Ireen Birungi
“Always assume positive intent when interacting with folks. Take time, count to five, and think before you speak.”
Ireen Birungi is a CISO who leads with both strategy and soul, combining deep security expertise with a creative, human-centered approach. She transforms complex risks into clear action, inspires teams to think boldly, and communicates with clarity across all levels of an organization.
Resilience is her craft, whether she’s building a security framework or tending to a fiddle leaf fig. Ireen leads with purpose, style, and a passion for meaningful impact.
What is one skill, interest or talent of yours that makes you great at your job?
I am an integrator who enjoys personal connections and organizing to figure out how to fit pieces together and solve problems.
What is the best piece of unconventional career advice you’ve gotten?
Always assume positive intent when interacting with folks. Take time, count to five, and think before you speak.
When building your brand, which is important, it’s more important to build the internal brand and therefore, trust and credibility. It will make the job of CISO an easier one.
What is your proudest moment working in the cybersecurity industry?
Growing an amazing team and being a mentor and role model to those looking to enter and excel in cybersecurity.
When did you become interested in pursuing a career in cyber and what prompted it?
I didn’t get into information security (infosec) on purpose, but I’ve stayed on purpose. My interest in staying was the diversity of domains that could apply to a number of areas: application, systems, network, data, people.
I especially became interested in infosec after spending hours in a lab and building flavours of UNIX, Linux, and Windows OS in order to test hardening guidelines.
What are the top 3 things you would tell people hoping to enter the cybersecurity industry?
- Networking is important. Grow and maintain your network.
- You need to have a willingness to compromise.
- It’s rewarding, but you have to have patience. Check that you really want to be in cybersecurity, and be open to work in various domains.
What are some misconceptions people might have about the cybersecurity industry and what can we do to change these misconceptions?
That infosec always says “no.” It’s your job to be a business enabler while getting the client to understand the risks. Any and all decisions should be informed.
Do you feel like you’re contributing to helping keep our world secure and can you share why that matters to you?
Helping keep our world secure is a big part of why I continue to work in InfoSec. Working with organizations to strengthen their cybersecurity program, think through risk, or communicate with clarity and impact contributes to a safer digital world. I am also a consumer of services that I support protecting, as are my friends and family, and spreading due diligence on cyber threats makes us all safer.
What positive change do you think will take place as we bring the next generation into the cybersecurity industry?
The pipeline of entrants in cybersecurity is a lot higher than when I first started out. That means there are so many more people who are curious and cyber aware, which is important as we journey through AI, deepfakes, voice cloning, and scams.
Who is your role model in the cybersecurity industry and why?
The CISOs I started out with in Canada over 25 years ago helped shape my journey in information security, now cybersecurity. They’re a group known for their technical expertise, strong leadership, and meaningful impact. Not to mention, they’re genuinely good people.
