Big interview – Pooja Shimpi

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Share on email
Share on print
Pooja Shimpi

Security Buyer catches up with Pooja Shimpi, Business Information Security Officer, APAC with one of largest asset management firms in the world 

You are a headline speaker at Security Buyer Live, what can we expect from your session? 

Firstly, thanks for the opportunity. We have witnessed 2021 to be a year of global disruption on a variety of levels. As a result, security professionals were forced to quickly reprioritise their approach to cyber and information security.  

With 2022 starting with a bang, security leaders must continue to adapt to the evolving, sophisticated cybersecurity attacks, government/regulatory requirements and technological landscapes that are impacting organisations data security strategy and posture. It’s now vital for the organisations to ramp up their response capabilities and improve cyber resiliency.

It’s no secret that a cyberattack, whether targeted or widely distributed, can have a dramatic impact on organisational customer success, data integrity, financial, regulatory and long-term reputational damage.  

Key learning points of my sessions are: 

  • What are the latest top cybersecurity risks and threat landscapes?
  • How can you mitigate the risks and manage those cybersecurity trends?
  • How to tackle the ever-growing skills gap in cybersecurity industry?

What knowledge and experience do you bring to the virtual event? 

I am a passionate Information & Cybersecurity enthusiast, and have 14+ years of experience with reputed international banks. I have expertise in driving various initiatives across multiple domains of Information Security and Technology Governance, Risks & Compliance (GRC). My current role focuses on enhancing information security policy & frameworks (NIST, ISO 27001/2), management of regulatory requirements, cyber security education and awareness trainings, cybersecurity related risks and incident management, audits, data governance, identity access management and more. 

I have recently founded “Protégé for Women in Cybersecurity” initiative where I showcase inspirational stories of mentors and mentees in Cybersecurity. I have participated in various cybersecurity events as a speaker and I write articles. I am also actively involved in Global Inclusion & Diversity Programs, and leading mentoring initiatives with reputed organisations. 

How important is equality in the industry and how can we help improve it? 

Equality is important in any industry! It’s been proven that diversity in any field results in higher productivity and better profits. Representing over half of the world’s population, women have a unique way of dealing with risk. For cybersecurity industry, according to the recent survey women are underrepresented and they only make up between 20% and 25% of the workforce. However, the trend is slowly shifting, and various efforts are in progress by the governments and organisations. The cybersecurity industry has the capability and offers an unlimited scope for women to thrive in the industry.  

What is the purpose of an Information Security Professional? 

In one sentence “To protect and secure organisations against the constantly evolving security threat landscape, learn and keep up with the pace and improve the organisation’s overall security posture” 

What are the biggest challenges facing the cybersecurity sector? 

Across all industries, ransomware remains a growing and increasingly complex threat. The bad actors continue to target, compromise and extort high-value ransoms from victims. And in 2022 it’s not going away, but will grow exponentially!  

Below are the top trending challenges of Cybersecurity:  

  • Ransomware attacks (especially on critical infrastructure) 
  • Supply Chain attacks 
  • Deep Fakes 
  • Zero-day vulnerability & associated attacks 
  • Skilled Cyber Workforce shortage 

By recognising that hackers will find vulnerabilities, leaders can improve the way they design and deliver services, manage risks and train their teams. We need to be extra vigilant about the potential risks associated with the cyber-attacks would have on any organizations / industry, but also on the regular people and community.  


To read more exclusive features and latest news please see our February issue here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922

Subscribe to our newsletter

Don't miss new updates on your email