Aon’s Leann Moroney explores Ireland’s cybersecurity sector and how robust knowledge in this field is critical to organisational resilience.
“A career in cyber today is far more dynamic, interdisciplinary and business‑critical than it has ever been,” said Leann Moroney, an associate director in cybersecurity at professional services firm Aon.
She explained, what once was regarded as a niche and technical field has evolved greatly, developing into a space that blends a range of roles, primarily technology, risk management, strategy and interestingly, human psychology.
In a climate where “the frequency of cyber threats [is] increasing year on year”, this is exciting work for Moroney, as she supports organisations navigating complex, unique and ever evolving threats. But there is, however, a pressure element, she said, as cyber incidents come with high-stakes, requiring professionals with the skills to make quick, clever and informed decisions.
“The threat landscape evolves at a pace that few other industries experience, which means there is a need for continuous learning and upskilling. New technologies, new attack vectors and new regulatory expectations emerge constantly and staying ahead of these changes requires both technical agility and strategic awareness.”
Know the terrain
Moroney explained,”Cyber experts need to understand the security frameworks of AI systems and how to audit the vulnerabilities and risks associated with these technologies”, adding, “regulation is also reshaping the field and what skills will be required.
“Frameworks like the EU AI Act and Network and Information Security Directive 2 (NIS2) are setting new global standards, so the ability to translate legal requirements into practical, technical action is hugely valuable.”
But, amid the global push to automate everything that can be automated, Moroney emphasised the importance of not buying into the AI hype, despite the often ‘too good to be true’ spin, as artificial intelligence changes the cyber landscape at speed.
She noted AI has the potential to empower innovation, but it can also enable malicious behaviours, providing attackers with brand new tools to scale threats and hide their tracks. Organisations and professionals in too much of a rush to get to the next phase, might find themselves unknowingly exposing their networks to greater risks in an attempt to optimise their systems.
She said, many organisations have embraced AI quickly, but governance and security often lag behind. If used correctly AI can be a powerful defence mechanism as it detects anomalies, spot threats earlier and helps teams respond more effectively. “Strong policies, access controls and regular updates to core cyber controls, from multi-factor authentication to network segmentation, remain essential.”
While she finds Ireland is in a strong position as there is a high degree of awareness when it comes to the potential for a breach, she has found that its cyber controls, that is the processes and tools in place to protect against attacks, “remain inconsistent across Irish organisations.
Adding, “Organisations are only as strong as their weakest link, that’s why it’s crucial to empower the workforce and analyse third-party risk. Leaders should create a culture of cyber awareness across their entire organisation. Using real-time analytics and regular scenario exercises can ensure all their people are effectively prepared.”
Cybersecurity is a career route and sector that is bolstered by critical soft skills, with Moroney of the opinion that “the most effective advisors are those who excel at strategic communication and critical thinking.”
She said, “Bridging the gap between the server room and the boardroom is crucial. You have to explain complex risks to senior leaders in terms of business impact, financial loss, downtime, brand reputation [and] not in technical jargon.”
Deconstructing silos
To that point, Moroney has always found that she is driven largely by the collaborative nature of the cybersecurity sector, as it brings together a diverse mix of specialists, from deeply technical teams to legal advisors, communicators, and business leaders, all working toward a shared goal.
“Being at the intersection of those worlds is incredibly motivating for me. It’s also fascinating to take something that might initially appear to be a purely technical incident and help translate it into what it really is: a strategic business risk that CEOs and boards need to understand and act on.
“That ability to bridge perspectives, to help organisations protect themselves by making complex issues clear and actionable, is a part of the work I find especially meaningful. The pace of innovation, the constant learning, and the chance to contribute to decisions that have real‑world impact are what keep me energised and engaged.”
Much like people, she explained risks don’t operate in silos and she is of the opinion that there are four big forces shaping the world we live in and those are the manner in which we trade, the technology we rely on, the weather that is outside of our control and the workforce we’re trying to attract and retain.
She said, “These forces don’t operate in silos; they interconnect and overlap. A cyber incident can quickly become a reputational crisis while a storm shuts your doors and drains cash flow.
“For leaders, setting a clear plan in place will be crucial to managing these interconnected risks. Organisations that rethink resilience stand to unlock value and build a competitive advantage that can drive growth into the future.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
