Head of Information Assurance, Royal Mail Group
Nicola Lishak joined the UK postal service Royal Mail Group in June 2016 and took up her current role as Head of Information Assurance in August 2019. Her team is responsible for managing information security and data protection risks and driving data compliance and culture change programs. Before that, she was a senior consultant for resilience at management consulting firm Deloitte.
What were your greatest achievements in 2020?
2020 was a year to remember, especially for Royal Mail. As key workers, we have continued delivering for the country through the postal services. One of the greatest achievements is the spirit of the company, the team came together with the right plans and strategies that allowed us to continue to deliver our essential service, and I was part of the business protection team managing our COVID response. The team I manage that is responsible for our internal information, security education, and awareness program, called ‘think secure’ were able to get guidance out to our managers who were working from home. Through our ‘phish and tips’ newsletters, we advised colleagues on how to set up secure workstations, be mindful of conversations in front of home AI, and keep up to date on threats to look out for whilst everyone was adapting to what they call the ‘new normal’.
What should information security executives focus on in 2021 to generate business value?
My view would be that we need to be focusing on the customer and making sure that our services meet our customers’ needs, and that we are adapting. We need to think about being more efficient and developing new ways of working. We are not going back to pre-pandemic ways of working. It is a new flexible model. So, we should be thinking innovatively of how security and privacy can evolve to support business needs. With a wider lens on trends in privacy, an area of focus is around data ethics and customer trust and making sure we put our people at the heart of what we do.