Sunhee You
“Expand your experience beyond just technical skills; exposure to diverse fields sharpens your perspective and leads to stronger, more well-rounded results.”
Sunhee You is a Partner at Deloitte Korea, specializing in cyber services, with more than 16 years of experience in information security and IT audit. She leads cybersecurity strategy, compliance assessments, penetration testing, advisory services, and more for multinational clients.
Her global perspective is shaped by her time with Deloitte US and an early career as a software developer and system administrator at Samsung. Sunhee brings deep technical expertise and a sharp compliance lens to every engagement.
What is one skill, interest or talent of yours that makes you great at your job?
I think that global experience is very helpful when conducting cyber practice. In order to provide consulting on Korean regulations to foreign companies that have advanced into Korea, you need to understand not only domestic legal requirements, but also their culture and situation.
What is the best piece of unconventional career advice you’ve gotten?
You need to be strategic about when to focus on work and when to focus on family.
What is your proudest moment working in the cybersecurity industry?
We discovered meaningful vulnerabilities in a client’s pentesting project, received positive feedback from the client, and had the opportunity to explain the related content by conducting a workshop for the internal security team. This was a great opportunity to gain recognition from the client and increase the pride of our team members.
When did you become interested in pursuing a career in cyber and what prompted it?
When I returned to Korea after completing my assignment in the US, the cyber service was organized as a separate team at Deloitte Korea, so I returned to the cyber team. As the cyber market is growing worldwide, regulations are becoming more stringent. I chose cyber service with the belief that the cyber consulting market will grow even further.
What are the top 3 things you would tell people hoping to enter the cybersecurity industry?
- Expand your experience beyond just technical skills; exposure to diverse fields sharpens your perspective and leads to stronger, more well-rounded results.
- Study a foreign language diligently. Being proficient in both your native language and a foreign language can open up many opportunities for you.
- Do not think that your skills are the best. In order to develop yourself, you must study and work hard with a humble attitude.
What are some misconceptions people might have about the cybersecurity industry and what can we do to change these misconceptions?
There is an assumption that people in the cybersecurity industry are conservative. To change this bias, I think we need to listen to others with an open mind and actively communicate.
Do you feel like you’re contributing to helping keep our world secure and can you share why that matters to you?
Cyber services are making a big contribution in preparing for and responding to various threats in the world so that people can operate in a safe internet environment. It is clear that the role of cyber is to create a trustworthy environment, and this is very important in business and personal transactions.
What positive change do you think will take place as we bring the next generation into the cybersecurity industry?
The next generation is very sensitive to change and can adapt quickly. In the rapidly changing cyber market, I think the next generation will be able to respond in a timely manner to the introduction of new technologies and new attack methods.
Who is your role model in the cybersecurity industry and why?
Emily Mossburg, Deloitte’s Global Cyber Leader. She has successfully led Deloitte cyber services, and I believe she will continue to lead well.
