Liz Banbury, cybersecurity expert and CISO at Hiscox, has had a career rich with innovation and transformation. It began in 1998 with a role at JP Morgan, which is where she first got into technical roles. In 2018, Banbury moved to Standard Chartered Bank, where she was Global Head of Information and Cyber Policy & Risk. She then joined Hiscox in 2021. Hiscox is a global insurer, offering a range of specialist insurance products, including cyber.
Banbury says: “At Hiscox, we’ve created a three-to-five-year strategy, which included identifying and communicating the key threats that we could possibly face. We readdressed and reviewed the risk appetite within the organisation, and put in place formal methodologies to identify the critical assets. We now have a team in place which is specifically designed to deliver the strategy, highlighting what our cyber risk is at executive level, what our control environment is, and where we see gaps.”
Cybersecurity for everyone
“When I was at school, topics like computer science didn’t even exist,” Banbury explains. “In one of my first jobs, over in Hong Kong, we were still using a typewriter! A lot has changed. My key point here is that there’s a lot of cybersecurity professionals who are really good at their job. They are inspiring, and have come from all walks of life. Crucially, they don’t have a maths, computer science, or technological background at all – but they still make great cybersecurity professionals.
“I want people to understand that if they want to get into cybersecurity, there are certain attributes outside of their backgrounds and education that will allow them to be successful. It’s about the right attitude, being motivated, wanting to self-learn, being curious, questioning and challenging things, and having an analytical mind. A lot of cybersecurity is actually just common sense. That’s how the questioning and curious mindset fits in. If you have a lot of those traits, there are many career paths within cybersecurity that would be a great fit.”
Creating a community
Community is one of the most important things about the industry, for Banbury. Her personal experiences over all her years in the sector have been wonderful. This is due to how supportive and engaging the wider community is. “We’re absolutely spoiled in London,” she adds. “This is thanks to a whole range of webinars and events we have access to that foster networking and collaboration. I think what really helps the cybersecurity profession in that community aspect is that we all have a shared worry. If you asked everyone in cybersecurity what keeps us awake at night, we would all say a handful of the same things.”
That means there’s a shared challenge, and as such, networking and supporting one another is incredibly important. As a result, things like education and other background information are inconsequential compared to the shared focus of cybersecurity professionals.
