Top

Stepping into a Cybercrime Specialist’s Life

Cyber Security Expert and Cybercrime Writer Mandy Turner discusses her career journey, driving cybersecurity value and collaboration, and protecting businesses from ransomware attacks.

The cybercrime world is not for everyone. So what does it take for a cybercrime specialist to win multiple InfoSec industry awards, have speaking engagements at cybersecurity conferences worldwide, and write cybercrime novels?

This is what we asked Mandy Turner, Senior Manager for the University of Queensland’s Cyber Security Operations Centre, ahead of her speaking engagement at CISO Brisbane 2022 in September.

Why Cybercrime?

From an early age, Mandy loved programming and making things. She always enjoyed Lego, drawing, writing, playing music, playing with her dogs, doing puzzles, reading, and critical thinking.

She originally studied music and fine art, she then worked for twenty years for the Australian Public Service (APS) in a variety of roles including fraud investigation, digital forensics, data mining, physical security, cybersecurity, and cybercrime intelligence.

“Since leaving the APS I have worked for one of the groups of eight universities, the University of Queensland, as the Cyber Security Operations Centre Manager. I am proud to also have an adjunct position at UQ as a lecturer in cybercrime criminology” she says.

“I am a cybercrime specialist, a published author, an illustrator, and I speak at cybersecurity conferences both domestic and international.

“I am passionate about protecting people, the community and the nation from cybercrime. I enjoy investigating and reverse engineering malware, analysing cybercrime campaigns, and working on strategies to help strengthen cybersecurity for the agency in which I work.”

Overcoming Challenges

One of the biggest challenges Turner faces is resourcing. How does she achieve all of the things her job requires without burning out?

“Cybercrime seems never-ending. There are career criminals that make it their life’s work to scam, social engineer, drop malware, and create havoc in cyberspace” she says.

“There are countries that endorse, support, and sometimes even finance cyber threat actors, and then there is cyberbullying, cyberespionage, child exploitation material, and all the other nasties that can happen in the online world.

“How do we keep up with this? How do we get ahead of this? Burnout in our industry is a real threat.  For myself and my current team, I try to keep a sense of fun. Our jobs can be very hard, very time consuming, and very stressful. I want all my team to know that we can have fun and still do our work. In fact, a sense of fun and camaraderie helps us to do our work more effectively.”

Hard Work Pays Off

Turner has recently been named number four in the Top Global Influencers of Cybersecurity for End Users in the IFSEC Global Influencers of 2022 list.

“I had the honour of presenting on cybercrime at the AusCERT 2022 conference. I am a long-term supporter of AusCERT and I was thrilled they asked me to speak at their conference,” she says.

While those cybersecurity achievements rank high on her 2022 list, Turner is also very proud of her personal achievements.

“Personally, my biggest success this year is my vege patch! First time growing aubergines and French green beans, and they are doing so well!” she says.

Proactively Driven Cybersecurity Value and Collaboration

Communicating the criticality of cybersecurity to a wider organisation can be an important but challenging aspect of a cybersecurity leader’s role.

Turner says she tackles this by breaking down the threat landscape and helping her audience understand what is possible.

“I often present in both internal and external forums, about cybercrime, explaining the criminals behind the crimes and the types of crimes that can be committed via or to technology,” she says.

“I find that this helps immensely when then demonstrating the value of cybersecurity. Cybersecurity for individuals, for a business and to protect our intellectual property as well as our safety and our security, makes far more sense to people when they understand what we are trying to secure our networks, data, and people from.”

When it comes to encouraging others to be more collaborative in her projects, Turner says she is fortunate that most people within her current organisation are highly invested in cybersecurity.

“There is a lot of effort put into creating a cybersecurity culture that is vibrant and evolving, and different areas are engaged and supportive of spreading cybersecurity messaging and making our workplace a harder target against cybercrime” she says.

“I am passionate about this topic, and I actively encourage others to be a part of our solution to fight cybercrime. I created a CSOC champions network, and it has taken off and has a life of its own now.

“There is so much engagement. Now has its own executive committee and chair. I am just there to give support on occasion when needed, as it has become an entity that has outgrown its tiny start and outgrown me. I am so pleased that so many of my colleagues are very invested in this.

“We have a close relationship with AusCERT as well, and it is a joy to share intel and help each other out. It is through collaboration that we will gain traction in the ever-ongoing fight against cybercrime.”

Sharing Knowledge

Mandy Turner will be speaking at CISO Brisbane on September 6th 2022 at the Hilton Brisbane Hotel.

Turner will be covering ransomware, examining the criminals behind this, and what we can do to better protect ourselves and our businesses from the fallout of a successful ransomware campaign.

“Anyone can fall victim to cybercrime, and anyone can have a successful ransomware campaign ruin their day!” she says.

“I hope that my presentation will help people think about what they can do in their workplaces, and even as individuals, to mitigate ransomware and its impact.”

To check out all the speakers and register for CISO Brisbane, please follow this link