This Cyber Security Awareness Month we caught up with Information Security Strategy & Governance Area Lead Dineish Nallainathan to hear about his career path to ING and what his role looks like up close.
"I always knew I wanted to work in the tech space, which is why I studied technology at university. I was excited by the idea that you won't have the same technology from one year to the next.
Constantly learning, teaching and mentoring appeals to me. I enjoy breaking down complex problems into small parts – then passing to the experts to manage the technical fix. In terms of moving between the three lines of defence, I think it can benefit everyone to work across all three at some point in their career. It gives you a much better understanding of the whole picture.
I sit in the Information Security Strategy & Governance Team and we continue to expand. I manage tech security strategy, governance and business advisory aspects like third party security.
My team works across many different areas and I feel like I have the luxury of switching roles on a daily basis. I might start with a detailed cyber risk assessment of a third party vendor that the business would like to engage with, then shift to assessing cyber strategy, then move to how we report information security posture to the Chief Information Security Officer and other senior leaders in the bank. There's also a lot of security awareness for the business, presenting to various groups on what to look out for and answering any questions they may have.
The benefit of a challenging and diverse role
We're working on a lot of new technologies and on day zero it's unknown. I enjoy breaking that down, working with vendors, getting to a stage where we reach an operational way of working. I get bored with repetition, so the changing nature of the work appeals to me.
I'm comfortable to not know what I'm walking into, though we try to avoid that by planning ahead and engaging early. I ask other parts of the business to explain what they do on a day-to-day basis so that we can tailor support in the most useful and efficient ways.
Cyber security is everyone’s responsibility
From my experience, we as an organisation are cyber aware. It's refreshing that security is front of mind here and it makes a world of difference. The business is very good at addressing security challenges and solutions up front and ensuring we have the right controls in place. Full credit to the broader Tech team members who engage us early rather than an afterthought. However, cyber security threats are constantly evolving, and the attackers are getting smarter every day. Therefore, all of us need to remain vigilant and know how to report cyber incidents and respond to them.
Personally, I'm also passionate about cyber security being recognised for what it is – an enabler, rather than a blocker. We're working in an exciting industry and in a bank where we're exploring the most cutting-edge technology. It's essential that this tech enables our strategic goals in a safe and secure way to deliver the best solutions for customers.