25 WOMEN IN CYBER

Sydney Klein

Chief Information Security & Data Officer, Bristol Myers Squibb

Cyberattacks are the number one business risk in most of the world, according to a 2022 study from the World Economic Forum. Not all cyber threats are alike, and diverse problems require diverse solutions. Yet, the cyber industry is predominantly led by men. How can we solve this significant threat to the business world with only half of the population? Fortunately, the women who make up that percentage are some of the fiercest in the greater technology industry. In this series, The Female Quotient and Deloitte are putting a spotlight on 25 women at the forefront of the cyber revolution, amplifying their career advice and sharing their insights on how the industry will evolve in the future. Their stories are proof that behind every functioning society is a woman in cyber.

What does a typical day of work look like for you?

I start each day by reviewing threat and operational intelligence. After gaining understanding about what’s pertinent and timely for the company and at large, I adjust my day as needed. Otherwise, every day is different. I always prioritize connecting with my team, the organization, and industry colleagues.

What's a common misconception about women in cyber you'd like to debunk?

That cybersecurity is what you see on TV or in the media, aka the hacker in the hoodie. But it’s so much more. We need diverse talent to combat the increasing threats—people who understand risk, people who are great software engineers, people who know the business, people who are great communicators and so much more. There isn’t one set of skills needed for cybersecurity. We need all skills and backgrounds to succeed.

What aspects of your career journey have taken you by surprise?

The largest surprise of my career journey is simply the fact that I am a CISO today. I started my career in cybersecurity as a happy accident in 1999, and I immediately fell in love with the industry. While I loved cyber, I never envisioned myself as a CISO, but I had wonderful managers, mentors, and sponsors who saw things in me that I didn’t always see in myself. They helped me understand that I could define my role as CISO to make it truly mine. I’ve been a CISO for four years and have loved every minute of it.

What's your superpower as a woman in cyber?

Communication. There are so many skills required in cyber, and communication is at the top of the list, especially when serving as a CISO. You must be able to demystify the topic, help people see their role in being cyber vigilant, and help business partners, management, and the board understand the risks that exist.

What's the most challenging component of your job today?

Balance. Cybersecurity is a risk that cannot completely be mitigated. Each and every day we must make decisions on implementing appropriate controls while enabling the business. Facts and circumstances change as threats constantly evolve. We must constantly monitor the situation and adjust to maintain the right balance.

Tell us about the cyber project you're most proud of working on in your career.

Most recently, I have been proud of the buildout of the BMS Cyber Fusion Center, which allows us to rapidly defend and respond to cyber threats. The team is made up of dedicated colleagues around the globe who are focused on ensuring we can deliver upon our mission to discover, develop, and deliver innovative medicines that help patients prevail over serious diseases.

What's one must read, watch or listen for women wanting to work in cyber?

The Fearless Organization: Creating Psychological Safety in the Workplace for Learning, Innovation, and Growth by Amy Edmondson

How has public perception of cybersecurity changed over the course of your career, and how do you predict in the future?

I remember explaining my profession to friends and family when I began in cybersecurity, and no one really understood the concept. Now that cyber attacks are frequently in the news, there’s a greater understanding and appreciation. In the future, while I see cyber attacks continuing to evolve, I see the cross-industry collaboration, investment, management support and government support for cybersecurity improving.

What's one piece of advice you'd give your younger self about getting started in cyber?

Try everything! There are so many different facets of cybersecurity. I encourage everyone to continually expand their knowledge through job rotations.

Who are some women working in cyber today that you admire?

Emily Mossburg, Michelle Valdez, Caroline Wong, Janet Scott, Ashley Devoto and Erika Dean

Sydney Klein serves as Chief Information Security Officer and Head of Infrastructure and Cyber for Bristol Myers Squibb (BMS), a global biopharmaceutical company whose mission is to discover, develop and deliver innovative medicines that help patients prevail over serious diseases. Sydney has over 20 years of experience in cybersecurity. As the Head of Infrastructure and Cyber, she leads BMS’ efforts to create a seamless digital experience with human touch that engenders trust for colleagues, customers, and patients by balancing innovation and security, while protecting BMS’ most valued information. In addition to this role, Sydney is a strong ally to underrepresented communities. She is a member of the BMS’ Global Diversity and Inclusion Council, the executive sponsor of the IT Diversity and Inclusion Council, and the executive sponsor for the local Pride Alliance People and Business Resource Group chapter, which aims to empower LGBTQ+ inclusion, awareness, and engagement.