International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 8 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

#MIWIC2022: Carole Embling, Metro Bank

Most Inspiring Women in Cyber Awards: Top 20

by The Gurus
January 26, 2023
in Most Inspiring Women in Cyber
#MIWIC2022: Carole Embling, Metro Bank
Share on FacebookShare on Twitter

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2022’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability and where relevant, supplemented with additional commentary by their nominator.

In 2022, the awards were sponsored by Beazley, BT, KPMG and KnowBe4.


Carole Embling, Information Security Manager – Awareness and Behaviour Change, Metro Bank

What does your job role entail?

My current role is all about developing and delivering an Information security (cyber security) awareness programme using a wide range of methods and tactics.

How did you get into the cybersecurity industry?

I was working as an internal business systems consultant at Royal Mail during the run up to Y2k.  As I was one of 2 consultants who concentrated on information and information system use within the CEO and Chairman’s office, our questions naturally strayed into “how is the information protected and how do you know …?”  All quite timely really.  Straight after we entered into 2000, 22 of us from widely different areas within Royal Mail were identified to be trained to become part of the inaugural Group-wide Information Security Team. From there the team was trained by the Royal Holloway, some going on to do their MSc’s with them.

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

My biggest challenges came from working during the 1980’s and 90’s as a young working mother with no degree in a post civil service environment. (The Post Office of which Royal Mail and what is now BT were constituent parts had split away from direct civil service control but still held some very old-fashioned ideas.)  There were some amazingly enlightened directors who I worked for who recognised that I had potential and they fought the battles which allowed me to progress. However, that did not prevent many less senior, mainly IT managers, from questioning my competence and abilities, especially as I had never written a line of code in my life (I still haven’t). What I had was a natural ability to understand problems and interpret them so that non IT people could understand what IT were saying and the other way round. It meant that teams could actually communicate and understand each other!

What are your top three greatest accomplishments you have achieved during your career so far?

As I start to look back at my career, I am especially proud of everything we achieved in Royal Mail between 2000 and 2008. We had one of the biggest ISO27001 certificates in Europe at the time. I ran the conversion programme from BS7799 to the ISO standard and then continued to manage the compliance programme up until I left in 2008. During that time I also ran the communications and awareness programmes. We managed to engage 250,000 people in every area of the business and country. The greatest moment of realising that I had done it was when I would get random phone calls from all over the UK with postmen, or engineers or systems operatives asking me how to deal with managers who were asking them to do things like share passwords and they knew they should not. I had made an impact and had provided the means for them to know where to come to get help and support. 

Since leaving Royal Mail I have had many roles but the other that stands out was working at BMJ where as well as dealing with Info Sec (it was basically a greenfield site as far as Info Sec was concerned at the time), for them I was also handed the role of DPO and guided them through the whole GDPR programme.  That was very satisfying.

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

To be honest I do not specifically support anybody in particular. What I do do is to encourage anyone who talks to me to look at their basic abilities (training is available to build knowledge). Talk to them about what they are interested in and encourage them to look at aspects of Info/cyber security that match. We need so many different types of perspectives and ways of approaching situations. I am a firm believer that people should be judged on their abilities or promise of abilities rather than what sex or any other ‘differentiator’ they or others may consider they fall into. 

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

Remember you are a person seeking to do a job in an interesting area. You don’t need to be technical as the world of Information/Cyber Security crosses every business area you can think of and we as Information Security professionals need to be able to interact with them and that takes a wide range of personalities and skills to do it successfully.

ShareTweet
Previous Post

Lupovis eliminates false positive security alerts for security analysts and MSSPs

Next Post

Data Privacy Day: Securing your data with a password manager

Recent News

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

July 7, 2026
George Murnane’s One-Question Test for Real AI

George Murnane’s One-Question Test for Real AI

July 7, 2026
Registration Now Open for International Cyber Expo 2026

Registration Now Open for International Cyber Expo 2026

July 7, 2026
Forescout

Forescout recognised by NATO for cybersecurity capabilities across IT and OT environments

July 7, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol