Career Profile: Kirsty Paine, Splunk
Name: Kirsty Paine
Affiliation: Splunk
Can you briefly introduce your current role in cybersecurity?
As Strategic Advisor in Technology & Innovation at Splunk, my role entails working with our customers across EMEA, particularly in the area of security. I collaborate, advise and help find solutions to challenges, ultimately improving security strategy.
This means distilling the real threats, understanding the context that organisations are working in, (whether that’s around regulation, people challenges or leadership direction) and sharing advice and best practice. My colleague once joked that my business card should say “pointing out failures with a
smile”, but I don’t really believe that failure is anything besides a learning point and a chance to improve. In fact, I’m always honoured when customers share their problems openly and ask to collaborate. I think security is still getting over its ‘hero culture’ and it shouldn’t be right to expect a CISO to get woken up in the middle of the night over business security challenges.
How did your career in cybersecurity get started?
By accident! I did a mathematics degree that involved cryptography and this then led to teaching. I loved teaching students about code-making and breaking and was inspired by the sheer determination of mathematicians like Alan Turing to solve problems. In doing my research, I ended up applying for a job at the UK National Cyber Security Centre (NCSC) as a mathematician.
Initially, I was put into a team that did technical projects, which I thought was amusing given I usually broke most technology I touched. (Perhaps I had a hidden skill for being a great pentester!) So, I learned to code, read and write dry technical specifications, and share mathematical concepts in an understandable way. And it turns out that mathematicians make for great security technologists! We’re set apart by our keen eye for detail, love of reading and writing, logical thinking, deep understanding of data and relentless problem-solving attitude.
This led me to represent UK NCSC at international technical forums and in policy circles – designing new technologies and bringing a technical perspective to policymakers. This external, real-world security experience set me up well for my role at Splunk – bringing an ‘outside-in’ perspective.
What does a typical workday look like for you?
There’s no such thing as a typical workday for me, but that suits me down to the ground! I love the flexibility and creativity that I get in my role.
Because my role involves cross-EMEA work, I travel a lot and I’m always on Slack and Zoom meeting people virtually. I definitely don’t live in an echo chamber and often go out to conferences to present, listen and distil key takeaways so that I can share this knowledge with my security teams and customers who don’t always have the time to go to these events.
Examples of my day-to-day activities include talking to organisations about their security challenges, having a heartbeat meeting (regular, time-bound catch ups) with a CISO, contributing to research, writing a blog and presenting at a conference. And of course, I’m always reading about the latest security trends.
What are the most challenging and the most enjoyable aspects of your role?
Sometimes what you thought would be a challenge ends up becoming the most enjoyable part of your role. Meeting and exchanging information with other experts in security, from CISOs to analyst-level, is what makes my role so exciting and diverse. The threat landscape is always expanding and the pace of attacks is getting faster. As the pace of defence speeds up in tandem, there is always something new to learn. Whether that’s how best to share information to defend against cyber-crime, or what the impact of the latest proposal for security legislation will be. I recently prepared a guest lecture to deliver at Oxford University on security automation, runbooks and best practices – that was pretty cool.
More widely, some of the more difficult aspects of my job are addressing some of the challenges that security professionals also face on a day-to-day basis. One of these is their convergence with other departments such as IT. IT teams previously worked in quite a siloed manner and sometimes still do. But ultimately – an incident is an incident, and it doesn’t matter where it sits – teams need to cross over to address the problem, and we need to encourage security teams to collaborate through shared understanding and tooling. There can be challenges around teams speaking different languages (even when that’s English!), and therefore sharing context, problems and data is crucial. The solution lies in seeing and using the same data – but the challenges aren’t only technical (though, of course, that’s a big part of it). Overcoming barriers between teams will be a big challenge, but luckily the tools to help address this are already in place.
What do you consider the three most important skills to succeed in your role?
The first would be great communication – everyone says they can do this, but they can’t always to the level that’s required. By this I mean clear, unambiguous and purpose-driven communication. It also means being able to adapt and write for different audiences.
Second would be sharing knowledge – it can be very easy to think you are an expert because you did something amazing, but in truth, nearly everyone in security is amazing! So be open to learning from others, understand their experience and be generous with sharing your knowledge too.
And finally, analytical skills are key to connect the dots, see what others don’t, bring in different
perspectives and spot issues and gaps.
What advice do you have for people starting their career in cybersecurity/looking to enter this industry?
Everyone is learning – so be open to what you hear and read as much as you can. Watch webinars from experts – but also challenge those who have been in the industry a long time. Knowledge is quickly outdated, so what was state of the art five years ago can be drastically different from today’s state of the art. This means that, even if you’re a recent entrant to the industry, you will have expertise that others don’t. And it’s so important to share it! Never underestimate the contribution you can (and will) make at the start of your career.
How do you see the industry changing in the years ahead?
There are several ways that I envision the industry changing in the years ahead. One major shift will be quantum computing, which will come into reaching distance in the next five to ten years. And resilience is the most important message in times of change. Most businesses will only think about rolling out or changing technology when there’s a problem, rather than investing ahead of time. Organisations that are flexible and invest for the future are the ones who will succeed. For quantum, preparation is key: create an asset inventory, and build a migration plan, so you can be ready if or when quantum computing arrives – and if it doesn’t, I’m sure you’ll find a good use in security for that asset inventory..!
If people would like to learn more about your role in cybersecurity, where should they go?
The cybersecurity industry is such an exciting place to be, and I encourage everyone who is interested
to give it a try.!
Reading up on the topic is my number one tip. I would always recommend the NCSC blogs – I find them really actionable, pragmatic and interesting You can find them here –
https://www.ncsc.gov.uk/section/keep-up-to-date/ncsc-blog
Sometimes I write blogs about what I do too, which you can find here –
https://www.splunk.com/en_us/blog/author/kpaine.html
And if you are looking to take a step into the industry, you can find out more about careers at Splunk
here: https://www.splunk.com/en_us/careers.html