Women in Digital: Amanda Finch

CEO of the Chartered Institute of Information Security (CIISec), Amanda Finch, on the challenges of leading the organisation in the current cyber landscape, her approach to leadership and why she values lifelong learning.

Posted 10 January 2022 by Christine Horton

Did you enjoy school?
I did enjoy school but when I turned 18, I wanted to leave education to work and be independent. I didn’t want to go into further education but came back to it in my later years.

What qualifications do you have?
I have a master’s degree in information security and a degree in history. These were both carried out well after I completed my A levels and left school. I have always supported lifelong learning and feel passionately about the importance of developing new skills throughout your life.

Has your career path been a smooth transition, a rocky road or a combination of both?
It has been a combination of both. In many ways, my career hasn’t always been particularly well planned, but sometimes that can be a good thing.

When I first “fell into” information security, I had little knowledge of the industry. Information security was nothing like the scale that it is now: it was a much simpler world. If somebody told me then that we’d be looking at things like state-sponsored activism, serious organised crime, and all of the other problems that we have to deal with, I wouldn’t have believed them. My various roles have allowed me to learn and evolve with cybersecurity challenges, which I have found both interesting and challenging.

What is the best career advice you can give to others?
Enjoy what you do and keep learning and developing. We are at work a long time and it is far easier if you have a passion for something, rather than struggling with a role that you are not enjoying or progressing in. This simply breeds resentment for the time that you are spending on it. We all tend to be naturally better at things we enjoy. That said, even if you are in a role that you don’t enjoy, you will still learn from the experience – so nothing is wasted!

If you had to pick one mentor, that had the biggest influence on you, who would it be?
My father for his work ethic, his practical advice and amazing sense of humour. He has been sadly dead a long while now, but I still have imaginary conversations on how he would have handled different situations.

From where do you draw inspiration?
Everywhere and everybody. Often inspiration comes from unexpected places and at the least expected times. It could be anywhere, from inspirational speakers, colleagues, an article or media programme, to just observing life. We should keep open minds.

What is the biggest challenge you have faced to date?
One of the biggest challenges I have faced is completing my history degree at the Open University. I never thought that I would have had the staying power to complete it. I am glad I did because it changed the way that I think about things and gave me a huge sense of achievement.

Another challenge I have faced is running CIISec. When I took on the challenge 10 years ago, I never realised how much work it would take and the breadth of skills needed to lead a small organisation. Again, I have huge pride that it has now achieved Chartered Status.

What qualities do you feel makes a good leader?
To me, a good leader is someone who recognises they don’t always have to have all the answers. It’s about knowing their own strengths and weaknesses and building teams that reflect this. And most importantly, identifying individual employee’s strengths and helping them to develop throughout their careers,

From a work viewpoint what has the last 12 months been like?
Very busy! As an organisation we have been even busier since the pandemic, which is great, but like everyone, I have spent far too much time on video calls. I have learnt the art of looking smart from the waist up!

What would you say are the biggest tech-based challenges we face today?
From an information /cybersecurity point of view, keeping up with evolving threats is a constant challenge. Ransomware will show no signs of slowing down and will get ever worse. As will the complexity of securing the diversity of platforms, the distributed nature of remote working, and complex supply chains. In 2021, we saw some of the biggest supply chain attacks to date causing mass disruption to numerous stakeholders and even the public. If we have any chance of keeping up, cybersecurity teams will really need to match criminals’ creativity.

Give us a fact about you that most other people wouldn’t know.
Sadly, I am not that mysterious, but I collect cookbooks and have far too many. Saying that, I still download recipes from the net!