Doing your job well with knowledge and commitment requires you to love what you do.
I started my career almost 19 years ago, but information security as a profession came into my life 10 years ago. I continue to be lucky enough to meet and work with different amazing professionals. I have been able to experience different roles and responsibilities, especially after holding one of the most recognized industry certifications, CISM. Being a team member of the information security regulating body in my country, Georgia, then acting as the manager of information security services in the private sector, and now serving as information security officer at the Central Bank of Georgia, have impacted my professional life in a most advantageous way.
My first steps in the JSC Georgian Railway, then moving to and joining the amazing group of professionals of LEPL Digital Governance Agency (former LEPL Data Exchange Agency), then joining the Deloitte Tbilisi Office and currently working with Central Bank of Georgia – all these together are not just entries on my CV, but more importantly, they are the grounds for my decision to do the job I know and I love.
While working in the Data Exchange Agency, professionals from different countries working with us recommended ISACA to our team. More importantly, we ourselves realized that it was critical for us to obtain professional certifications, and we actively started preparation for exams. The impact was tangible and valuable because I started thinking about the profession on an absolutely different level, taking into account that information security means understanding the organization, people, processes and technologies. After realizing and applying the knowledge, I better understood what an organization is, and the necessary communication and discussions about information security that I needed to achieve the intended results. Understanding the big picture is the best way to find the right solution for what you can improve in an organization.
As I think about our field in a broader sense, the question occurs to me, “Are we too busy to change?” In some organizations, people prefer to continue working at their current maturity level. Even knowing that change will impact their professional life positively and improve the organization’s standing, they are somehow against change, maybe because the process of change requires more effort and will power. To me, information security is also about psychology and, as I wrote at the beginning, loving what you do can make all the difference.
Aside from work, I have a deep appreciation for both indoor and outdoor plants, mostly roses. In my village and in my home in Tbilisi, there are different varieties of roses, magnolias, azaleas, hibiscus and other plants. Caring for these plants is my therapy. Just as a plant needs to be nurtured and taken care of, the same holds true with continuous learning and achieving high results.
