive.
As an organisation, Citi has a clear position on LGBTQ+ inclusion. As an international bank, they have led on transinclusivity within the organisation through inclusive workplace policies as well as being the first major bank to offer the Trans and Non-Binary community the option to use their preferred name on their bank card. Across many countries, they have been consistent on our position on marriage equality. Further to their participation in the local business 4 Love Equality Campaign ahead of the introduction of same-sex marriage in Northern Ireland, Citi was recently a signatory of the Human Rights Campaign’s Letter to the Senate in Support of the
Citi Belfast’s Changemaker of the Year Odhrán Devlin says: “At Citi we have taken steps to ensure that marginalised and underrepresented groups feel welcome and respected”
Respect for Marriage Act, ensuring that same-sex and interracial marriages have federal protection in US law.
LGBTQ+ people continue to face issues in their everyday lives, and whilst considerable progress has been made in terms of visibility of LGBTQ+ people there are still many challenges facing the LGBTQ+ community.
But it is not all unwelcome news! Recently, and for the first time in Northern Ireland, our census captured information and data on sexual orientation. The latest results indicate that 2.1% of the population identify as Lesbian, Gay, Bisexual, or Other. This represents approximately 31,600 people. 16-24 year olds represented the highest percentage of this demographic (4.6%), which may
indicate that as LGBTQ+ visibility and acceptance increases, young people are increasingly comfortable in coming out.
Highlighting room for continued improvement, PSNI records indicate that homophobic motivated incidents are at their highest level since records began in 2004 and transphobic motivated incidents have ramped up significantly in recent years to their highest level. The census did not include a specific question on gender identity, therefore, figures relating to the Trans and Non-Binary communities are not available.
At a time when these groups face increasing challenges in accessing support and services, mental health charity Mind reports that LGBTQ+ people are more likely to have issues
associated with low self-esteem, depression, anxiety, and other mental health problems. In Northern Ireland we are still waiting on a long-awaited Sexual Orientation Strategy which will contribute to breaking barriers facing LGBTQ+ people and ensuring compliance with international best practice around healthcare, education, safety, rights, and representation, amongst other things.
It is noteworthy that when asked to describe their sexual orientation 8% of respondents opted for ‘Prefer Not to Say’ or did not answer. This indicates that there is still a sizeable portion of the population who do not feel comfortable in disclosing their sexual orientation, highlighting the importance that organisations make a conscious effort to identify and remove barriers to create a safe and inclusive workplace environment for all.”
Citi’s goal is to ensure that every LGBTQ+ colleague feels free to be their whole, authentic self in the workplace. To make this happen, they continue to educate, support, and develop tools and resources to drive LGBTQ+ workplace learning and equity.
In 2022 Citi made incredible strides in their Talent and Diversity, Equity, and Inclusion (DEI) commitments globally, the momentum will continue throughout 2023, with a specific target added of a global LGBTQ+ entry-level recruiting goal.
Citi understands that stronger and more diverse teams across the organisation means they will better serve their colleagues, clients, and customers. Citi has also received top scores on many industry-wide indices for diversity best practices, whilst maintaining their competitive differentiation as the leading global bank.
For more information on inclusive roles at Citi Belfast check out: https://jobs.citi.com/.
Changing the ideas and misconceptions around IT in schools
Lisa
McCaul from Bring IT On and Catriona Houston,
Head
of
IT
at
St. Patrick’s College, Dungannon, speak about the importance of schools being equipped with the tools they need to get students interested in IT
q How exactly does Bring IT On engage with schools?
Lisa McCaul: Bring IT On was formed to address the skills shortage and employability issues within the IT sector in Northern Ireland. We showcase the opportunities and benefits of careers in IT through events, speaking at schools, attending job fairs, and working with employers, careers advisers, IT teachers, parents, and carers to promote the opportunities available in IT throughout NI. Each academic year we deliver approximately 200 workshops to primary and post primary schools across Northern Ireland.
These sessions cover important topics such as the top 10 key skills sought after by IT employers as well as the key ingredients to a successful career in IT. We talk about the salaries, the lifestyles, the various roles that are available and insights into local companies recruiting for tech roles. It’s all about giving children more options outside what they might consider as traditional jobs and help them discover and to not
miss out on opportunities in industries and sectors they might not have thought about in the past.
