In the traditional cybersecurity niche, women have been breaking barriers and making significant contributions to the industry. Despite facing challenges such as gender bias, discrimination, and lack of representation, women are thriving and playing a vital role in shaping the future of cybersecurity. With the growing need for cybersecurity professionals, it is essential to recognize and support the contributions of women in the field.
Meet Flick March, a seasoned technologist with a lifelong passion for influencing, designing, and delivering IT services. With over three decades of in-depth experience, Flick is now at the forefront of the industry, taking cyber resilience to new heights.
Flick’s commitment to ensuring technology is resilient runs deep, she believes that maintaining core function and integrity is essential. Working closely with the C-Suite and their teams, she helps them understand their current level of Security, Compliance, Resilience, and “recoverability” risk. She collaborates with them to shape a strategy that strengthens their Cyber stance.
From Beta Testing to Mega-Deal Maker
At the young age of six, Flick was introduced to the world of computers and technology by her engineer father. Together, they embarked on a journey of learning, from programming and hacking into applications to mastering different types of storage and hardware. Her love for technology grew exponentially, and she became a beta tester for Microsoft’s Windows 3.1 and went on to become a certified engineer in Windows CE.
At just 24 years old, Flick was recruited by IBM, where she worked as a technical architect. She was instrumental in building technical solutions and advising clients on complex outsourcing deals. Throughout her career, Flick became acutely aware of the importance of security & resilience in technology. She recognized that not only cybersecurity attacks, but also human error, hardware failure, and power outages could cause significant damage to computer systems.
After running IBM in the UK, Flick quickly moved up to lead security and resilience for all of Europe. Her expertise in Cyber Resilience, which combines Cybersecurity with traditional methods of recovering from outages, made her a thought leader in the field. Flick recognized that Cybersecurity was great at protecting and detecting attacks, but not as well-equipped to deal with outages caused by cyber incidents. As a Global Vice President of Growth for Kyndryl, a company spun off from IBM, Flick continues to lead in both cybersecurity and cyber resilience. She understands that in certain industries, like healthcare, the cause of an outage is not as important as the need to quickly restore access to critical patient records.
Flick has invested considerable time working with industry analysts and organizations to promote the convergence of cybersecurity and resilience into what is now known as cyber resilience. She has also taken a keen interest in understanding new regulations like DORA, to guide the industry on the importance of compliance and regulatory control in their services. By engaging with industry bodies, she helps customers not only protect themselves from cyber-attacks and outages but also embed regulatory compliance into their services.
Sharing Significance of Embedding Security Measures
Flick’s inspiration for venturing into Cybersecurity was fueled by witnessing companies going under cyber-attacks and the adverse effects of their downfall. She cites several examples, such as a bank experiencing down time, resulting in people not being able to pay for their goods, and extreme weather causing outages that impeded access to basic services. Additionally, Flick recounts a Cybersecurity team deliberately shutting down a hospital due to a data leak, emphasizing the importance of maintaining fundamental business processes. She stresses that the industry cannot simply wait for recovery, but must build redundancy and resilience into the system. Flick’s realization was that Cybersecurity is often treated as an isolated issue, without proper attention given to embedding security measures throughout the industry.
Flick has seen the worst cyber-attacks and has witnessed companies neglecting vital updates and running outdated systems to save costs. Therefore, she believes that companies should prioritize keeping their business processes functioning and improving their cybersecurity practices to avoid the negative consequences of a breach.
Anticipating, Protecting, Withstanding, and Recovering from Cyber Threats
Flick believes that a company’s competitive edge is their focus on Cyber Resilience. Kyndryl defines Cyber Resilience as the “company’s ability to anticipate, protect against, withstand, and recover from adverse conditions, stresses, attacks, and compromises of a cyber-enabled business.” She highlights that most companies have separate teams for Cybersecurity and Recovery backup, which can lead to gaps in response during a cyberattack. She cites the example of the NotPetya attack in 2017, which affected 3,000 companies worldwide and cost $10 billion globally, revealing a significant gap in how companies respond to cyberattacks. Cyber Resilience is the integration of business continuity, business impact analysis, recovery backup, and traditional cybersecurity to ensure a complete life cycle of anticipating, protecting, withstanding, and recovering from all aspects of cyber threats.
Additionally, Kyndryl employs the concept of minimum viable company, which involves identifying a company’s critical processes, understanding the technology they rely on, identifying primary data stores, and ensuring that business risk appetite aligns with IT response. Flick believes that Kyndryl is the only company in the industry that offers a complete end-to-end solution for Cyber Resilience, making them unique in the market.
