Women in Cyber: From software developer to payment protector

By Yun Xuan Poon

Shreebha Wasu, Director, Information & Cyber Security at Standard Chartered Bank Singapore shares how she helps secure financial transactions.

Actor Harrison Ford, known for playing Han Solo and Indiana Jones, started his career as a self-taught carpenter. It was only when a Hollywood producer encouraged him to audition for a film, did he find his true calling in cinema. Mid-career switches can be a nerve-racking process, but often allow people to explore their true calling.

Shreebha Wasu, Director, Information & Cyber Security at Standard Chartered Bank Singapore found her calling in cybersecurity. She makes sure that customer's money gets where it needs to go without risk from hackers. She shares how she started her career as a software developer, and her current work in the evolving world of digital finance.

Tell us more about your role. How do you protect the digital realm and improve citizens’ lives?

I am part of the Information & Cyber Security team at Standard Chartered Bank and responsible for our payments business. We provide payment services for citizens, corporate and institutional clients in Singapore and across the world - we operate in more than 50 countries. We process more than 100 billion dollars every day of the year.

My role is to make sure payments arrive safe and secure and to ensure trust is maintained. All of Banks are built on a foundation of trust and security is the cornerstone of this trust – and this is where I come in. I work closely with business stakeholders to provide strategic counsel in risk identification, assessment and treatment against the evolving cyber security landscape. It is important for business leaders to be apprised of the latest cyber security threats to enable them to make better investment decisions. I also maintain close working relationships with business stakeholders, with a keen pulse on emerging technologies, to best assess the security capabilities required to protect the integrity of the bank’s data and operations, and ultimately our customers.

For banks, it’s a continuous challenge to safeguard against these threats, because of the large number of external facing channels and touchpoints – for example, from online banking channels, mobile banking apps, to ATMs. Hence, it is essential for the banking sector to continuously assess their cybersecurity measures to identify vulnerabilities in the system, which could potentially be exploited, leading to customer impact, financial losses and regulatory breaches.

If we look around us, cyber threats have been on the rise, especially during the Covid-19 pandemic. Phishing and social engineering are some of the most common ways in which people are tricked into giving their banking login details and fall prey to scams. It is also important to educate the public to raise the overall awareness levels of these cyber risks and threats.

What sparked your interest in cybersecurity?

I first started my career as a trainee software developer over 20 years ago. Since then, I have taken on different roles, including program management and technology risk, across different industries. With each career move, I thrive on moving out of my comfort zone and challenging myself to learn something new.

I made a mid-career switch to cybersecurity, as I was intrigued by the evolving cyber threat landscape, emerging technologies, and the rise of new threats and risks. Plus, the opportunity and encouragement in the Bank to explore new career pathways were central to my decision to explore, learn and understand more about this field.

At the speed technology is rapidly evolving, cybersecurity would be of increasing importance and relevance for the future. Today, there is a strong demand for experienced cybersecurity professionals, with the increasing sophistication in cyberattacks, which happen more intensely and frequently. I am glad to have found my niche in cybersecurity. The fast-paced environment in cybersecurity field keeps me on my toes and keeps my career interesting, not to mention the excitement of continuous improvement. No day is same. I like that challenge and dynamism my role demands.

What has been the most impactful project of your career?

In my former role for another multinational bank, I am proud to have led the successful implementation of the real-time compliance dashboard for the Singapore branch, in line with the Monetary Authority of Singapore’s Technology Risk Management Guidelines. It was a high-impact, high-performance project with teams based across different continents and significant dollars spent. It was extremely challenging – yet immensely fulfilling – to implement Singapore branch-wide policies, procedure and controls to help the Bank in meeting their regulatory commitments and keeping the Bank’s clients safe.

What challenges would you like to take on in the next year?

Digital payment transactions are accelerating, presenting a growth opportunity for the Banking industry. With digital transformation accelerating, there is significant amount of opportunities across the Bank to play a role in delivering value at scale by focusing on the entire client journey. This is the next challenge I am looking forward to being part of in the next year.

On the personal front, I also plan to invest some time to upskill myself in cloud security domain, to better analyse the cloud security risks and requirements. This is an important area of increasing relevance, as more businesses move from conventional data centres to cloud services.

Who or what inspired you this year, and why?

I am so inspired by Bumble’s Founder and CEO Whitney Wolfe Herd. When she took her company public earlier in February, she became the world's youngest female founder to do so. She broke a glass ceiling by creating an app that turned traditional dating norms upside down and empowering women to decide what’s best for her. And, she also held her son while ringing that historic Nasdaq opening bell which I found fascinating – Mother who can find balance across her roles purposefully.

It has certainly not been an easy road for her to get to where she is today, and she’s proven that none of the stereotypes are necessary to be successful. She is also a powerful symbol that a woman can balance both professional and personal ambitions. I personally find this inspirational as I navigate my work and the changing workplace while being a mother of two!

What advice would you give to women looking to start a career in cybersecurity?

Cybersecurity is a really fun line of work with several opportunities for career development. Knowing that your work contributes to making someone’s life safer will keep you going for a long time in this career.

My personal observation is that women tend to feel that they do not have sufficient domain knowledge and discount their capabilities. As the area of cyber security is vast and constantly growing, there is a role for everyone – we just have to believe in ourselves, know our limitations and remember to seek help from others like us who are already in such roles.

My advice is to be confident about the skills you bring to the table and be just as assertive in voicing your thoughts. Embrace the learning curve – never be afraid to ask questions. It is also perfectly alright not to understand things the first time round or to make mistakes. This is all part of growth and how you learn.

It’s also important not to get intimidated by gender ratios in cybersecurity. Remember that with grit and determination, we have the power to change these numbers, and encourage more women along the way to follow their dream as well.

If you could sum up your life motto in one sentence, what would it be?

“Luck is what happens when preparation meets opportunity” would be my life’s motto inspired by Seneca. Give 100 percent to everything you do, and know you may come up short sometimes. The key is to learn from such incidents and continuously improve.