A lot of children struggle with options in their GCSE year, many don’t want to study law or accountancy, become bricklayers or mechanics or whatever and there's this void in between that’s not being filled properly. Bring IT On is about building awareness of this abundance of opportunities in the tech sector in Northern Ireland and addressing that void.
q How difficult, particularly with such a busy curriculum, is it to find the time to present initiatives such as Bring IT On?
Catriona Houston: Timing is obviously important. This week for example we have formal assessments so you need to avoid those times of the year where there's exams as we obviously need to achieve grades however we see the importance of what Bring IT On delivers.
I’m very fortunate that the principal and the senior leadership team fully support it. I think you need a culture at a school where we understand the benefits of giving our pupils these opportunities and knowing how it’s going to impact them in the long term. It’s particularly evident when we write UCAS references for pupils who don't have those opportunities like work experience compared to those who do. You could write all day for those that do but for those who haven't seen and experienced it then it’s actually really difficult.
q Is Bring It On directed to pupils already doing ICT courses or to pupils who have yet to make that choice?
LM: We’re targeting all potential new entrants into the tech sector; we want to keep the momentum flowing with those who have already selected IT but also inspire those who have yet to make a choice. We’d love to spark a culture change and encourage young people to understand the skills they learn in English, Maths and geography in some shape or form can all transfer into an IT role and successful career.
CH: I always tell the story of my hairdresser who told me she has to get her level two in IT so she can pass her hairdressing course as without it she can't get her qualification. Today people who go down different pathways whether it is hair, beauty or engineering, all of them still need a level two in IT and we can offer that to them here. We always try to promote to our kids is that no matter what you do you will need IT.
q Why are some pupils less enthusiastic about taking IT courses despite the fact that they are so beneficial?
CH: I think a lot of young people think it's just about sitting programming all day and that programming is one of the most difficult things in the world but in reality you don't have to
be someone who sits at a computer coding all day, that is not what it is all about. Certain pupils will be brilliant systems analysts and others could be fantastic project managers and Yes, we need programmers, but look at the all the people that work alongside that one programmer and all the different roles they could be doing as well.
In spite of all this there is currently a high demand, especially at A level, for digital technology and we've introduced software systems and it is a lot of work for pupils to get their head around however as teachers our role is to try and make it exciting and show them how this technology reflects in the real world.
LM: There needs to be that culture change when teaching IT, where the teacher will say ‘this is what we're doing today, and these are the types of jobs that this skill would apply to.’ It’s that relatable aspect as part of the teaching the subject that makes such a huge difference. We’ve found there’s a perception of IT courses being too difficult or boring, but the reality is that the content and the IT sector is actually what’s powering every social media app and piece of technology in the world. The tech sector is rapidly growing, it’s fast-paced, it’s inspiring and there’s absolutely no time to be bored.
q We often hear that women are underrepresented in Tech. What percentage of girls are in your IT class?
CH: So in my year 12 class at the minute I have a 50/50 split for digital technology. In Year 13. one of the classes I currently have three girls and nine boys and in my software class, I've seven boys, but this year so far with the options it’s nearly 50/50 and it's about a 60/40 split in the BTech and obviously that is really positive to see.
q Do you believe teachers get enough support to encourage
children to adopt technology and could we do more to encourage greater take up those subjects?
CH: In my opinion, IT needs to be compulsory up until at least GCSE based on things that I've spoken about before. There isn’t a job that you enter today that is not going to have some element of IT. It's as core as English, Maths and Science and besides what's the harm in showing them the skills if they're never used again, at least they had them.
Obviously there are some constraints with regards skills shortages and I think that's where industry has to step in. We're lucky that we have links to good industry partners who do come in and lead the workshops and show the different roles that are out there. To be honest there's no point in me standing up showing a slide as there's nothing like the hands on work.
Equally it’s important to get past pupils who've been through ICT come back and demonstrate their life successes. For example, there is a competition called first tech robotics and we've entered it the last couple of years but we've probably been most successful last year in a group of three boys. As a result, one has got a job as an apprenticeship in robotic engineering, another is doing business management in local engineering firm and the other is doing computer science. All three of them said they wouldn't have even been invited to an interview if they didn't do that robotics competition.
LM: I think ambassadors play an enormously important role in helping our children appreciate and learn more about the fantastic opportunities available in the IT and Technology sector in Northern Ireland.
