THANK YOU FOR SUBSCRIBING

Why Cybersecurity Starts With Culture
Reuben Athaide, Global Head Cyber Security Assessment and Testing (Interim), Standard Chartered Bank


Reuben Athaide, Global Head Cyber Security Assessment and Testing (Interim), Standard Chartered Bank
A London law graduate with over 20 years of experience in the banking and financial industries, Ker Shing brings deep expertise across regulatory and AML compliance, corporate finance advisory, due diligence and risk management. She currently serves as in-house legal counsel at DBS Bank Ltd. (Malaysia), where she leads the legal and compliance team with strategic insight and operational precision. Fluent in both spoken and written Mandarin, she offers a valuable advantage in reviewing and negotiating Chinese legal documents, strengthening cross-border legal capabilities and communication.
Embedding Security into the DNA of DevelopmentAs the Interim Global Head of Cyber Security Assessment and Testing, I drive a global transformation to embed security into every stage of our technology development and deployment. My mandate is to deliver a DevSecOps strategy that accelerates innovation while ensuring security is never an afterthought. This includes enhancing vulnerability management, shifting penetration testing from isolated snapshots to continuous, insights-driven testing and embedding secure-by-design principles at scale.
-
If you're not measuring, you're not improving. Strategy is the foundation and execution is everything
I lead a global team focused on automation, process simplification and integration of controls directly into the development pipeline. These aims shift security left and position it as a business enabler. Beyond application security, I oversee infrastructure security for both on-premises and cloud environments, including containerized solutions. Looking ahead, a key priority is establishing an AI/ML security pipeline strategy and leveraging intelligent automation and data insights to reduce vulnerabilities in both code and platforms proactively.
From Risk to Resilience: The Playbook for Secure Financial SystemsResilience starts with knowing what you're up against. You must begin with understanding your organization’s risk profile and business goals. Once clear, build the strategy around a proven framework like NIST or CIS Controls, ensuring that everything is measured. If you are not measuring, you are not improving. However, strategy is just the foundation. Execution is key, so it is essential to have a security-first mindset and security culture across the organization. Cybersecurity must not sit in a silo as one person’s job; it is everyone’s job. Hence, it must be part of how the business runs every day.
To that end, I focus on embedding security into our culture and operating model. This means giving service leads and product owners the responsibility and authority to make proactive security decisions within the scope of their work. When people are empowered and aligned, things move faster and more safely. Collaboration is critical as security doesn’t work in silos. To foster better cooperation, we build cross-functional teams and run with a DevSecOps mindset, so security is baked in by design and not bolted on. This includes secure code pipelines to real-time runtime protection and intelligent monitoring.
AI and data insights feed continuous feedback loops, helping the team catch issues early and improve constantly. Culture drives everything. Controls alone will not save you. We embed security champions inside business teams and tailor training for developers based on the real issues in the code. It is targeted, it is practical and it sticks. Ultimately, resilience means more than defense. It’s about maintaining complete visibility, staying adaptable and making learning part of the system. Our job is to connect the dots from policy to implementation to validation while evolving as hurdles arise and the business changes.
Front Lines of Rescue Missions in ITIn large-scale financial IT projects, siloed delivery, vague expectations and poor planning derail progress. These problems tend to occur when cybersecurity isn't prioritized early. Staying ahead of these risks is through clear, shared goals, strong stakeholder alignment and active executive sponsorship that keeps accountability at the top. Agile, cross-functional teams help surface hidden dependencies and break down silos, while continuous testing keeps delivery grounded and secure. Good governance isn’t about red tape but about ensuring the right people stay engaged throughout. Most importantly, every assumption needs to be tracked and verified because what gets followed up on gets done.
Cloud, Compliance and CollaborationEnsuring a strong cybersecurity posture with external vendors and strategic partners, especially in cloud and managed service environments, starts with getting the basics right. That means clearly defining expectations, shared objectives and roles from the outset. Treating partners as part of one team rather than as outsiders is more effective. This mindset cuts out the blame game and builds mutual accountability. Everyone needs skin in the game with security as a shared responsibility, not a contractual checkbox. Listening to the people doing the work, staying close to the details and following up consistently make the difference between surface-level compliance and real operational resilience.
Stay Curious, Stay GroundedIf I had one piece of advice for young professionals starting in this field, it is to stay curious, stay grounded and embrace evolution and the change it brings. I began my career on the trading floor, then moved into software engineering and delivery, technology leadership, largescale transformation and cybersecurity. What carried me through was not knowing everything; it was being open to learning, listening closely and surrounding myself with people who challenge me.
In this space, success doesn’t come from chasing titles or trying to outsmart everyone in the room. It comes from showing up with integrity, being calm under pressure and being willing to adapt. The world changes fast, especially in terms of technology and security. This is something to embrace by asking questions and learning to work with people, not around them. Whether you are building systems, defending them, or reimagining how they should work, what matters most is staying true to your purpose, being a lifelong student and keeping your ego in check. That’s what builds a career that lasts.
As a keen runner and outdoors sports enthusiast, I know it isn’t all work and no play. Remember to take time out to take care of yourself and fit in mindfulness, exercise and the proper nutrition into your schedule; this is just as important as keeping up with the demands of building a successful career and not burning out.
Weekly Brief
I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info
Read Also
