Interview: IBM’s Cyber Security Engineer Holly Wright

By Michael Sheather
on 27 May 2021

Holly Wright values the future’s endless possibilities. Not only is she an advocate for STEM, an innovative and growing approach to education that integrates science, technology, engineering, and mathematics (STEM), but her stellar career as an IBM cyber security engineer is a clear expression of that philosophy.

“My journey to cyber security is a little different to most people,” says Holly. “I became interested in engineering because I saw that somebody had managed to teleport an atom from one island to another.

“I thought that was something that could one day change the world as we know it. I wanted to be a part of an industry where we can make a real difference in the world.”

She fulfilled that strongly held ambition when she joined global tech giant IBM, where she is now a developer for IBM QRadar, working to create new ways to identify cyber threats through deep network analysis.

Her job lets her bring together all her skills, from design and implementation, testing and automation, as well as leading and applying new cyber security strategies that will have an enormous impact on the way the world conducts business.

Her passion for the future and its endless possibilities is just one of many reasons IBM chose Holly be involved in launching their world-beating hybrid cloud innovation, a next-generation advance that works in tandem with Redhat OpenShift to create one of the most forward-thinking hybrid cloud business solutions ever devised.

Holly’s deep knowledge of cyber security makes her an integral part of the software development team in Australia, leveraging hybrid cloud methodologies and architectures to build security products for the future.

This technological revolution sits at the heart of IBM’s hybrid cloud approach to IT and promises to transform business operations around the globe as it unlocks unprecedented value for business from their data resources and simultaneously drives cutting edge innovation.

Red Hat OpenShift, explains IBM global president Jim Whitehurst, forms the connective tissue between all the infrastructure used by IBM clients, both in their business premises and in the cloud.

“It allows them to write applications once and run them anywhere while also standardising the approach to development security and operations from any cloud from the vendor,” Jim Whitehurst says. 

He also says that analysts believe that a hybrid cloud approach delivers two and a half times the value of a public cloud strategy alone.

“Security professionals are faced with too much data, too many tools and alerts, and not enough resources,” says Holly.

“As applications move to the cloud, data becomes more of a shared resource, and infrastructure becomes increasingly diverse across hybrid, multi-cloud environments, making traditional security no longer as effective.

“With IBM Cloud Pak for Security you can bring together teams, tools and data with a unified platform that gives analysts a one user experience across threat management. It also connects to existing security tools and data sources, without requiring data migration, to increase visibility across hybrid, multi-cloud environments.”

International business giants such as Coca-Cola are now making OpenShift the foundation of their digital transformation, bringing major “mission-critical” applications to the IBM cloud, which is optimised for hybrid environments.

IBM’s Holly Wright speaks with Robyn Foyster about the changing landscape of cybersecurity, innovation, and hybrid technology.

What are some of the biggest challenges you face in cybersecurity?

There are a whole range of challenges the cybersecurity industry is facing. One that comes to mind is the increasing sophistication and collaboration we see in attackers. Many attacker groups are operating like companies – where orchestrating and launching cyber-attacks is someone’s full time job, and they get a salary and sick-leave and holidays just like the rest of us. The increasing levels of coordination in these groups means we see an increased number of persistent attacks, where it’s not just a simple in and out job, but a calculated and invasive attack executed over months or years.

On top of that, the cyber-security industry is facing a skills crisis, with an anticipated 3.5M unfilled cyber-security jobs by the end of 2021. That makes it harder for cyber-defenders to keep up with the pace of evolving attacks, meaning we spend more time playing catch up rather than innovating to develop more secure defenses.

As IBM’s Global President Jim Whitehurst said: “From IBM’s perspective, we’ve seen years’ worth of digital transformation take place in months.” Notably, he pointed to hybrid technology as one of two technologies, along with AI, that is going to ‘shape the future’. What are the benefits of hybrid technology? And how do you see it shaping the future for security? 

Hybrid technology allows people to “have the best of both worlds” – without having to build complicated, unsustainable IT environments. It means you can get all of your sensitive workloads that need a secure, on-premise environment working seamlessly with your business critical workloads that need to scale to match demand. A hybrid mindset acknowledges the fact that different applications will have different requirements, and instead focuses on ensuring that applications can run wherever they need to be run.

I see this resulting in security applications that are much more scalable and have a wealth of integration possibilities – meaning that it becomes feasible for companies to compose a “web” of security offerings that protect against and detect threats that previously would’ve been missed.

