Sarah Armstrong-Smith’s career has been built on risk management, resilience, and staying ahead of evolving cyber threats. As the chief security adviser at Microsoft Europe and a leading cybersecurity speaker, she has spent over two decades helping businesses navigate digital transformation and enhance their security posture. In a recent interview, we had the opportunity to delve into the major cybersecurity challenges facing businesses today, the significance of resilience in a digital era, and strategies for promoting greater inclusivity in the tech industry.
When asked about her journey into cybersecurity, data protection, and digital transformation, Sarah shared that her interest was sparked during the Millennium Bug crisis in 2000 while working for a water utility company. This experience led her to focus on business continuity, disaster recovery, cybersecurity, fraud, and crisis management, culminating in a career centered around resilience. She emphasized the importance of continuously asking questions and thinking about worst-case scenarios to build a robust security mindset.
Regarding diversity and inclusion in the workplace, Sarah highlighted the need for a diverse workforce to drive innovation and progress. She emphasized that diversity goes beyond gender and encompasses a variety of backgrounds, experiences, and cultures. Inclusion, according to Sarah, involves breaking down false barriers and encouraging individuals to explore different career paths throughout their lives.
Reflecting on lessons learned from managing the Millennium Bug threat, Sarah stressed the importance of thinking holistically about potential incidents that could impact not only individual companies but entire sectors or even globally. She drew parallels to events like 9/11 and the COVID-19 pandemic, underscoring the interconnected nature of today’s threats and the need for a resilient approach to cybersecurity.
When asked about media coverage of cybersecurity risks, Sarah acknowledged the potential for exaggeration and misinformation in the media. She cautioned against scaremongering and emphasized the importance of seeking out reliable sources of information to make informed decisions about cybersecurity risks.
In her role as chief security adviser at Microsoft Europe, Sarah pointed to the challenges posed by cybercriminals who exploit crises like the COVID-19 pandemic to launch phishing and ransomware attacks. She advised businesses to adopt an ‘assume compromise’ mindset and focus on preparedness and crisis response as integral components of their cybersecurity strategy.
Looking back on her career, Sarah’s advice to her younger self and aspiring professionals in tech and cybersecurity is to embrace opportunities for growth, even if they seem daunting or unfamiliar. She encouraged individuals to take on new challenges, continue learning, and enjoy the journey, highlighting the non-linear nature of career paths and the value of seizing unexpected opportunities for personal and professional development.
