Q&A: Chani Simms

Chani Simms is an award-winning cybersecurity leader, director of Meta Defence Labs and founder of SHe CISO Exec. platform. Chani is a passionate entrepreneur, C-level advisor, vCISO, auditor, Cyber Essentials assessor and specialist in helping organizations implement and manage information security and data protection programs.  She has been an information technology enthusiast since the age of 19 and her various experiences and passion for the industry have led her to founding/co-founding new companies and initiatives, becoming a regular public speaker and being listed as one of the 50 most influential women in cybersecurity.

What was your route into the cybersecurity sector?

My first job was at IBM Colombo, but they didn’t hire me on a permanent basis initially because I didn’t have a degree. So, I came to the UK for my computer science degree and started working as an IBM engineer specializing in IT infrastructure, systems management, virtualization and data centers. Over the years, I worked my way up to specializing in IT and security. Now I work with a lot of SMEs and sometimes large organizations as a virtual CISO, data protection officer, Cyber Essentials Assessor, IASME governance auditor and ISO 27001 auditor and implementer. I also manage Meta Defence Labs, a security company, Cyber Essentials and IASME governance certification body that I co-founded in 2015. I then founded SHe CISO Exec. in 2018 to give back to the community.

What mistakes do organizations most commonly make when it comes to security?

I would highlight the following:

  •  Poor leadership and toxic blame culture
  • Looking for security unicorns and the magic security box
  • Not having a formalized risk assessment process
  • Lack of basic IT/cyber-hygiene
  • Annual pen tests and once-a-year security awareness training for staff – is that really enough?

What do you hope the future has in store for the information security sector?

Things need to be secure by design and safe by default.

Quick-fire Q&A

What’s the most interesting thing about information security?

People – human behavior is fascinating to me

What’s your guilty pleasure?

Shoes, handbags and dresses

Aside from security, what would be your dream job?

Creating a design gallery

What’s hot on Infosecurity Magazine?