Do individuals and companies underestimate the importance and real need to be cyber safe?

Absolutely. Cybersecurity is often an afterthought for both individuals and companies. All too often, the convenience of re-using a password beats the “hypothetical” impacts of being attacked. It’s not until someone does fall victim to an attack that they regret not taking the extra time to set their systems up properly. That’s where the “people” part of our job in IBM Security becomes so important. We try to focus on security that doesn’t feel like a chore – using a fingerprint instead of a password for example.

What are some of the innovations at IBM that you’ve been involved in that you are most proud of?

There’s an exciting new project that will be announced soon which uses Machine Learning to detect threats in customer environments – and I think it’s going to have a huge impact on threat management. Being a leader for this project has challenged and extended my skills in all sorts of ways I wouldn’t have expected, and it is absolutely one of the ones I am most proud to have been involved with.

Tell us some of the insights you gained from the IBM Think Summit Australia and New Zealand.

The biggest standout to me was how many different stories people had where hybrid cloud and open technology had helped them overcome a challenge or improve their operations. These are people from different industries and different roles, and yet they all had something to share about how hybrid technology was helping their business. For me, these stories at the Summit proved the wide-reaching benefits of adopting these technologies.

Describe the IBM Cybersecurity Development Lab on the Gold Coast?

The Gold Coast lab is a wonderful environment. We have such a diverse mix of deeply technical engineers, high-ranking business executives, lifetime engineers and brand-new graduate engineers. This mix has fostered a collaborative and supportive engineering environment where everyone is continuously learning and innovating. On top of that, the location is second to none – we are right near the beach so it’s not uncommon to see us walking around the office in shorts and flip flops or popping out for a swim at lunch. The opportunity to work in a global company and impact people on the other side of the world, all while getting the perks of the Gold Coast lifestyle is so unique and so valuable.

Holly, what made you choose a career in STEM? What would you say to younger women thinking about a career in tech, particularly cybersecurity?

I chose a career in STEM because I wanted to have a role where I got to have a positive impact on large groups of people with the things I build. There are also so many jobs available in technology and especially in cybersecurity – so it’s a career that is going to offer you so many opportunities.

I think the most important thing I would like younger women to understand is that you don’t have to be a hacker or a cybersecurity whiz to start a career in cybersecurity. I didn’t know anything about the industry when I first started, but I learnt everything through the job. There are so many different skills required in cybersecurity – which extend far beyond just knowing how attacks happen. The industry needs people who can design elegant applications, who can manage teams of engineers, who can communicate and understand legal systems and who can be spokespeople and stand in front of journalists when things go wrong. It takes all kinds of skills for a successful cybersecurity solution – so no matter what your background is, the skills you have will almost always be relevant.

You began your career as an intern at IBM and have been there for five years. What do you find fulfilling about your role?

I find the work I do really rewarding. Throughout my 5 years at IBM, I have never stayed doing the same thing for too long – there has always been opportunities for me to take on more responsibility and extend my skills. This is hugely important to me because I am a problem-solver at heart and I always want a challenge that will allow me to grow and learn something new.

I have also had a lot of opportunities to travel the world with IBM and talk to our customers directly. Seeing the product, you build help someone catch a cyberattack is exciting and very rewarding – and having these opportunities for that feedback has been another great part of my time at IBM.

How can more women be encouraged to take up a career in STEM?

You can’t be what you can’t see. I think the best way to get more women in STEM is by making the amazing women already in the STEM visible. If you are a female in technology – be loud and proud about it! Speak about your journey and the pathways to get to your position. The first step to encouraging someone into STEM is to help them understand what a career in STEM actually means and help them visualise what their future might look like down that path.

What are you career goals and the milestones you want to achieve?

The next milestone for me is taking on a formal role as an architect. Longer term, I would love to become a CTO bringing together different products and innovations to solve problems in new and elegant ways.

Personally, I also have a goal to help increase the number of women in technology. I would love to see more females following these paths, and to know that I have done my part to help that happen. Whether that’s seeing the Gold Coast development lab grow, or see more females following cybersecurity specialisations at university – I don’t mind! It’s something I’m deeply passionate about and want to do my part in.

Holly Wright, from IBM’s Cyber Security team, works as part of the Cybersecurity Development Lab in the Gold Coast. She was one of the breakout sessions speakers on the cybersecurity campus for the recent IBM Think Summit.  

Related News

More WLT News