How my work at Accenture helps our communities to understand that security is everybody’s responsibility

Monica Vorster is a security consulting consultant in Accenture’s Canberra office. She shares her story of how an interest in cryptography and code breaking led her to a security career.

My path to working in cyber security started with an interest in mathematics. I was really into cryptography and code breaking, while at uni, I got more exposure to the area of cyber security through my computer science course. Rather than narrowing my focus to code breaking, I expanded my area of focus. The more I learnt about cyber security, the more I loved it.

Once I finished my degree, I applied for a graduate position with Accenture, starting in early 2021.

I was really keen to get government experience and working with Accenture in Canberra means I can have the opportunity to work across all of government, not just a specific department. It’s a great place to work across a diverse range of projects and build my experience as someone at the early stage of my career.

Getting the basics right is so important

My current role is in governance, risk and compliance. I help our clients with end-to-end security assurance and risk assessments. This includes things like reviews of designs, assessing risks and vulnerability management. While it’s never going to be possible to guarantee 100% security, we’re helping to give clients a level of comfort that their systems are secure, as well as making sure they know where the risks are, what they can do to fix or minimise those risks, and giving them as much visibility as possible over their security position.

One of the most important things I’ve realised is that it’s the little things that really matter when it comes to security. It’s often not about the latest cyber security threat that you read about in the news, far more breaches happen from not having key security controls in place. Often there’s a big focus on the latest thing, but if you’re not getting the basics right, there’s no point.

The other challenge I see is making sure clients understand the importance of security. Security isn’t just the responsibility of the security team and it’s not an add-on that you can apply over the top. Everyone needs to be responsible for security. That means making sure security is considered at the design phase and using secure coding practices, for example. It also means that we need to be talking about security with everyone, not just the C-suite, to build that capability and awareness.

Connecting to a bigger team

Joining Accenture was such a welcoming experience. Both within the security practice and the graduate intake I joined with, it felt like I gained an instant network. It was like “Hi, welcome to the family!” Everyone’s been so friendly and it’s so easy to reach out across the organisation for help. Within the Canberra security team, we regularly catch up, as well as connecting with the broader ANZ team. I never feel like I’m in isolation on a project and can reach out for any problem with access to hundreds of security professionals who can help. In addition, the team is very active about sharing interesting things they’ve found, so we get good visibility of the cool stuff people are working on in the security field, right across ANZ and globally.

Accenture provides professional balance and learning opportunities

We also have our Women in Security network, which is fantastic to be a part of. While I haven’t experienced any challenges as a result of my gender, it’s so good to be able to tap into this network for sharing experiences, mentoring and career guidance.

Being part of a large organisation like Accenture also means plenty of access to training and other resources. For example, a big focus recently has been cloud security training, as most of our projects are heavily using cloud technologies. There’s never a shortage of potential courses and training opportunities. Within the security network, we also have regular brown bag sessions for knowledge sharing. These are practical sessions where we can learn about other offerings and what other teams are doing, including the tools and techniques they’re using.

Work life balance is also strongly encouraged and actively managed. I’ve been supported by project leads and career counsellors to take leave, and dissuaded from working late. I was surprised (in a good way!) by how everyone walks the talk on balance and taking time for yourself.

If you’re interested at all in cyber security, Accenture is a great place to work. Even if you don’t have a security background, we’d love to have you and can teach you what you need to know. If you’re curious and passionate about the potential of this field, there’s so much opportunity and the importance of cyber security is only going to continue to grow.

Are you interested in a security career at Accenture? Visit stand #39 at AISA CyberCon in Canberra from 31 May to 2 June or explore current career openings online.