Kyndryl is the world’s largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages and modernizes the complex, mission-critical information systems that the world depends on every day.
The company offers six global practices, including Cloud, Applications Data and AI, Core Enterprise and zCloud, Digital Workplace Services, Network and Edge, and Security and Resiliency Services, and provides technology services to help customers secure their businesses, modernize, and digitally transform. The company has partnerships with major industry players, including hyperscalers, and works closely with customers to co-create solutions. It places a strong emphasis on culture, with a flat, fast, and focused strategy and a leadership team that is restless, empathetic, and devoted. Kyndryl’s strategic direction is based on Three A’s, which includes Accounts and Alliances, Advanced Delivery.
The company aims to become the most wanted place to work by treating employees with respect, promoting work-life balance, and providing a positive and safe work environment.
Evolution of Cybersecurity Challenges from the Past to the Present
When Flick first entered the field of Cybersecurity, the main challenge was the narrow-minded focus on Security alone. In addition to this, there were various attacks, albeit different from what the world sees today, as state-sponsored attacks were non-existent. In the beginning, antivirus software was a novelty, and there was a lack of education and training, which led to a high rate of human error. The ownership of technology was also different, with less information sharing, and there was no internet, so viruses could not spread as quickly. The challenges then were mainly due to the lack of understanding about the damage viruses could cause, and the sheer variety of technologies available made it difficult for a virus to cause widespread harm.
However, Flick feels that today’s challenges are more complex. For instance, one can buy a DDoS attack on the dark web, and cyber war and cyber warfare are being funded with large sums of money. Malware and Ransomware attacks are rampant, and the aim is to cause damage, get money, or disrupt systems. Human error and lack of knowledge still pose a significant challenge, but the shortage of skilled personnel in the Cybersecurity and Cyber Resilience sectors is an ongoing problem. Thus, it is a constant struggle to maintain the necessary skills and capabilities within a company to combat the ever-evolving Cyber threats.
Assessing the Usage of Advanced AI Technologies
Flick mentions that Kyndryl has incorporated AI and Machine Learning into their services and offerings to stay current with vulnerabilities. Although Kyndryl is monitoring ChatGPT and other similar technologies regarding their level of AI, they have integrated AI into various aspects of their operations. For instance, they use AI in help desks and chatbots, employ it in learning, and use it to identify patterns and triggers in service delivery.
However, regarding AI like GPT, they are assessing its usage and evaluating its source data to avoid unreliable output. Kyndryl partners with Microsoft, Google, AWS, and IBM to keep abreast of technological advancements and continually reassess the situation surrounding AI technologies.
Aiming to Driving the Industry Towards Responsible Cyber Resilience
Flick’s vision for Kyndryl is to become the preferred partner in Cyber Resilience. She wants Kyndryl to be the voice of truth, be recognized as a leading authority in Cyber Resilience and to have a strong voice in influencing and advising the industry on where it needs to go as well as driving the industry towards responsible Cyber Resilience. Her goals include ensuring that technical service providers take ownership of oversight, and that Security and Resilience are embedded in everything that Kyndryl does.
Flick’s personal and professional goal is to ensure that the industry is embracing changes that make security intrinsic in everything that it does, rather than just an add-on. Kyndryl is at the forefront of these changes, such as the convergence of Backup, DR, and Cyber Recovery, as well as Cybersecurity and Resilience and the increasing importance of Data Availability, reliability, security, and Resilience.
Flick sees a huge difference in the industry due to this convergence, and she believes that everyone must get on board to provide the necessary answers for businesses to function properly. Helping to ensure the smooth functioning of business processes is what keeps Flick happy every day.
Breaking Stereotypes and Promoting Diversity
Flick is a unique and authentic individual who loves being on two wheels and has raced motorbikes since the age of 16 as well as Motocross and Mountain biking. She constantly smashes stereotypes of what one might expect from a woman in Cybersecurity. She is also passionate about mental health and promoting diversity in the industry. Flick acknowledges that many people are interested in pursuing Cybersecurity but may feel like they lack the technical skills or knowledge to do so. Her advice is to be bold and brave, follow your passions, and never stop learning. She believes that technology is an ever-changing field that offers endless opportunities to grow and learn. Flick encourages everyone, particularly women, to join the industry and be a part of shaping its future.