Siming Wei is a Cyber Security Senior Associate at PwC. She joined PwC after completing a master’s degree in Wireless and Optical Communications. Siming has also achieved a first class degree in Electrical Engineering. She is currently studying part-time for a second master’s degree in Information Security at Royal Holloway University.
Please tell us a bit more about yourself.
I joined the PwC Cyber Security Practice in 2014 after completing a master’s degree in Wireless and Optical Communications. Over the past two and half years, I have really delved into the exciting world of cyber security, working on a variety of projects in areas ranging from information security management to identity access management across a number of industries.
What made you choose a career in Cyber Security?
Making things happen and making things better always give me a great sense of satisfaction. This was the driving force for me behind choosing a degree in engineering. With the inspiration to encourage more young people and especially girls to study STEM subjects, I became a STEM ambassador at University. This is where I encountered cyber security for the first time. Thanks to the IT-related modules in my degree, I was able to understand more about information technology and started to pay more attention to news concerning information security. Upon my graduation, and being attracted by the PwC brand, I went on the graduate recruitment website and found that they were recruiting graduates for cyber security roles. I always wanted to work in the technology field, so after doing some research on cyber security, I decided it is a very interesting field that offers a promising career.
What are the greatest positives about working in Cyber Security?
Cyber security as an industry is constantly growing and evolving with the rapid advance of new technologies. Therefore, the work is never boring and no two days are the same. Gaining exposure to different problems clients are facing and helping them solve these problems has been a very rewarding experience. Cyber security is becoming much more important to business, and thus it is a great pleasure to take part in shaping the cyber security world to enable business growth. It is exciting to work in a very diverse team of people from different of backgrounds here at PwC. The amazing people I work with help me to learn new things every day.
What are the greatest challenges in Cyber Security?
Over the past few years, a few high-profile security incidents have caused both individuals and organisations to wake up to the importance of cyber security. We have seen quite a lot of organisations starting to seriously invest in cyber security. However, according to the Global State of Information Security Survey 2016, insider threats are still the top risk to organisations. Building the right culture to encourage employees to be secure is the biggest challenge. Organisations must realise that only investing in technologies will not be sufficient to improve the organisational information security posture. People, processes and technologies should all be considered when building and improving their information security capability overall.
What are the highlights of your career?
Joining PwC has been the biggest change in my life and is definitely a highlight in my career. The great opportunities and enormous support I received from the firm and colleagues have really helped me to learn and develop as a cyber security professional. Another highlight of my career has been working on the Cyber Security Challenge Masterclass 2016, which is the culmination of a national competition programme to identify new cyber security talent and was this year designed and hosted by PwC. It is run by the Cyber Security Challenge UK, a non-profit organisation backed by the government and industry bodies. The event itself has helped to raise awareness in society, and encourage people – especially young people – to work in cyber security. It was an amazing experience to project manage this high profile event and to be involved from the beginning to the end in game design, event management, marketing and PR for more than 6 months.
Where do you see Cyber Security in 10 years?
With the constantly changing landscape of threats, I believe that cyber security in 10 years will be very different from today. The Internet of Things, the Cloud and other new internet-based technologies, while introducing great convenience and productivity to our lives, can introduce new risks to cyber security and privacy. Cyber security practitioners and law enforcement agencies will need to respond to new challenges. With GDPR coming into force in 2018, organisations are required to do more to demonstrate they can safeguard the information they are handling. In 10 years, new regulations and industrial standards may be created to address cyber security in new technologies such as drones, driverless cars and smart homes.
What are your career ambitions?
Since cyber security is such a broad topic, it is very difficult to be an expert in all areas. With my experience growing, I would like to become a ‘go to’ person in a specific field of cyber security to solve some of the important problems in society. As I am still at the early stage of my career, I would like to build a good understanding of different areas in cyber security before choosing my areas of expertise. With the rapid advances in technology, there will be so many new risks to be mitigated and new assets to be protect in cyber security in 5-20 years. Therefore, I want to keep an open mind and be the best I can when opportunities arise.
What would you do if you were not a consultant?
I would probably be an electrical engineer in the renewable and green energy sector. I would love to use the knowledge and the problem solving skills I acquired through my degree to tackle energy shortage and the pollution that comes with electricity generation.
What advice would you give young people hoping to enter a career in the field?
My advice for young people is to study what you are really passionate about and interested in. Follow your heart instead of your peers. Whatever you choose to study, the skills you developed are transferable and valued in cyber security. We have a very diverse team here in PwC and we value the different backgrounds and skills each individual brings to the team. Entering a career in cyber security will open up opportunities in many areas and on a wide range of issues. There are so many areas you can go into such as penetration testing, digital forensics and information security governance. You can explore and specialise in the area you are interested in the most. All you need is to be open minded and ready to learn.