How I Pay It Forward and Build a Better Workplace in Cybersecurity

A dialogue with Amy Brachio, Partner, Ernst & Young LLP


At EY we work every day to live out our purpose of “building a better working world.”  

I personally have defined my purpose as, “Being a role model for inclusive leadership through championing world-class coaching, mentoring, sponsorship and feedback to empower our people to best serve our clients, meet their goals and bring our EY values to life.” This is truly important to me as a way to “pay it forward” as others throughout my career have done for me.  

I have faced many of the same challenges that professionals deal with every day. As I worked hard to make partner at EY, I was raising two daughters and caring for ailing parents, all the while reducing my work schedule by fifty percent.  

What made these challenges bearable was that I had caring colleagues, sponsors and mentors who supported me and allowed me the flexibility I needed to handle my personal responsibilities, career opportunities and continuing growth as a professional. Now that I’m in a leadership role, my goal is to foster an environment that provides the same support and opportunities for others.

The field of cybersecurity is going to continue to be vitally important in driving a thriving economy.  Consumers are demanding greater connectivity to everyday aspects of their lives, from refrigerators that create grocery lists and place delivery orders to smarter medical devices.  

All this convenience, speed and connectivity comes at a high cost if it is not implemented with privacy and security top-of-mind because one misstep can create instant loss of customer trust and real financial implications to everyone.

In the tech industry today, we are experiencing a significant shortage of professionals with the skills needed to help companies move down this digital path in a secure manner. Disregarding half of the potential workforce puts us at an even greater disadvantage. Without encouraging more women to enter this important field, we as business leaders are missing out on a large component of our overall talent pool and women are missing out on the career opportunities afforded by this incredibly hot talent market.  

Recruiting is only half the battle. How we nurture the talent is equally as important as finding it. From a corporate standpoint, simply put, women need more role models like one of our newly promoted Senior Managers – Ashley Devoto.

Ashley is the daughter of two Air Force pilots who followed her parents’ footsteps and joined the Air Force herself. She culminated her Active Duty career in the Air Force Computer Emergency Response Team (AFCERT) leading cybersecurity operations for the Air Force. 

Ashley now uses her unique skillset – built on her technical education, operational cyber experience, and military leadership – to help companies build and implement stronger cybersecurity programs and mature their security operations.  

When Ashley and I met recently, she shared with me her passion for expanding the number of women in cybersecurity. Under the sponsorship of our practice leaders, she was undertaking to create a strong community for our women who were focused on Cyber Threat Management to attract and retain top female talent in cybersecurity.  

Specifically, she is spearheading a women’s group to facilitate networking and professional development within EY’s cybersecurity practice. She is also actively involved in EY’s Veterans Network with a focus on building a smooth transition process for veterans as they navigate from the military to the corporate world. The common thread between these initiatives is Ashley’s passion for building a strong, inclusive community which is critically important in the security space.

In addition to efforts like this, we also look for external opportunities to increase our recruiting of women in the field and are transferring women with applicable skillsets from other parts of our business into the security department.

I have increased our focus on gender diversity at EY in several ways, such as:

  • Making gender diversity part of our recruiting conversations: I want to understand how we are progressing in attracting and hiring female talent into our cybersecurity practice and make sure that it is an ongoing topic of discussion.  

  • Taking our message directly to the source: We look for special conferences that are focused on women in technology and we sponsor cybersecurity events and related industry events that give women an opportunity to network.  

  • Cultivating talent within our ranks: We have identified high-performing women from other practices within EY who have an interest in a Cyber career and are giving them the time they need to learn the skills and grow as leaders.

  • A hands-on approach by leaders: I take a personal interest in recruiting and mentoring women in our Cyber practice. I am actively involved in the recruiting process and provide coaching and mentoring to help the women as they progress on their leadership journeys.

This personal involvement is part of how I pay it forward for the tremendous support and opportunities that I was given. When I became the EY-Americas Risk Advisory Leader, I went from working with a team of 60 to a team of 6,400. That was scary. I was out of my comfort zone and that was important. I didn’t have time to worry about appearing vulnerable by asking a basic question or uninformed by not knowing the answer. During this transition, I had an amazing mentor who was personally committed to my success and made sure that I had the support I needed to successfully transition into this role.

Being a woman in a male-dominated field isn’t always easy. It takes courage and fortitude. When I meet with women looking to enter the field, I am struck by the vast number who aren’t sure if their experience matches the needs. I always tell them to have the courage to take the leap. I was recently asked to take another leap and move into leading our Risk Advisory practice globally, another exciting move that, based on my experience in the last leap, I am now excited to take on.

By investing in our practice and supporting our women in particular, our goal is to become the preferred employer in cybersecurity and help bring more women into the field. In doing that, we will be serving our clients through bringing greater diversity of thought to solve their biggest challenges, grow our business, provide diverse cyber talent to the market place, help women capitalize on business opportunities and bring our purpose — building a better working world — to life.

About Amy Brachio

Amy Brachio is a partner of Ernst & Young LLP and the EY Americas Advisory Risk Leader, advising clients on risk topics that are top-of-mind to boards of directors and C-suite executives, including leading practices in internal audit, cybersecurity risk management, enterprise risk transformation, and complying with rapidly escalating regulatory requirements.

More About Amy

ITSPmagazine is, and will always be, a free publication. 

Our mission is to raise awareness for cybersecurity by making it understandable, accessible, and part of everyone’s everyday life.  

If you liked this post and wish to contribute to our mission, consider visiting our support page.