EMEA Recruitment Podcast #173 - Chris Girling – A Pioneering Career in Cybersecurity cover art

EMEA Recruitment Podcast #173 - Chris Girling – A Pioneering Career in Cybersecurity

EMEA Recruitment Podcast #173 - Chris Girling – A Pioneering Career in Cybersecurity

Listen for free

View show details
We were honored to welcome Chris Girling, Partner, Cyber Risk and Resilience at PwC Switzerland, onto the EMEA Recruitment podcast. "Cybersecurity has become a question of when, not if." Paul Toms asks what ignited Chris' interest in Computer Science and Technology. Growing up in the UK, he describes himself as a "middle of the road" student at secondary school level and was advised not to be too ambitious with further education. Instead, he did the opposite, taking on more subjects than expected and excelling in Economics. For a time, people assumed Chris would head toward a career in Banking or Economics, but his real passion was always Computer Science. He spent evenings building games, coding his own version of Tetris, and teaching himself programming. That passion led him to study Computer Science at the University of Warwick, which he describes as having a pioneering philosophy focused on adaptability, rather than specializing in a single technology. Students were expected to learn huge numbers of programming languages and quickly adapt to change, preparing them for an industry that would constantly evolve. That experience taught Chris how to approach unfamiliar technical challenges with confidence. The conversation then focuses on Chris' career journey. During an internship at Credit Suisse, he combined his interests in Business and Technology by joining the Access Control team. Within days, he had bought textbooks to teach himself the programming languages the bank used and began automating large parts of the team's work. The tools he helped create became the foundation for systems that remained in use until the bank's collapse. He described that period as the moment he realized his career would be built around solving new technical problems and applying technology in practical ways. He later joined Shell's Marine business, supporting around 70 IT applications operating across roughly 80 countries, with only a small team managing the environment. Over several years, he learned multiple programming languages, re-platformed systems, managed outsourcing and offshoring projects, and worked on some of Shell's first .NET deployments when the technology was still brand new. Chris admits that, during those early years, he occasionally had "run-ins" with Security teams because governance was far less mature than it is today, but those experiences ultimately helped shape his interest in Cybersecurity from both the technical and operational side. As his career progressed, Chris moved into Program Management and quickly found himself leading major global initiatives. One of the defining examples was a large European regulatory compliance program at Shell, which was ultimately delivered at around 10% of the cost of competitors because the solution had been designed in a scalable and sustainable way. Chris explains that many organizations continuously add "carbuncles" or layers of complexity onto old systems, whereas he has always enjoyed stripping technology back to build cleaner, more elegant solutions. That mindset naturally led him into Cybersecurity and IT Risk. Chris explains that Shell's internal security policies were among the early foundations that influenced what later became the ISO 27000 Cybersecurity standards. By the late 2000s, Credit Suisse approached him about moving into Cyber and IT Risk full-time, believing Cybersecurity was about to become one of the defining business issues of the next decade. They were looking for someone with both deep technical knowledge and the ability to deliver large-scale programs, which became a major turning point in his career. Paul asks about other defining moments within Chris' career. Looking back on his 16 years in Cybersecurity roles, Chris describes himself as a "troubleshooter" who repeatedly moved into the most challenging areas of Security at the time. He explains that Security technology constantly evolves, with attackers adapting so quickly that solutions can become outdated within only a few years. That gave him opportunities to work across multiple technologies and disciplines, rather than remaining siloed in one specialism. Chris also highlights several defining industry moments during his time at Credit Suisse. Around 2012, he worked with UK regulators to help shift industry thinking away from pure "Security" toward the concept of Cyber Resilience - preparing organizations for how they would respond when incidents inevitably happened, rather than assuming prevention alone was enough. Later, in 2018, he helped architect Quantum Dawn, the first ever global Cybersecurity exercise of all banks worldwide, testing how the industry would respond to a major cyberattack affecting global markets. Chris delves into how Cybersecurity leadership has evolved over time and his recent board position. Earlier in his career, Security leaders often focused purely on technical delivery, whereas accountability increasingly sits at board level today. Since ...
adbl_web_anon_alc_button_suppression_t1
No reviews yet