Daniella Toledano

Partner, Cyber Risk, Deloitte
Canada

“Embracing failure has taught me that the path to success is often non-linear.”

Daniella Toledano is a Partner with Deloitte’s cybersecurity practice, boasting more than 30 years of extensive experience in information technology and cyber risk services. Based out of Montreal, she has a proven track record of achieving purpose-driven and impactful growth in markets and communities she serves.

Throughout her career, Daniella has assisted large scale Canadian enterprises in addressing a range of IT and cyber risk challenges, helping to ensure they can continuously protect their assets, while helping enable the strategic growth objectives of the enterprise. Her experience in leading multidisciplinary teams to deliver cyber and business transformation has been instrumental in driving success for her clients across various industries, including consumer, aviation, transportation, energy and utilities, and manufacturing.

In addition to serving her clients, Daniella has contributed to the growth of Deloitte’s Canadian practice through her leadership in operational excellence and quality and risk management for the firm’s cyber risk services. Her commitment to advancing Deloitte’s strong ethical culture is evident through her contribution to the firm’s Ethics Committee. She is an active leader in various STEM initiatives across professional organizations and academic forums, both in Quebec and nationally.

Her strategic vision, dedication to ethical practices, a client-centric approach, and a commitment to excellence continue to drive significant impact in the cybersecurity landscape, and earned her a reputation as a trusted advisor and leader in the industry.

What is one skill, interest or talent of yours that makes you great at your job?

My ability to step into your shoes, connect the dots across multiple spectrums (i.e., personal, business, and technology), and translate that into meaningful and valuable insight—I truly believe in the power of empathy, positive energy, and creating a safe space for diverse thinking to come together to create valuable insights.

What is the best piece of unconventional career advice you’ve gotten?

While many have written about embracing failure to succeed, many professional environments still evaluate success based on avoiding mistakes. I did this for some time, keeping an error-free record, but ultimately it was holding me back. Being advised to “feel free to fail” and use failures as a learning opportunity encouraged me to view failures as valuable experiences that lead to growth and innovation, as well as develop my resilience. This mindset has advanced my professional career and my personal life more effectively. Embracing failure has taught me that the path to success is often non-linear, and that each challenge is an opportunity to learn and improve.

What is your proudest moment working in the cybersecurity industry?

Becoming the first female cybersecurity partner at Deloitte in the Quebec region.

When did you become interested in pursuing a career in cyber and what prompted it?

Cybersecurity found me—I wasn’t looking in this direction at all. I was passionate about finding ways to solve complex business problems, and understood technology was going to be a part of that. I pursued a business degree with a major in accounting and a minor in information systems in university, and went on to take a programming job just so I could put something related to technology on my resume. I worked through trying to solve for the year 2000 in the IT department of Sunlife, and discovered the world of management/technology consulting when Deloitte came in to talk about the art of the possible. It was at that moment that I explored professional services at Deloitte. My foot in was through leveraging my business and technology experience and skills to join a team who would be implementing a complex ERP for a client’s finance transformation journey. They were looking for people who could speak both languages and bridge the gap between finance business process and technical requirements. Solve complex business problems through technology? My answer was, “Yesss, sign me up!” The team I was hired into was focusing on information security and controls for ERP’s, and off I went to my first SAP implementation. That team grew into a top-tier cybersecurity risk practice, and my cyber career evolved alongside it.

What are the top 3 things you would tell people hoping to enter the cybersecurity industry? 

  1. Understand the business imperative, the purpose, and the value and impact of whatever organization, community, etc. you choose to serve—that will sharpen your focus and your ability to contribute impactfully.
  2. Access and surround yourself with diverse talent and sources. Cyber is not all about niche tech skills, and at the pace of digital evolution, you can’t learn everything yourself.
  3. Stay closely connected to the latest advancements, subject matter experts, cyber communities and forums, insights, and research.

What are some misconceptions people might have about the cybersecurity industry and what can we do to change these misconceptions?

A common misconception is that cybersecurity is about hacking and defending against hackers, and that it mostly impacts large corporations. It really encompasses a wide range of activities, including compliance, data privacy and protection, and risk management, where different size organizations, communities, countries, and individuals are at risk. We need to continue to focus on education, highlighting the diverse roles within cybersecurity and the importance of cybersecurity practices for everyone and its relevance to everyday life.

Do you feel like you’re contributing to helping keep our world secure and can you share why that matters to you?

With strong cybersecurity, we can fully embrace digitization while keeping people, data, and infrastructure safe from cyber threats. Protecting these systems matters to me because cybersecurity is important to high-priority services—from healthcare to finance to national security—ensuring both physical and digital safety. Knowing my work safeguards privacy and security gives me a deep sense of purpose.

What positive change do you think will take place as we bring the next generation into the cybersecurity industry?

The next generation fosters a broad range of creative ideas and approaches to address increasingly complex and sophisticated cybersecurity matters. Growing up in a digital-first world will also make them inherently more familiar with technology and its potential vulnerabilities, which can lead to creative solutions and a proactive approach. This will be crucial in addressing the rapidly evolving threat landscape.

Who is your role model in the cybersecurity industry and why?

There are a few that would certainly stand out and have had a profound impact, however I’m blessed to be touched by many. My 30+ years journey has allowed me to cross paths with so many individuals, scholars, researchers, enterprises, innovative and inspirational subject-matter experts, leading-edge thinkers and strategists, as well as everyday people impacted by cybersecurity in our digitized world. Each of these has shaped who I am today, and I expect more will continue to shape my tomorrow.