In the dynamic world of technology, the path to leadership is often as diverse as the innovations it fosters. One remarkable individual breaking stereotypes and carving her own trail is Gaynor Rich, the former Group Director (VP) of Cybersecurity Culture at BT. In this article, we’ll explore Gaynor’s unconventional journey from financial services to the forefront of cybersecurity leadership.
A Non-Traditional Start
Gaynor Rich’s professional journey began with a departure from the traditional route into technology. Reflecting on her early days, she expressed, “it was quite hard because I’ve had a long journey. I didn’t start off in cybersecurity straight from school; instead, I began my career in financial services.”
Her initial foray into share trading, investment through to business transformation consultancy might seem distant from cybersecurity, but it laid the groundwork for the unique insights she now brings to the field.
A Multifaceted Approach to Education
While navigating the financial services and business transformation landscape, Gaynor recognised the importance of an integrated business approach leveraging education and self-awareness. Engaging in the management development programme, she pursued her studies concurrently, completing her degree and banking exams. During our interview, she reflected on this period, stating, “I was taught to think about myself, through my skills and my competencies, which was, believe it or not, quite unusual at the time.”
This multifaceted educational background became a cornerstone for Gaynor’s future leadership role in the cybersecurity domain.
Democratising Cybersecurity
As Gaynor transitioned into cybersecurity, her passion for inclusivity and collaboration became evident. She emphasised the need to democratise security across organisations, advocating for a collective responsibility in ensuring digital safety.
“All those involved in the design and development process, from product designers to technology solution architects, need to be cybersecurity experts,” she asserted “security cannot be niche or specialist activity anymore”. In challenging the conventional centralised security team approach, Gaynor promotes a more integrated, inclusive and collaborative ethos in building secure technologies and business operations.
Secure In Operation
One of Gaynor Rich’s key principles is the integration of security seamlessly into the development process, adopting a “secure in operation” mindset. This proactive approach enables teams business agility and necessitates a reduced dependence on centralised security team. If we build secure by design and operate secure in operation compliance and assurance are a natural output of the way the organisation functions; reducing risk cost of compliance.
“In that way, you don’t need a security team checking every business activity. You need to have done it from design” she explained. This forward-thinking strategy ensures that security is ingrained in every aspect of a product’s lifecycle, fostering a faster and more secure development process.
Insights on the Cybersecurity Landscape
Gaynor shared valuable insights on the current state of the cybersecurity landscape. She acknowledged the prevailing misconception that cybersecurity is an “unnecessary evil” for some organisations, seen as a potential derailment to corporate goals. To counteract this perception, Gaynor stressed the importance of a keen for on business objectives and security as a strategic enabler to achieving those objectives at both operational and board levels.
She emphasised the need to move away from segmenting cybersecurity and advocated for a more integrated, inclusive approach. “We need to move away from the centralised security team and encourage a more democratised capability across organisations,” she urged. This inclusivity, according to Gaynor, extends to involving everyone in the organisation, from those who design products to those who design technology solutions and those who operate them.
Looking Ahead
Gaynor, who has recently left BT and is currently looking for her next role, acknowledged the existing challenges in the cybersecurity sector but remained optimistic about the potential for change and innovation. Despite the industry’s current orientation, she envisions a future where organisations seamlessly integrate cybersecurity into their operations, enabling them to be agile, responsive, and secure.
Gaynor’s journey from financial services to tech leadership is a testament to the transformative power of experience and a proactive mindset. Her insights provide a valuable roadmap for organisations seeking to navigate the complex landscape of technology securely. As the tech industry continues to evolve, Gaynor illustrates the importance of diversity and adaptability in shaping the leaders of tomorrow.