Ivy Nguyen, Senior Manager of Security Awareness at General Mills, studied Computer Science and started her professional career as a web developer. But, as fate would have it, later in her career, Nguyen was recruited into security through a connection in the Asian Leader Network at General Mills.
“Security was not where I pictured my career going at the time, but the more I spoke with my personal network and I spent time speaking with those from within security, I found a lot of common ground between my skillset and saw the opportunity to bring change to security,” she recalls. Nguyen said she recognized many similar problems between her previous roles and roles within security, such as sorting through the noise of what was necessary or needed and what isn’t, as well as finding the best road toward success in an initiative.
“After many years, I feel finally at home. I have found a place where I can continue to grow,” Nguyen says. “Security has the ability to have a broad impact across the enterprise and, at the same time, an ability to impact individuals at a very personal level; that, to me, is so powerful.”
As Senior Manager of Security Awareness at General Mills, Nguyen leads a team within the Global Security department responsible for numerous programs and initiatives, including Workplace Violence Prevention, Threat Intelligence, and Travel Security. Awareness as a function helps inform better decision making through training and communication, she says.
From her early career as a developer, Nguyen brought with her many skills that have served her well in the Global Security department including organization, project management and team leadership, but she’s also the first to admit that before her role, she was not an expert in workplace violence or threat intelligence. Ultimately, this is one of the aspects of her career that Nguyen is most proud of, and it’s arguably her biggest asset: the ability to learn, ask questions, and lead with confidence in areas that she didn’t previously have on her resume.
“As I reflect, I would say my biggest accomplishments have come from leaning into the gray areas and taking on something I am not necessarily an expert in, and having the humility to learn, the self-awareness to improve, and the strength to continue leading,” she says.
Nguyen truly believes security awareness initiatives have a major impact to the enterprise, but the challenge for security leaders is to make that awareness personal. “Any large-scale company struggles with finding that balance between trying to get something out fast and generic versus getting something tailored and specific together,” she says. “It’s about finding the right balance for your audience. I believe informed people make better security decisions.”
Nguyen says that organizations that don’t have the resources for a strong security awareness program are left to assume that employees know about the threats and understand the risks to their organization. That gap between understanding threats and their potential risk is a risk in and of itself. “We often come from a place of expecting the good in anyone and everything that surrounds us, but security’s role is to help people understand potential impact, and simulate threats or risks so that people can see potential impacts and understand real consequences for it to really sink in.”
Because of her experiences, Nguyen feels strongly that security leaders can bring more diversity of people and thought to their organizations by broadening what they traditionally would look for in a candidate as well as how they market those roles.
“I know I gave myself the personal obstacle of ‘how do I enter an industry that seems to be so expertise driven,’ and I believe it starts with recruiting,” Nguyen says. “We have to throw out the bias of wanting candidates only from certain government agencies and truly look at what types of skills and experiences can complement the team to drive positive change.”