LEADERS IN CYBERSECURITY

Lucia Lucchini

Manager, Deloitte United Kingdom

Lucia Lucchini works in the Cyber Risk practice at Deloitte UK. Across her international projects to support private and public clients, Lucia has progressively specialized in the intersection between Research & Innovation and Digital Ethics.

Lucia has a Bachelor of Arts in Politics and International Studies from the University of Warwick, and a Master’s in International Security Studies, with a focus on militarisation and conflict strategy, from the University of St Andrews, where she nurtured a strong interest in cyberspace and its implications for national security, business, and society more broadly.

As a consultant for various sectors at the international level, particularly in the Middle East, Lucia began working in privacy, data protection and research for the public sector focusing on defense and strategic innovation. She ultimately looked at how all of these aspects influence the creation and adoption of cyberculture.

As an advocate for profound reflections on the digital world and its ethical implications, Lucia founded the Deloitte AI School Programme to raise awareness of the civil and social responsibilities of AI. Lucia has also published articles and thought leadership pieces on the role of ethics in the digital world and on the development of the regulatory landscape of new technologies.
Show more

What does a typical day of work look like for you?

Every day is different and never boring. The day is filled with interesting client work, trying to solve complex challenges, and a variety of initiatives I am running within Deloitte, including researching new cyber-related aspects and cutting-edge technology.

What aspects of your career journey have taken you by surprise?

Where to begin! To start, I do not come from a cybersecurity background, so I could not ever have imagined a career in cybersecurity if it wasn’t for an enlightening conversation I had during my master’s program to discuss my thesis covering the topic of hacktivism. A conversation on the cybersecurity threat landscape turned into the realization that my passion for cybersecurity could become a real career.
Once I joined Deloitte, the surprises never ended! Deloitte is a place where one can truly expand their horizon, exploring all facets of cybersecurity and enjoying coming up with fun and thought-provoking initiatives.

Tell us about the cyber project you're most proud of working on in your career.

Looking back at my journey, I am fortunate to have been part of cybersecurity projects I am extremely proud of – proud of the team, the solution we created and the relationship we established with the client. While I tend to get personally attached to every project, there is one in particular that I am most grateful and proud of, as it required me to temporarily move and be full-time on my own at the client location in the Middle East. The nature of the project centered around establishing cyberculture – the challenges the client faced, coupled with their enlightened and forward-looking leadership, enabled me to explore cybersecurity concepts at a deeper and more creative level that truly expanded my horizons. During my time on the ground, there was no ‘liaising with the client.’ It was a truly collaborative and one-team approach that gave me unforgettable memories.

How has public perception of cybersecurity changed over the course of your career, and how do you predict in the future?

I think the narrative around cybersecurity has permeated the public far more than it used to. When I began working in this field, there was still a lot of confusion about what cybersecurity entailed. Now, we see cybersecurity as a concern and topic discussed via mainstream channels and at dinner tables. I believe that the increased convergence between the digital and biological – powered by cutting-edge technology, innovation and our current approach to these two realms – will move security, privacy and ethics discussions to the forefront of the debate with public literacy on the topic demanding changes in three areas: media, education and regulation.

Tell us about your first job (can be anything!) and one lesson you might have learned from it.

When I moved to the UK, I discovered the concept of summer internships. From the age of 17, I had the pleasure of testing out various jobs, from working at the Louvre Museum, a consultancy, doing market research for an advertisement company to the Press Office of the Italian Embassy in London. The range was wide. I think the aspect that remained valid and constant across these first work experiences, and one of the things that define how I work the most, is a positive attitude. Everything I experienced and learned from, whether positive or negative, was something more than what I came in with, so at the end of the day, I’m grateful for that.

What’s one piece of advice you’d give your younger self about getting started in cyber?

Cybersecurity is intrinsically a multidisciplinary subject, far more than people think. For this reason, there is no single pathway or approach. Diversity and creativity are at the core of it, and there is an opportunity to carve yourself a space where you can cultivate your own ideas and voice within this profession.

Tell us about a role model or mentor who has helped shape your career.

I am lucky to have my parents, Stefano and Silvia, and my brother, Giovanni, as integral parts of my career journey. They have relentlessly supported me and shaped my decisions as they always manage to balance wisdom and enthusiasm between the three of them. They pushed me to take the right risks at the right time.
During my journey at Deloitte, Stephen Wray enabled me to explore, own and lead within the firm, to strike the perfect combination between independence, strategic advice and recognition. His mentorship allowed me to always focus on delivering the best possible quality to our clients and colleagues while striving to remain the best possible corporate citizen I can be.
Ivana Bartoletti has also been a constant source of inspiration for me. As a leading woman in cybersecurity, she taught me how to always and proudly cultivate my voice.

A meeting gets canceled and you have a surprise 30 minute window of free time — how do you spend it?

Our cybersecurity team is vibrant with incredible talent, so when I get free time, I like to catch up with some of my team members. It is a valuable opportunity to check on each other and learn about what they are up to. As we are all passionate about the subject, I get to learn about new aspects of cybersecurity, discuss thought-provoking challenges and stay connected through our conversations.

What are the ways you stay grounded and take care of yourself?

At work and outside of work, I have an incredible support system that helps me stay grounded and supports me with my well-being. At work, there are numerous opportunities made available by Deloitte to help one another. Our team is very attentive when hours are long or a project is particularly difficult. The layers of support are available to us. Outside of work, I’m part of a community where everybody is up to something different, from academia to other professions in the corporate world. Having our journeys intersect is a humbling and refreshing experience. I can discover something new, witness others’ successes and be inspired. There is something truly inspiring about being amongst young talents who, like me, have migrated from all around the world and are trying to make an impact.

When you think about your personal legacy as a leader, what do you hope people will remember?

I recognize that throughout my career, I have been passionately fighting against the concept of replaceability, which I know lingers in people’s minds from junior to management levels. I like to think I treat everybody in the same manner that I expect to be treated. This, to me, means approaching everybody with full respect for their unique capacity to contribute. It means being open and encouraging constructive confrontations to nurture ideas, receive and provide advice, and endless growth opportunities. Ultimately, I think it is about that drive and motivation to make things happen responsibly yet ambitiously that I would like people to remember me for.