Q&A: Chani Simms

Chani Simms is an award-winning cybersecurity leader, director of Meta Defence Labs and founder of SHe CISO Exec. platform. Chani is a passionate entrepreneur, C-level advisor, vCISO, auditor, Cyber Essentials assessor and specialist in helping organizations implement and manage information security and data protection programs. She has been an information technology enthusiast since the age of 19 and her various experiences and passion for the industry have led her to founding/co-founding new companies and initiatives, becoming a regular public speaker and being listed as one of the 50 most influential women in cybersecurity.

What was your route into the cybersecurity sector?

My first job was at IBM Colombo, but they didn’t hire me on a permanent basis initially because I didn’t have a degree. So, I came to the UK for my computer science degree and started working as an IBM engineer specializing in IT infrastructure, systems management, virtualization and data centers. Over the years, I worked my way up to specializing in IT and security. Now I work with a lot of SMEs and sometimes large organizations as a virtual CISO, data protection officer, Cyber Essentials Assessor, IASME governance auditor and ISO 27001 auditor and implementer. I also manage Meta Defence Labs, a security company, Cyber Essentials and IASME governance certification body that I co-founded in 2015. I then founded SHe CISO Exec. in 2018 to give back to the community.

What mistakes do organizations most commonly make when it comes to security?

I would highlight the following:

Poor leadership and toxic blame culture
Looking for security unicorns and the magic security box
Not having a formalized risk assessment process
Lack of basic IT/cyber-hygiene
Annual pen tests and once-a-year security awareness training for staff – is that really enough?

What do you hope the future has in store for the information security sector?

Things need to be secure by design and safe by default.

Quick-fire Q&A

What’s the most interesting thing about information security?

People – human behavior is fascinating to me

What’s your guilty pleasure?

Shoes, handbags and dresses

Aside from security, what would be your dream job?

Creating a design gallery

Q&A: Chani Simms

Quick-fire Q&A

You may also like

UK Government: 75% of UK Businesses Experienced a Cyber Incident in 2023

State of the Nation: Exploring the UK Cyber Landscape

Companies Call for Changes to UK’s Cyber Essentials Scheme

Cyber Essential’s Password-Based Authentication Requirements

UK's SMEs to Benefit From New Cyber Advisors

What’s hot on Infosecurity Magazine?

How to Backup and Restore Database in SQL Server

DragonForce Ransomware Group Uses LockBit's Leaked Builder

Vulnerability Exploitation on the Rise as Attackers Ditch Phishing

State-Sponsored Espionage Campaign Exploits Cisco Vulnerabilities

BEC and Fund Transfer Fraud Top Insurance Claims

US Takes Down Illegal Cryptocurrency Mixing Service Samourai Wallet

Alarming Decline in Cybersecurity Job Postings in the US

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Dependency Confusion Vulnerability Found in Apache Project

Security Leaders Braced for Daily AI-Driven Attacks by Year-End

Fifth of CISOs Admit Staff Leaked Data Via GenAI

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Untangling the Web: Navigating Third-Party Risk in a Hyperconnected World

Beyond Passwords: Securing the Digital Age with MFA, 2FA, and Passwordless Authentication

Understand and Combat the Top Healthcare Cloud Threats Today

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024