This week we pulled up a chair next to cyber security expert, Sylvia Choa. Sylvia joined the KJR Collective as Principal Consultant in our Cyber Security team in January 2019, super-charging our offering to clients and building our cyber security capability and leadership.
Where were you working before KJR and how did you come to join the Collective?
Prior to KJR, I was a cyber security consultant for a number of global and local information security firms for many years. This provided me with a very good understanding of the challenges that clients are facing, and not just within Australia, but at a global scale.
However, my focus at KJR will be Australian based companies, that said we have big plans here at KJR.
What was it about KJR that attracted you?
KJR was attractive to me because I could see that it had a fantastic team with great people. Also, KJR has huge opportunities in the cyber security area and I will assist to make that service even better for our clients.
KJR has a fantastic flat structure that allows our clients to access our senior people. This was appealing to me as it demonstrates a collaborative working nature that benefits everyone. KJR has a welcoming and open culture that our clients appreciate. Happy people means great work, and that in turn means happy clients.
What is KJR’s offering in the cyber security space?
We have a growing team of cyber security consultants and the service area is one part of the overall transformation work we offer to our clients based on their specific needs. With the team actively growing, we will also be reaching out into the market to get additional cyber security specific clients.
Some of the services we offer include: assisting companies in achieving information and data security, enabling management to make strategic decisions for protecting data security; primarily around confidentiality, integrity, and availability of data; minimising IT security risks, reviewing of the current state of cyber security and working out where the gaps are then executing a plan to plug the holes; PCI Data Security Standards compliance certification audits and gap analysis; cyber security status reviews based on industries standards such as NIST, CIS Top 20 Critical Security Controls Assessments and ISO 27001; as well as Cloud security.
Third-party supplier audits are also a large part of what we do. Many organisations work with a large number of partners and share sensitive data with all those partners. Companies are concerned about privacy as well as confidentiality and how those suppliers or partners make use of and protect their data.
Some of this is done in conjunction with our partner network who supports KJR. We pick a crack team to get the job done.