‘When I returned, I wasn’t sure whether I wanted to join a large organisation such as NN. What I didn’t know at the time was that as an Auditor and Ethical Hacker, you’re also helping people. The goal is to create security for our customers and our colleagues and so for NN itself. The NN systems have to be robust enough for us to protect people’s finances, data and their privacy.’
‘During an audit, I ask questions to check whether processes, systems and the people who work with them are doing what they have to do. As an Ethical Hacker, I go a step further and I really test systems and people to the extremes. ‘Does it work in extreme conditions?’ is the question that I really ask and to answer those questions, I literally act like a criminal. I try to break into systems, data centres or sometimes just the office in the light of day, both digitally and physically. How people react shows how well prepared NN is for real criminality.’
‘I also help colleagues to make improvements. It’s not about finger-pointing, it’s about solving problems. That’s why I’m always probing. I can easily ask the why question five times. It’s sometimes pretty irritating, but that’s the only way you get to the nub of the problem and so find a good solution. People need to get out of their comfort zones for this. For me, a comfort zone is the same as laziness, getting out of it means growth.’
‘Another sport I enjoy and one that I’ve been doing for 33 years is judo. While a triathlon is a solo endeavour, judo is about interplay; the right movement at the right time, using the strength of your opponent, just like during a hack really. I also like to teach my son judo, mainly because it’s also about having respect for other people and about discipline and control. It’s a life lesson I’d like to teach him.’