Tell us more about how you found cyber as a career
My standout moment in cybersecurity was through modding games as an early teenager, where I found weaknesses in my mod communication which allowed people to cheat. This led me to dig further into communication architecture and eventually sparked my interest into computer science. After pursuing a degree in Computer Science from Heriot-Watt University, I finished my PhD in Computer and Information Sciences, focusing specifically on traceable information security and the security of robots! After a short stint in academia, looking at usable security and communicating cybersecurity to individuals from a variety of backgrounds, I am now a cybersecurity consultant in industry working as a subject matter expert for ISO 27001, DORA, NIS 2 and many other things.
What were the key transferable skills from your previous career that fit with cyber?
Before doing my PhD, I was a major introvert and struggled communicating with people. During the process of becoming an academic, I honed my communication skills and learned how to translate the more technical skills I had mastered in a way that I could communicate it with a variety of different audiences, as well as becoming more confident in presenting myself and teaching others about what I do. As a security consultant, this is a key skill that can greatly improve the relationships with people we make along the journey, whether that be senior management, clients or peers!
What has been the most rewarding moment in your career so far?
The most rewarding moment in my career thus far is of course completing my PhD. After many gruelling hours of researching what to do next, getting no results to finally finding something that works, I can proudly say I am one of the leading experts in what I do. On top of this, I am a subject matter expert in consulting on cybersecurity aspects of different EU legislations and regulations, which is rewarding in itself!
What one bit of advice / knowledge would you give to someone considering a career in cyber?
While I believe that understanding core concepts and developing your skillset is key to specific job roles, I truly believe that having a strong work ethic, a willingness to learn and being eager to think outside the box is more valuable than trying so hard to promote what "has" to be the correct answer, or to have the right skills. We learn from our mistakes and by example, and this is how we become better in whatever field we choose.
From experience, understanding how you think and how you approach various problems is just as valuable as having the technical skills, but also who you are as an individual when it comes to solving problems individually and part of a team is the best thing in my eyes. If you think like your team and your attitude flows with who you work with, the fulfilled role and experiences along the way will be more valuable to everyone who works with you.
Don't be afraid to take risks. After all, a core part of cyber is all about taking risks - so why not take the plunge?
How has the industry changed since you started in it?
From the moment I came into industry around this time last year, not many people talked about operational resilience. However, as EU legislations such as DORA and NIS 2 started, and the UK released its roadmap for cyber resilience, a lot more organisations are prioritising cybersecurity and improving the security posture of the UK as a whole - which is an amazing thing to have witnessed first hand.
About Ryan Shah
Ryan is a highly-skilled individual with strong experience working within time-critical environments. In his career, he has co-authored several research papers, as well as led and collaborated in several industry - and research related - projects in cyber security, ranging from human-centered and usable security, all the way to detailed systems security for robots! At the core, his passion is learning and adapting new technologies to interesting problems and understanding population needs to develop proactive solutions which benefit people, society and the environment. Aside from the technical side, he has a passion for playing different instruments, modding games and spending quality time with his wife, puppy and two cats.