Select your country

Not finding what you are looking for, select your country from our regional selector:

Search

Talents' stories - Tamara Hendriksen, CISO Netherlands

What is your role at Orange Cyberdefense?

I am the Information Security Officer for Orange Cyberdefense in the Netherlands, and I am mainly responsible for the security and compliance matters within the country including; managing all our certifications and making sure we comply with customer security and privacy requirements. I’m also responsible for all internal security queries and carry out the Data Protection Officer role. This means I’m responsible for all privacy related matters around GDPR within the Netherlands as well.

Could you give us an example of a typical day in your role?

My focus is to keep Orange Cyberdefense the Netherlands safe. So, one of the main things I do is handle security incidents when they are reported. We have to respond to them and in some cases, they can be considered a low risk or a false positive. But at other times, we need to thoroughly determine impact and understand the root cause in order to improve where necessary. To be able to handle such incidents, you have to involve all responsible departments and get all your facts straight, ensuring that you’re not only managing the security element, but also considering privacy, looking at what data is involved and what consequences it has for our customers or internal systems.

How do you keep yourself updated on ongoing threats?

That’s one of the main issues that I face as a security officer! We don’t really have a specific course, or specific studies to do this job. People expect us to know what the latest threats and vulnerabilities are, so it means that we have to keep updating our knowledge on what’s happening in the cybersecurity and technology world which includes educating ourselves and staying on top of the latest news. As I and other security officers are often limited in time, this can be considered a challenge.

I also have to consider our global security team, and when I look at security I’m not operating in a silo: we have a team of security officers that operate in many countries, where we need to consider local laws, requirements and threats. We share our knowledge and assist each other in large projects or incidents where necessary.

What drives you daily?

I’m passionate about difficult cybersecurity issues and assessing risks. It keeps me motivated to know that I can assist my colleagues in their business needs and add a level of assurance when they face security and privacy issues. Besides my security officer job, I’m also doing ongoing research into the concept of cyberwarfare together with my colleague Jort Kollerie, as this also adds more in-depth knowledge into the threats we face. The element of being able to present our findings at events and discuss the topic of cybersecurity with many people is also a driving factor in my daily job.

How do you deal with anxiety, for yourself and your colleagues, in a job where threat is constant?

In our security community, we’re sharing and analyzing the differences between what the actual threats are and what risks can be dismissed after investigation. We must make sure we don’t fall into the trap where we see everything as a threat and keep a clear mind. Thankfully, we have many experts within Orange Cyberdefense that we can count on to help us navigate this landscape.

Was it difficult for you as a woman to get into this field? What is it like to work in this environment?

I’ve faced many challenges, but to be honest, I do see a change. We see more women coming into cybersecurity roles. However, sometimes it still is a challenge. When I was a consultant before, I always had to prove myself at the table before being taken seriously. People would say ‘what are you going to tell me that I don't know? Do you even know what you’re talking about?’ I’ve had to deal with this on many occasions. Here, at Orange Cyberdefense, we have a lot of women within so many different roles. Before joining Orange Cyberdefense, I had not yet encountered an environment with this much diversity and women in cybersecurity roles. It is inspiring to work in a company where people can be themselves and get many opportunities to learn. It’s a breath of fresh air.

What are the specific skills required to be good at your job?

You can see there’s a shift in what it entails to be a CISO. Many have a very technical background such as in engineering. Now, more often, you also see Security Officers coming from other backgrounds, like me. I have a background in Crisis and Security Management with a specific focus on terrorism. This had nothing to do with cybersecurity, but being risk-minded and being able to assess threats now helps me in being a Security Officer. The most important skill is communication, being able to relate and speak to different people on many levels within the business. I would also say being open-minded is important in cybersecurity, especially in a CISO role. It helps you to assess situations without any prejudice.

What are the biggest challenges and difficulties in what you’re doing?

Not enough resources and being very restricted on time. You’re always trying to stay on top of things and that’s hard work, especially when dealing with incidents, as we cannot predict when these will happen. Time and resources are key, I guess most CISO's will agree with me on that!

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.