Interview: Patricia McCulla, GBG, Women in Tech Excellence Awards finalist

“Enabling more women to pursue careers in the tech industry requires collaboration”

Patricia McCulla is Head of Security Risk & Governance at GBG and a finalist in the Security Professional of the Year category of the Women In Tech Excellence Awards 2024.

Patricia manages a team responsible for ensuring compliance with global security certifications and customer requirements and has extensive experience in risk management, having conducted internal audits, managed third-party risk for suppliers, and overseen information security risk analysis.

Patricia joined GBG in the privacy team and later transitioned to information security, where she became a Security Operations Centre (SOC) Manager. She completed a Level 4 Cybersecurity Technologist apprenticeship with distinction and was promoted to her current role in 2023.

Patricia told Computing what this year has brought for her and her organisation and considers the year ahead.

Please provide some background on your company for our readers. What makes you different from other companies?

GBG is the leading expert in global identity and location. In an increasingly digital world, GBG helps businesses grow by giving them intelligence to make the best decisions about their customers, when it matters most. Every second, our global data, agile technology, and expert teams, power over 20,000 of the world's best-known organisations to reach and trust their customers.

GBG has built the company on secure and trusted foundations, ensuring that these principals are at the heart of everything we do. For me GBG stands out due to the unique opportunities it provides for professional growth and global exposure. My global role has given me the opportunity to travel and educate our people on the importance of information security across our different offices, including those in Australia, America, Spain, and Turkey.

What one company achievement in the last 12 months are you most proud of?

Our success in educating all team members, across the global organisation, on their crucial role in keeping GBG secure and trusted. Ultimately, this is everyone's responsibility, not just that of the Security, Risk, and Governance Team. Thanks to ongoing training and education, we've seen remarkable results. For example, during our last phishing simulation, none of our team members clicked on any suspicious emails.

On a personal level, I have been given the opportunity by senior leadership to spearhead this project across all regions. This has significantly boosted my confidence and enabled me to build stronger relationships with team members across the organisation.

Why are events like the Women in Tech Excellence Awards important to the IT industry?

They provide a platform and an opportunity to celebrate what can be a very challenging industry for women and allow like-minded individuals to come together to celebrate individual achievements.

Enabling more women to pursue careers in the tech industry can’t be solved by just one person or one organisation, it requires collaboration! I have found great value in attending women in tech and women in cyber networking events, as they create opportunities for mentorship and creating new connections.

What have been the biggest challenges of 2024 so far, and how have you overcome them?

One key challenge has been improving the speed at which we can provide assurance to customers about our secure and trusted culture. To overcome this, we created a Trust Centre, which serves as a one-stop shop for all our security posture information. By utilising innovative technology, including automation and AI, our Trust Centre is always up to date. This has enabled us to meet our customers’ needs whilst still empowering my team to work on other critical tasks.

What do you see as the main opportunities for the IT industry in the coming year? How do you plan to capitalise on those opportunities?

Greater automation, particularly in the governance, risk and compliance (GRC) space.

Of course, many people are still wary of automation, worried about whether it will make their role redundant, but this is far from the case. Greater automation has the potential to streamline processes, making them faster and more efficient, freeing up people to focus on more critical and complex issues.

To capitalise on these opportunities, we plan to integrate more automation tools into our workflows in the coming year. For instance, we are already using AI and automation in our Trust Centre, which has been a great success, but there is always room for improvement and innovation.

I’m continuously having conversations with vendors on new automation tools and solutions in the GRC space and working with my team to identify new areas where automation could improve our work. This approach helps us stay at the forefront of our industry and continue to provide top-notch service to our customers