Joss Howard: Navigating the Cybersecurity Chessboard as a GRC Consultant

20231123_111043

Joss Howard: Navigating the Cybersecurity Chessboard as a GRC Consultant

In the ever-evolving landscape of cybersecurity, professionals like Joss Howard stand out as leaders, bringing a wealth of experience and a unique perspective to the table. From her early days in the intelligence sector of the Navy RAF to her current role as a Governance, Risk, and Compliance (GRC) consultant, Joss has traversed a dynamic career path that has shaped her into a formidable force in the industry. 

A Journey Rooted in Security Mentality 

Picture this: the '90s, projectors whirring, and Joss diving headfirst into fixing her boss's computer. This marked the beginning of her foray into the world of computers, eventually leading her to sell them on the side. Her security mentality became the underpinning force in her approach to business operations, earning her the reputation as the 'wrapper' that secures the core. 

Headhunted as a pen tester in '98, Joss didn't exactly fall head over heels for the gig but quickly became the Sherlock Holmes of articulating problems and laying down fixes. Her ability to articulate problems, explain their significance, and outline the necessary fixes set her apart. This expertise propelled her into an equivalent GRC role, where she traveled extensively with the Royal British Airforce and later joined Airbus Defence and Space. 

Climbing the Corporate Ladder 

Fast forward to her Barclays days as the Senior Info Risk Manager, Joss managed information risk across the UK, Germany, and the US. Her structured approach and clear understanding of consequences marked her success. However, when her aspiration for a promotion and a move to Australia was overlooked due to her seniority, she new she had to advocate for herself, and ended up landing the role to take her across the pond.

Once she arrived in the great southern land, she ended up moving into consulting which is where you will find her today. 

The GRC Consultant: Roles and Responsibilities 

As a GRC consultant, Joss engages in advisory services, investigations, incident response, cyber strategy and risk assessment, and penetration testing. Her journey, from trying to break through the glass ceiling at NCC to embracing consulting, underscores her commitment to changing perceptions from the top. 

Cybersecurity Chess: Joss's Grandmaster Moves 

Imagine being parachuted into a cybersecurity chess tournament. Joss doesn't just imagine it; she lives it. Balancing multiple boards, assessing business maturities, and all with a ticking time bomb overhead – that's her playground. Challenges, people, and problem-solving are what she lives for. 

Managing Stress and Embracing Change 

Joss emphasises the importance of managing burnout in an industry that absorbs client stress and recognises the significance of teams. Clients might keep the lights on, but her team? They're the real MVPs, delivering sanity and brilliance every day. 

Evolving GRC Landscape 

Reflecting on the GRC evolution, Joss notes the shift where people are finally tuning in. With an increasing proactive approach to cybersecurity in Australia, boards are taking note, realizing the accountability that comes with securing sensitive data. 

To find out more about a day in the life as a GRC consultant, reach out to Joss Howard