Sponsored
The power of driving your own career
Sponsored By
Sponsored By
The landscape of cybersecurity continues to evolve rapidly, especially within the financial sector, where the need for robust security measures grows increasingly critical. At the forefront of this battle against cyber threats is Kelly McKillen, the Interim Chief Information Security Officer at Bank of Ireland. Through her rich journey in technology and banking, Kelly has gained valuable insights into effective leadership and the importance of gender diversity in the tech industry.
Kelly’s journey into the world of technology began with a somewhat unusual education choice. “I wanted to study science but didn’t want to do a general science degree,” Kelly states simply. So she opted for Computer Applications at Dublin City University (DCU) in the late 1990s, despite not having a foundational knowledge about computers. “I thought it would be an interesting sector!”
“It was a tough course to get through but we did get to the other side and I started with AIB through the graduate programme. I thought I was going there as a developer but they put me in the IT support area, which was a major adjustment for me to learn the ropes,” she explains. “I learned a lot about different technologies and got a very broad base of understanding in terms of the business, working with different stakeholders and learning those grassroots broad-based technologies. The team was a really good team to learn from and to work with.” After working her way up to leading a team, Kelly took “a right turn” and went travelling the world for a year. “I asked for it as a career break and got it so I was even able to return to the same team. It was great for them to give it to me and I was delighted to take the chance,” she smiles.
After her return, she moved to a software support team, “looking after the big off-the-shelf solutions that the bank would have been using for things like anti-money laundering. I was full stack management and it gave me another view.
Then came a “crucial turning point” in her career when she decided to specialise in cybersecurity about 13 years ago. “It was a pivotal moment for me. I felt it was time to specialise and information security is one of those areas. I knew they were looking for people in that area at the time, reached out and had conversations with a few people and I was intrigued by what they were doing and what I could bring to the table there with my own experience. So, I took the plunge.”
It’s so important to be the driver of your own career. You absolutely can't sit back and let somebody else do that for you.
As she looks back at that decision, Kelly reflects on the importance of taking control of your own career. “It’s so important to be the driver of your own career. You absolutely can’t sit back and let somebody else do that for you because it’s not going to happen. Especially not in large organisations, well in any organisation really, you need to remember that people are busy. You’ll hopefully be supported by your line manager but the focus will be on achieving organisational outcomes so… at the end of the day, the only person that can drive your career is you. In terms of you making moves, you’re responsible.”
This sentiment rings particularly true as she shares the common self-doubt faced by women in the industry. “Data shows that women often underestimate their abilities, which can lead to missed opportunities,” she observes.
During her early days in cybersecurity, Kelly grappled with imposter syndrome, a feeling many professionals encounter when stepping into new roles. “I remember thinking, ‘What have I done?’ as I stepped into meetings with seasoned professionals in information security,” she recalls. To support herself, Kelly leaned into her experience and sought guidance from her colleagues. “I had to be open to learning from others, dealing with my inner critic, and building my skills and expertise,” she explains.
She is also thankful for the colleagues who supported her at the time to make such a shift. “I think I’ve been very fortunate to work in some really good organisations, but also to be really supported by my managers in those areas. For example, when I wanted to specialise and to make that major change I was supported by my manager at the time. She selflessly let me do that even though it was to her detriment. She could have easily held on to me and decided it wasn’t the right time for her area to let me go. Instead, she was a big supporter of letting me pursue what I wanted to do. She is a phenomenal lady.”
Pictured, left, Kelly McKillen and Shreya Aggarwal as part of the IMAGE x PwC Women in Tech series.
When she moved on to join Bank of Ireland, Kelly was tasked with establishing a solid security architecture model. “I was attracted to the scope of the role,” she shares, noting the opportunity to fill skill gaps she recognised within the organisation. “It’s important to work with a welcoming team. That environment is crucial for facilitating security by design, which is essential in implementing effective security measures.”
As Bank of Ireland’s Interim Chief Information Security Officer, Kellys puts the idea of “security by design” into practice every day by embedding security practices into the development of new initiatives. “When you consider security from the outset, it becomes easier and less costly than trying to implement it at the end of a project,” she articulates.
Across the banking sector, she emphasises the importance of adapting to the evolving threat landscape. The bank conducts regular assessments and updates its cybersecurity strategies to remain agile in the face of emerging risks. “The cybersecurity landscape is always changing, and our strategies need to reflect that reality.”
In her current role, Kelly oversees various operational aspects of information security at BoI, a task that requires continuous collaboration with her team and other stakeholders. “It’s a team sport in security. You might lead efforts, but the right outcomes derive from competent people working together,” she states.
