Ángeles Caballero works in the Cybersecurity Strategy team in the Technology & Operations (T&O) department at the Santander Group.
She features in the top 25 Cyber Influencers list drawn up by IDG Communications and distributed by one of the world’s most important specialist cybersecurity publications, CSO magazine, during Spain’s Virtual Congress in Cybersecurity 2020.
First and foremost, congratulations! And to give us a bit of background, can you tell us why you were given this recognition?
Of course, and thank you! In my case, the recognition is principally due to the books that I have published with Anaya – seven in total – that raise general awareness of cybersecurity 📚
The latest and most up-to-date titles are the following – you can find more information about the themes that each one covers on the Internet (in Spanish):
- Ciberseguridad y Transformación Digital
- El libro del Hacker. Edición 2018
- Hacking Mobile. Essential Guide
Also I do a lot in terms of speaking and giving presentations in private events, in business schools, universities… Last year I had the opportunity to work with the IE Business School to speak about digital transformation and professional careers in cybersecurity, I took part in a forum on digital transformation and innovation for start-ups, which was organised by Spanish Start-ups and I gave a talk on cybersecurity and cryptography at the University of Valladolid.
Internally, at Santander, I also gave various talks and I took part in the Hacker for a Day event to raise cybersecurity awareness in children and teenagers, which was a fantastic experience.
Last year, I also collaborated on a Europe-wide project from the European University to promote STEAM talent in women 👩🎓
Let’s go back to your early years to get to know you a bit better… where did your passion for cybersecurity stem from?
I’ve always really liked technology, from when I was very small. Believe it or not, I learned to record my first videotape when I was only 4 years old, what happened to VHS! The first computer that we had in our house arrived just a few years after I was born, it was a Sinclair ZX Spectrum, you could only program in Basic, nothing else, it almost had no RAM! It was my father who taught me to program using Basic when I was little.
My passion for cybersecurity came when I got my first Internet connection at 14 years of age, back then, the Internet was nothing like what it is today, it was a more underground, niche environment. That was when the term hacker got its original meaning, it meant a real nerd, an expert in technology, who knew a lot and shared that information with others 👨💻. Now it has diverged from that original sense.
Funnily enough, my first degree was in Business Administration and Management, I did well in economics at school. During the first year of my studies, I did a module in cybersecurity and when I finished my degree, I didn’t think twice, I studied Computer Engineering and trained in cybersecurity, through courses, taking part in events and forums, and my end-of-course project was in Web Security 2.0.
You are one of the Top Cyber Influencers due to your career and the work you do in raising awareness, and you are going to launch your eighth book. Where did the idea of writing come from?
Many years ago, when I studied my first university course on cybersecurity, I was given the possibility of collaborating on a book about cybersecurity. From then on, I participated as the main author on all the following books, and I’m leading the latest ones. I’ve always enjoyed raising awareness. We can be great professionals and have loads of security measures, but the message needs to be communicated so that employees and clients understand the “why” behind our work, and how better to do so than through books? 😊
How do you juggle your time between being an author, working in the bank, and we’ve found out that you also…study psychology!
Good question! Packing as much into 24h as I can and trying to procrastinate as little as possible, although I am human and I like to go out and socialise as much as anyone else! 🙌 Joking aside, I think the important thing is your state of mind, when you like learning, when you are curious, you set yourself goals in the short term, and if you keep working at it, you can achieve great things. It’s a question of passion, if you enjoy it, there are no excuses, go for it!
Out of curiosity, how much psychology is there in cybersecurity?
Psychology is in almost all aspects of life, which we live out within society and therefore, we need to adopt certain adaptive behaviours to make our lives easier.
In terms of cybersecurity – beyond the clichéd examples of the behaviour and thoughts of the bad guys, the profile of criminals that we can see in series like Mindhunter – psychology applies in every one of the day-to-day interactions that you have with your stakeholders: with business teams so that they understand the importance of cybersecurity and how it can help us, more technological teams working as a group and looking at the best ways to implement checks, etc. Those “soft skills” that we hear so much about today are based on psychology: the capacity to communicate, critical thinking, leadership or adaptation to change. Psychology helps you to understand why a person behaves in a certain way, what motivations there are behind their behaviour or how you can influence others in certain contexts, among many other things, it’s marvellous!
Will you confess, before being on the light side of cybersecurity, were you ever on the dark side?
Ha ha, in reality I’ve always been on the light side of the force 🤭 At the start I got into cybersecurity through curiosity, interest, to learn and when I discovered that I could work professionally in the sector, I set upon the challenge.
If you had to define yourself as a professional in three words, what would they be? And why?
Perseverance, curiosity and commitment.
- I am a very curious person, I love to learn, and I have not stopped learning and training since I reached the age of reason. When I discover a new subject that I’m interested in, I ask questions, I find out more, I investigate…
- Perseverant, because when something gets into my head I go for it, and I also finish what I started. I don’t like to set out on a journey that I believe in and value, and then leave it unfinished. I also try to give 100% of myself, I hate to see something being done half-heartedly, I like things to be done to the highest standards, and of course, that they are valued.
- And finally, I think I a person that is committed both to my values, my work as well as to the people that surround me in my working life. The human factor is key to work, it is a place where you spend more time than you do at home, so it is very important for me that it is a friendly place, where you can grow both professionally and personally.
What makes Santander different compared to other companies in the Top Cybersecurity list?
I think there are many things; we have an amazing cyber team that shows maximum commitment. If I had to highlight anything, it would be diversity. We are a multidisciplinary team and we have very diverse profiles: operations teams that look after our clients’ protection and security, strategy teams that make sure that we are growing in the right direction, communications teams that prepare the messaging and work on security awareness…
In addition, we have very varied “former lives”, we have occupied many different roles in many different companies, which adds a wealth of experience to the team, plus we are of many different nationalities! It’s fantastic to work here; it’s really very enriching.
Finally, can you give some tips to anyone who wants to start to work in cybersecurity?
To enjoy the journey, as they get deeper into cybersecurity they will discover that there are many fields and that it is very dynamic and creative. I think it’s a lot of fun, and they can do a lot of different things with it, and so the scope of learning and the career path is crazy. And if you let me give one other tip, I would say that they have to be tireless, always finding out more 😊
Cybersecurity goes hand in hand with technology, and as the latter is constantly changing, so do the patterns that the bad guys use. As we protect ourselves, they invent creative new ways to achieve their goals. What will the world be like in 20 years’ time? You only have to look back over the last 20 years to see how much we have evolved! It is fascinating to see how emerging new technologies like Artificial Intelligence, Blockchain and the Cloud, to name just a few key ones, have opened new pathways and brought new value to society.