Tanneasha Gordon

What is one skill, interest or talent of yours that makes you great at your job?

I connect the dots others don’t see…I naturally see around corners, spot patterns in the noise, and turn complexity into clarity. That ability allows me to anticipate shifts before they hit the radar and help clients design resilient strategies that reduce risk, drive compliance, and, most importantly, build lasting trust with customers and regulators.

What is the best piece of unconventional career advice you’ve gotten?

Do the work. You don’t need to compete with someone, or something; that doesn’t even compare.

What is your proudest moment working in the cybersecurity industry?

Helping an organization recover from a data breach and establishing the right measures to recover.

When did you become interested in pursuing a career in cyber and what prompted it?

During the financial crisis of 2008, I started to wonder if it was time for me to move away from strategy consulting. I was watching what was happening to banks – banks believed to have solid strategies – and thought to myself, “risk can eat any good strategy for breakfast.” The financial crisis was a big eye opener for me regarding risk management as a discipline and I felt the consulting industry would pivot to risk and that technology was evolving rapidly, and as such I need to be in technology risk. So, I went to the old faithful and searched for “risk consulting” on the internet, and Deloitte was the first result. I applied, interviewed, and joined Deloitte’s Risk Advisory practice in 2010 on the tech risk side at a time when not many understood the importance of cybersecurity, data risk, or privacy, myself included. I had a steep learning curve, but I was determined to find my voice within this industry.

What are the top 3 things you would tell people hoping to enter the cybersecurity industry?

1. Study the broader discipline, then zero in on a specific domain that aligns with your existing skill set to enable a smooth pivot.
2. Get your certifications and embrace conferences where recruiting happens.
3. Get mentors and join cyber-related clubs.

What are some misconceptions people might have about the cybersecurity industry and what can we do to change these misconceptions?

The biggest misconception about cybersecurity is that you have to obtain a technical degree, such as information systems or computer sciences. Cyber is so broad and covers a gauntlet of domains and disciplines, including risk management, data governance, consent management, product compliance, trust and safety, policy development, privacy, training and awareness, etc.

Do you feel like you’re contributing to helping keep our world secure and can you share why that matters to you?                               

Yes. We’ve seen what happens when privacy, safety, and security aren’t treated as fundamental human rights. History has shown us the consequences, from the Holocaust in Europe to the way Black communities have endured generations of surveillance, exploitation, and the denial of safety over our own bodies. For me, keeping the world safe begins with keeping people safe; when you keep people safe, you protect families; when you protect families, you sustain communities; and when you sustain communities, you secure the world.

What positive change do you think will take place as we bring the next generation into the cybersecurity industry?

New and novel defensive tactics will be formed in response to new threats, harms, and vulnerabilities that surface as the world changes, technology evolves, regulations proliferate, business models expand, bad actors become more emboldened, and customer expectations shift.