“That’s a lot of sensitive data about people. Are they keeping it safe?”

Pontus Ek

There is quite an interest for security as the digital age is going further and further, says Pontus Ek.

Pontus Ek is a Security Delivery Senior Analyst at Accenture. After finishing the Master programme in Information Systems Security Management at Örebro University School of Business, Pontus landed his dream job. He works with helping companies and organisations keep their information safe in a digital age.

How did you come to choose the Master's Programme in Information Systems - Information Security Management at Örebro University?

During my years in Bachelors, I took part of a course in Business Intelligence which involves utilizing large amounts of data to help the business owner know better about their own business. This data could be gathered when a person purchased something in one store at a certain time and day of the month. This provides knowledge what customers are looking for, who the target customers are, the supply and demand among other things.

During my time in that course a concern grew on me: “That’s a lot of sensitive data about people. Are they keeping it safe?”

As I finished my Bachelors, I decided to look into doing a Master’s Programme to get a better job-opportunities which would be more fun and interesting to me. I did not really feel engaged with working in game-development from the Bachelor’s Programme. After looking for options in Örebro University, I came across the Master’s Programme in Information Systems – Information Security Management. I decided to enroll into the Programme since it was a Master’s Programme and that I wanted to learn more on how Big data could be kept safe (and if companies were keeping such data safe).

Thus, began a Master’s Programme for me filled with joy, learning, and lots of writing.

What is it like to study to become an Information Security Manager?

I would say that it was a good experience overall. The teachers were kind and helpful to share knowledge. The way the classes were delivered helped build on the interest of the subject and also allowed to ask more questions towards the teachers and the class.

It was a very welcoming way to learn. The reverse classroom method involved that you had to look into a document/article and then share your understanding of it with the class. This made it more interesting to hear other views and understandings of the things described in the provided material. This helped build more connections within the class as it helped see how people present and talk about their understandings.

Some courses had hands-on assignments which made the learning more enjoyable and interesting to take part of. One course was Security Requirements where we were given a scenario and had to prepare a solution per group. These solutions were then discussed with the class on what was done in good terms and what other items could use some more work on. I found this course to be very useful as it brings out the optimistic- and the questioning-person in you.

Overall, the programme had a good selection of courses to help open the information-security topic and also provide master-based courses relevant to the thesis-work. A good and tasty meal of knowledge all in all.

How is student life in Örebro?

It was friendly, enjoyable and involved more freedom with the responsibility. Most of the time, I had a good time speaking with my classmates after class before heading home to let the head rest and gather thoughts. The work which was asked from the courses held good time on the hours outside of the lectures. While some turn-in assignments could be heavy, it was not much trouble if you took part of the lectures and material provided to you.

After the work is done and the weekend began, the after-work did help both on relaxing by hanging out with classmates and on reflecting the courses.

Overall, a good balance as long as you work hard as well as play hard.

How do you see the future in the field of information security management?

As of writing this, I’d say that we are entering more into the digital age of things. We want to use a digital tool to help make tedious things more quickly or safely; making us more efficient to the company and provide more value to our clients. This might not come 100% problem-free though as many potential threats wants to catch important- and sensitive- information which could yield lots of money and resources stolen or lost. This puts more importance into the security of information when organizations pushes to utilize a digital platform with the hopes of making business processes more efficient.

Since the field in Information security is quite a big area, and the digital computational items  (such as Virtual Reality, Big Data, AI, Quantum Computers) grows bigger, the risks comes along as well. As we are happy to see more progress in the technical developments, there are also new pitfalls which needs to be taken care of in-order to prevent catastrophic incidents.

The future looks quite bright from the looks of things since digital solutions has become more safe and attractive with the options which businesses and organization could utilize. They just need us Info-sec people to ensure things are done right with sensitive information-management.

What do you do at work? And What is the best thing about your job?

I am currently working as a Senior Analyst at a consulting firm. During work, I take part of projects for clients and help provide value to their current scenario or situation. This allows me to learn about many projects and scenarios, and communicate with many stakeholders. Tasks could range from planning with the team, hold meetings and discussions to potential solutions, research, interview and presenting ideas.

Outside of projects, I can participate within the company’s community and learn more about industry-specific areas. The areas I am interested in learning about is the digital cloud solutions such as Microsoft Azure. During my work-days I can do some hours on client work and some on learning/researching to enhance my expertise. This makes it worth and fun as I get the chance to learn something new and interesting almost every day.

How did you experience Örebro University?

As a University, I would say it was quite a good time I had. The people I’ve met have been great to speak with. I got help with my errands I had in right on time. Finally the teachers, whose classes I have taken part of, show good knowledge and welcomes the challenge on the knowledge as to help provide more information on the subject.

How is the job market for Information Security Managers?

I’d say that there is quite an interest for security as the digital age is going further and further. With this digital age comes new opportunities and new bumps in the road which can need help addressing. One such bump can be the threats which can damage the organizations and companies resources and assets.

Many companies today only do the digital age transfer for the novelty without taking good interests in what can make a better return of investments and also making sure it remains secure. This includes not only having secure systems on the internet but also making sure the users are trained and prepared for the dangers. As well having a set of principles and standards in place to help address the dangers when they approach the user.

The job market for Information Security Manager can be involved within certain themes such as technical – where the focus can be on helping the client implement, introduce, create, and/or maintain software or an as-a-service-platform. The informal where the consultant can help the client introduce new rules, policies or standards to a working group. Finally, the formal which delves into creating these new rules and policies, while also lining them to areas within certain standards. The examples are some of the items which can be done within the areas in the job market. There are also combinations between them.

As of writing this, there is a good amount of interest for those who have studied programmes similar to the Information Security Manager programme for consult-based work. The programme helps prepare for further studies into a selection areas based on the examples above.

What are your best tips for future students in this master programme?

Make sure to be engaged with things. This could be things within school and outside as well. This can help you get more involved and further develop your softskills. Sharing that you have taken part of engagements with your potential work-employer can help build a good case and reason to get hired. You also help provide a good environment for the school when you show engagement with the groups and teams within the school (such as Student Unions, clubs etc etc)

Another tip I’d share would be to not just know about the “what” and the “how” but also the “why.” When working in this line, you can have great suggestions and ideas for your future clients and customers. The problem is that you will also need to help provide a reason to these ideas. If you cannot provide the “why” to your next design-idea and “why” it helps the client with their needs, then you’ll be with a good idea which never took flight. Learning also the “why” in school can help you understand things better as well.

Text: Shang Gao