We would appeal to those who would like to give something back and inspire our children to please reach out to us and sign up as an ambassador. www.bringitonni.co.uk
Healthcare and data sensitivity: It affects us all
ESO sets out to protect healthcare data as cyber threats are on the rise
ESO, established in Texas, set up its European headquarters in Belfast in 2019. The company develops software products for EMS agencies, fire departments and hospitals that are transforming the way first responders collect, share, report, and analyse critical information to improve community health and safety.
The Belfast office is on track to creating 120 jobs supporting the parent company, as a market leader in delivering innovative software and data insights for first responders and frontline workers. The team at Sync NI sat down with Finian Mackin, Director of Security Architecture & Engineering to talk about Cyber Security threats and career opportunities within the sector.
q As Director of Security Architecture & Engineering in the healthcare and emergency response industry, how would you describe your role?
I run a team responsible for providing the security guidance and guidelines for our engineers to develop and deliver our platform. That means developing the standards and approaches for our engineers to build out our software as a service and to do that in a way that means that we can get some assurance around the security of both our customers, our data and our intellectual property.
As a SaaS company, we have a lot of environments that live in various clouds so ultimately we provide the standards for the engineering teams to build out in those clouds.
q What sort of security threats would you typically encounter in your organisation?
Healthcare is all about sensitive data. We are subject to HIPAA, which is a health regulation in the US and that provides guidance around how we need to protect health information related to our customers and our customers' customers’ Effectively our biggest threat is data theft because there's a lot of value in people's personal information.
In these modern times, we face all kinds of threats. Typically, these can be everything from what we would call script killings, which is kids at home just attempting to break stuff for the sake of it, right through to actual nation-state attacks. Across the sector, we are seeing more and more a large proliferation of attacks originating from further east globally and that's an attempt to cause an impact on key critical infrastructure systems.
Anything that can adversely affect health care provision is obviously a personal risk to us as well. We can have inside threats so something that we need to be aware of is how our own employees access data, therefore it is important to protect the data both externally and internally.
q What are the motivations for those ‘bad players’ who target organisations in the healthcare and emergency response sector?
It can be anything such as kudos for taking systems down but generally speaking, it's financially motivated. We see a lot of ransomware attacks, where systems are attacked and people or organizations are blackmailed into spending money in order to decrypt sensitive data that they need to run the business. So in general, it's financial motivation but it can also be an effort to destabilize our industry and core services.
q As Cyber threats increase, what more can be done to address the skills shortages in the industry?
The university courses available in Northern Ireland are definitely helping to reduce that skills shortage and are providing courses now that are more aligned with what the industry needs. It's been quite a recent development that universities are taking feedback from industry as to what exactly it is that the industry needs in people, in order to provide security services. It also means making sure that we're training people in all areas of security, so that's everything from technical security, social engineering and everything in between.
I think as well that incentivizing students who get involved in security is quite important, such as large organizations offering good placements to students as
part of their training.
q Northern Ireland has become a leading global hub for Cyber Security companies. Why do some many US companies choose to invest here?
I do think our universities are a big part of it. There are large engineering departments in both Queens and University of Ulster, and the courses and the qualifications that are delivered are pretty well renowned. The Master's in cybersecurity at Queen's Belfast has kind of been put on a global security stage and there's been a lot of investment here in both universities.
Also, I think large American organizations see other tech organizations here already, so they can see the talent pool that we have as well as the generations of very experienced engineers and security professionals. So by virtue of the fact that there are already a lot of companies here and other companies are kind of flocking into the town.
q What opportunities exist for people wishing to forge careers in the Cyber security sector?
I think there are massive opportunities in Northern Ireland right now. With the amount of large tech, financial services and global SaaS organizations that are based out of here, there are lots of job offerings and the salaries are on par with London at this stage. That means that geographic location is no longer a factor for people.
There are so many opportunities here at this stage that people can pick and choose the roles that they're interested in and it gives people the opportunity to specialize as well, which makes them more employable.
explore the biggest concerns emerging in the sector as the world becomes more tech-led
Combining decades of sectoral expertise with teams of worldclass cyber security consultants, leading global technology company Fujitsu has a proven track record of helping customers safeguard their assets, data and information.
As we are all aware, times of adversity often brings with it opportunities for cyber-attacks. To ensure their customers stay ahead of the curve, Fujitsu adopts an ‘intelligence-led’ approach to cyber security that sees it combine human and technical intelligence with advanced analytics tools and best-of-breed cyber security technologies to monitor, predict, detect and analyse threats.
