Brenda McCulloch

Brenda McCulloch

CSIO

Share
Brenda McCulloch, CSIO, Teranet

While working remotely has freed huge swathes of the global population from the drudgery of daily commutes to the office, it has also resulted in data leaks, hacks and cybersecurity devastation for a large number of organizations.

Companies that hold sensitive information have been especially vulnerable to attack. And for many, 2020 resulted in the worst hacking and breach incidents on record.

Brenda McCulloch, Chief Information Security Officer (CISO) for Teranet, is responsible for the cyber fortification at Canada's leading delivery and transformation of statutory registry services. As a provider of extensive expertise in land and commercial registries, data - and the protection of it, is paramount to its success. 

McCulloch’s 20-year career in the IT industry stands her in good stead, and she believes an organized team, careful prep work, and properly allocated expertise and resources are the keys to making sure companies maintain their security correctly in these challenging times. 

“It’s always about balance,” she says, with a hint of zen. “Ultimately, it’s risk versus reward. What you want to achieve out of a security programme and what you want to invest, versus what kind of exposures and risks that organization faces. 

“My past roles include positions where I was internally facing and externally facing, so I have consulting experience as well as building an inhouse security practice from scratch.

“From those two experiences and perspectives, I have built a very balanced view of different ways to deliver a security protocol to different companies.

Zero Trust security

Teranet is developing a zero-trust security architecture. This multi-layered solution that prevents and slows down the damage that can be wrought in a major breach has been instrumental in fortifying the company’s cyber strategy.

McCulloch uses an analogy to describe exactly how the system works. “So, in terms of a home, you’ve got the doors to your house and there are keys to the door. In a traditional security model, you protect the doors of the home. You lock the doors to ensure no security breach occurs. You use a strong lock and you make sure only certain people have keys to the lock.”

As part of her work at Teranet, McCulloch has also been instrumental in building a security practice programme and team. The challenges involved in such a project often hinge on resources and executive-level approval. 

“You’ve got to make sure the executives at the organization are mindful of the endgame - because the endgame is where they believe that investment must go - and a lot of the time the endgame is where the risk appetite ends.

McCulloch says that very often, root cause of a breach stems from weaknesses in operational activities or security hygiene. 

“I think many of the root causes of many recent breaches were because companies have repurposed some of the operational as well as the security hygiene resources to new initiatives.

“I think it's really important that when you augment new initiatives, that you also augment the resources at the same time,” she says.

Ultimately, says McCulloch,  if companies have low investment but high-risk weakness items, that's something they should address.

Read the full story HERE

Share

Featured Interviews

Featured

Antonio Pietri

CEO of Aspen Technology

Antonio Pietri, President and CEO of AspenTech, outlines his leadership principles and explains the growing importance of carbon capture

Read More

Nate Clarke

President and CEO, GoTyme Bank and Co-Founder at Tyme Group

President and CEO Nate Clarke and co-CEO and Chief Commercial Officer Albert Tinio explain how GoTyme Bank is bringing digital banking to the Philippines

Read More
“It's very different recruiting people for something you're building from scratch, compared to recruiting for something that is already running.”
Nate Clarke
President and CEO, GoTyme Bank and Co-Founder at Tyme Group

Niranjan Ramsunder

Chief Technology Officer, UST

UST Chief Technology Officer Niranjan Ramsunder explains how the billion-dollar company delivers innovative digital transformations for clients

Read More

George Whyte

Managing Director, Australia Pacific and Global Mining Sector Leader at Aggreko

Rod Saffy and George Whyte are passionate advocates of inclusivity and believe in close communication with their regional customers

Read More

Douglas Benalan

CIO

Doug Benalan loves his work as a transformational CIO, one whose personal mantra is “perfection through continuous improvement.”

Read More

Antonio Pietri

CEO of Aspen Technology

Antonio Pietri, President and CEO of AspenTech, outlines his leadership principles and explains the growing importance of carbon capture

Read More