Emma Leith, head of cybersecurity & IT risk, corporate business and functions, BP
Originally entering the cyber field as a security consultant, Emma Leith made a mark analyzing the key security risks to the retail banking environment while providing a PCI DSS gap analysis, security risk assessment and remediation for a global airline solution provider. These efforts led to stints at Barclays and Deloitte where she continued to lead efforts in security, privacy and resilience practices for global retail banking institutions. Her next stint was as principal information security manager at the Royal Mail, where she managed the risk and vulnerability management program.
Accumulating a number of certifications throughout her career, prior to her current position at BP, Emma's previous role was CISO for IST (Integrated Supply and Trading), essentially BP's trading arm, and moved to her first position at BP in August 2011 when the company needed to consolidate roles in order to streamline its security leadership.
Leith says she feels very privileged to be working for BP. "Since joining BP five years ago, the Digital Security team and I have accomplished a great deal. The security function has been transformed and I am very proud to have played a pivotal role in its transformation. Cybersecurity is now a regular BP board room topic and recognized as a very high priority by senior management."
People actively want to have conversations around cybersecurity with her, she says. "We have partnered very closely across the business to ensure the value we bring in mitigating risk and protecting our operations is fully recognized, and we are seen as an enabler and not a blocker or irrelevance."
In her career, she sees her greatest accomplishment being her ability to tackle a variety of skills and areas of technical expertise. "From reverse engineering cryptographic modules for FIPS 140-2 validations to presenting to and inspiring the C-level suite in BP."
On a personal level, she says that this year she was delighted to have been promoted to director while working the least number of hours in a working week than she has in years. "It is about being effective while recognizing the importance of being kind to yourself by taking a break, having fun and sustaining the habit of an optimum work-life balance."
Cycling to work is one example of that, she says Building and leading a strong and capable team is always front of her mind, she says, and one which she sees as the most important part of her current role.
"Emma is both a strong security professional and leader," says Gillian Cinnamon, a British security consultant. "She is a strategic thinker of independent mind, she is talented at bringing out the best of her team by demonstrating inclusivity and confidence in each individual, and she brings integrity to her decisions. Throughout her career, she's proven herself to be an outstanding security professional with a sharp focus on the necessary detail within the wider context, and so is a real asset to the industry."
From the early days of her university degree in mathematics and computer science to starting out a career in IT, Leith says she has been in male-dominated environments. "Since an early age, I have had the drive to push my preconceived boundaries and work to the best of my ability."
Being a minority as a woman in these environments never crossed her mind, she says, or was something she only considered on occasion. "I have faced challenges from people around me – from woman as well as men. Typically, it was people doubting my credibility before they knew me or my work. Or assuming I had been promoted by the sheer fact I am a woman. I have never let this affect me."
If anything, she adds, it only made her stronger and more determined to prove her worth. "I now see it as the other person's insecurities and not mine."
She points out that she has been very fortunate to have worked with amazingly talented people throughout her career. "I will always be indebted to my first manager when I worked in IT support. One weekend over a slice of pizza during a server upgrade he asked, 'What do you really want to do, as you can do so much more than this.' I scratched my head and for the first time thought I'd like a career that truly challenged me and combined mathematics with IT. 'How about information security,' he said. And I've never looked back."
It is such a rewarding and exciting field, she says, where one can work in deeply technical environments, customer facing or both. "The possibilities for women are endless. BP has helped me to take my career to the next level. Internally in BP and externally in the security field I have fantastic mentors and sponsors who have inspired me to push myself forward and have trusted my ability to take on new challenges and deliver."
All of this, she explains, would never have been possible without the continued support from her parents and family. "They are always there to give me honest and direct advice whether I like it or not!" – GM