To find out more about the latest trends in cyber-security and what it’s like to work in Fujitsu’s leading cyber security team, we caught up with Devan McMordie, a Cyber Security Presales Consultant at Fujitsu.
Tackling threats through technology
Originally from Northern Ireland and now living in Manchester, Devan joined Fujitsu in June 2022 as part of its graduate scheme. In her role, Devan liaises with organisations and businesses to understand their needs, supporting on bid responses by lending her sales and technical insights. Fujitsu’s ‘Work your Way’ flexible workplace initiative means Devan works closely with the Manchester and Warrington offices, both face-to-face and remotely.
“Fujitsu has helped me thrive in my career, the managers have your best interests front of mind and they are keen to help in whatever way they can,” says Devan when talking about
Breaking the in cyber security
her role at Fujitsu. “If you come to your team lead with an idea, they listen and help you put it into action. There is no micromanaging, the managers trust us. I enjoy the autonomy, knowing I have support there if I need it”.
Devan says that equipping customers
with knowledge goes a long way to ease any worries they might have about the cyber threat landscape. She said, “I think it’s very important to break down any walls of mistrust and misconception. Everyone deserves to know how their data is dealt with, processed and protected, both personally and professionally! Cybercrime can be seen as a technology issue but through innovation, we can use technology to not only tackle threats but to stay ahead of them daily. In my role, I get to see how these are developed and put into action for customers.”
Security isn’t binary
In terms of some of the biggest issues facing companies, Devan said fraud is a key concern. “We see more and more organisations right across the world
FujitsuDevan McMordie
the mould security
come to us to help protect them from fraud. During the pandemic and even more so post-pandemic, there was a massive consumer shift to e-commerce as a reaction to the lockdowns. The rapid shift to e-commerce meant some apps and websites were developed quickly to meet demand. When the development of technology is rushed, it can lack proper security. With the lack of proper cyber security, comes fraud, they go hand-inhand.”
“I recently presented at a ‘Hackathon’ event hosted by Lancaster University where I went into a bit of
detail about the shift to e-commerce and how best to protect against fraud and other cyber security threats. As a business, we know that security isn’t binary. Our solutions, in order to work at full capacity, have to be bespoke. Fujitsu spends a lot of time finding the best solutions. We partner with other companies and learn from each other; we learn from our findings and we prioritise developing new innovative ideas to deal with cyber security threats.”
Break the mould!
Devan’s talent for collaboration is a skill that came to the fore during
her student days, having studied for a master’s in computer science at Newcastle University. “I already had a passion for technology and going into my undergraduate degree I was excited to learn a variety of new skills and work with others to develop my knowledge”, she explained. “I was heavily involved in the School of Computing at Newcastle University which was another opportunity to partner with others to learn and grow. I found out that back-end programming wasn’t for me but that I loved frontend computing. The idea of talking to customers and incorporating theory to find the best solution for them was something that I really enjoyed and I’m glad it’s become part of my day-today life at Fujitsu.”
“While I have always been interested in IT, I definitely suffered from imposter syndrome at university and felt as though I didn’t fit in. I didn’t let this stop me however and I was keen to help break stereotypes within the tech industry and tackle gaps”. Devan credits the women’s network at Fujitsu for fostering an open and diverse environment, encouraging team members to be themselves. “The network helped me a lot, there are so many strong and successful women who are not scared of being seen as ‘too feminine’, they just smash their job and are authentically themselves. I had a chance to attend an internal workshop to talk to
people in leadership roles from across Fujitsu. One of these leaders was Carla Hall, Head of UK Delivery. Carla had so much time for each person and gave amazing advice. I just remember thinking this is the nicest workplace, I would say Carla is a role model for me.”
Future focused
When asked about her plans for the future, Devan says she’s focused on flexibility. “I try not to dwell on ‘fiveyear plans’ although saying that, in five years I will have finished the two year Grad scheme with Fujitsu and will be a fully-fledged member of the team. Other than that, I hope that in five years I will be an indispensable part of the cyber team in the company and can keep developing and learning within my role. I hope that I can confidently take any opportunities that I want to further my career in cyber security.”
As Devan grows her cyber-security skills, she says Fujitsu continues to focus on its intelligenceled approach to managed detection and response. “As digital technologies continue to advance rapidly and cybercrime becomes ever more prevalent and sophisticated, we work even harder to ensure your infrastructure and operations are not compromised. Success lies in mitigating breaches before they happen, and self-learning to prevent future incidents: all while ensuring business continuity.”