From lecturer to CISO: People-first path to resilient leadership

In 2026, cybersecurity leadership in Asia faces a dual challenge: harnessing artificial intelligence (AI) for competitive advantage while navigating one of the world’s most fragmented regulatory landscapes.

The World Economic Forum’s Global Cybersecurity Outlook 2026 reveals that 94% of leaders identify AI as the primary driver of change, yet geopolitical tensions and diverging national rules are widening the cyber inequity gap.

Women remain underrepresented, comprising just 22% of the global workforce and only 16% of CISO roles worldwide, though the Asia-Pacific region fares slightly better at 24.8%.

In Hong Kong, progress is visible: women now hold 45% of senior leadership roles in the financial sector, and the elimination of single-gender boards by 2025 has created over 800 new opportunities. Yet mid-career confidence dips and unconscious bias persist.

Against this backdrop, Silvia Lam Ihensekhien, a director of information security and risk management for a large company in Hong Kong, stands out. A multiple award-winner—including CSO30 ASEAN Awards (2023 and 2024), Cyber Security Professional Awards (2023 and 2025), and Top 50 Women Tech Leaders Asia (2024)—Ihensekhien brings 15+ years of cybersecurity expertise and a teaching background that uniquely equips her to bridge people and technology.

Her story, shared in this International Women’s Day 2026 profile, offers practical lessons for CISOs seeking resilient, inclusive leadership.

Building a unified cyber governance framework in Asia’s regulatory mosaic

Asia’s regulatory environment is notoriously complex, with countries from mainland China to Singapore imposing distinct data-localisation, breach-notification, and AI-governance rules.

Ihensekhien’s advice is pragmatic: “I would suggest a global framework which involves describing your minimum requirement in the context of a global framework and then having each country tailor-make that.”

Alternatively, adopt the strictest requirements across markets to create a single internal standard. Either approach avoids reinventing the wheel.

She recommends starting with internationally recognised standards such as NIST or ISO 27001, noting that ISO 27001 is already widely accepted in China.

“You can use the same framework to roll out. It’s a good reference instead of building your own framework. Using these global brands as a base, then adapt the additional things, for instance, what is a unique requirement in the country.” Silvia Lam Ihensekhien

This mirrors broader 2026 trends. The World Economic Forum highlights “cyber regulations in an era of fragmentation,” while Southeast Asian CISOs predict AI governance and identity-centric controls will dominate priorities. By embedding security-by-design early, organisations can accelerate secure AI adoption without constant local rework.

Prioritising investments: Resilience and talent first, quantum third

With budgets under pressure and geopolitical risks rising, sequencing investments is critical. “It really depends on what kind of business you’re in,” Ihensekhien candidly comments.

For manufacturing-heavy operations such as beverages, she ranks cyber resilience and talent upskilling ahead of post-quantum cryptography. She cites that in industries like manufacturing, resilient and talent upskilling are important, whereas in the banking sector, cyber resilience is non-negotiable, while AI is growing in importance.

Talent shortages remain acute; the global gap stands at 5.5 million (ISC2), and Asia’s digitally mature economies still struggle with retention. Ihensekhien’s message aligns with 2026 forecasts: AI-driven attacks and supply-chain risks demand resilient architectures now, while post-quantum migration is a longer-term play.

Hitch Partners’ 2025 CISO Survey reinforces that successful leaders justify spend through compliance, business impact, and ROI—exactly the language Ihensekhien uses with boards.

How teaching forged stakeholder mastery

Ihensekhien began her career as a lecturer in tertiary education after earning a Bachelor of Arts (Honours) in Computing Studies. That classroom experience proved foundational. “As a teacher, you need to observe. If students feel confused, you need to address it. Same as when you’re doing stakeholder management.”

She learned to capture engagement with facts, figures, and storytelling, and to listen actively—skills that translate directly to explaining cybersecurity to non-technical executives.

Public speaking confidence, once a barrier for many women, became second nature to Ihensekhien following her stint as an educator. “(As a teacher, you can’t be shy about speaking in public. When you face students regularly, you won’t be shy anymore.”

This foundation later helped her shift cybersecurity from a purely technical issue to a board-level business responsibility.

The experience that solidified her passion for people and technology

Early in her corporate career, Ihensekhien led an Azure cloud migration that crystallised her “bridge people and technology” philosophy. The project faced dual hurdles: technical knowledge gaps and operational resistance.

She secured management buy-in by emphasising flexibility, scalability, cost savings, and security—“we are more flexible on the business side… easy to expand.” CFOs focused on ROI, whilst operations teams needed reassurance.

Rather than outsourcing entirely, Ihensekhien insisted on side-by-side knowledge transfer. She flew to the Manila operations centre, worked overnight shifts, and brought snacks to maintain morale. The result? Migration was completed in just six weeks.

“That is how you build a team by bringing technology and people together.” The project remains a masterclass in change management that continues to inform her leadership today.

Self-confidence as the ultimate equaliser

As a woman advancing in Hong Kong’s tech sector, Ihensekhien encountered classic bias: “When you see a female and male executive together, people assume the latter is more senior.” Her response was resolute: “(I) don’t care how people think about it. You need to have self-confidence.” Without it, “you don’t get people engaged.”

She acknowledges that mid-career support remains patchy; reports show women linger in mid-level roles 2.5 years longer than men. Ihensekhien’s advice echoes the findings of Hitch Partners, which show that diverse teams (>50% women) dramatically reduce pay gaps. She stresses learning to speak the language of each stakeholder—CFOs want ROI, CIOs want innovation and business impact—and learning from (non-careless) mistakes. “If you don’t make mistakes, how can you learn?”

Balancing innovation and operational stability through security by design

She cites that at her current company any disruption is unacceptable. Yet business units push for AI innovation. Ihensekhien’s secret is governance: “Start with having the mindset of the project governance about the security by design.”

Every digital project undergoes mandatory data privacy and cybersecurity reviews before going live. High risks are mitigated upfront. This structured approach ensures emerging technologies, such as AI security, are adopted safely without compromising resilience—a model increasingly endorsed by Gartner and Southeast Asian CISOs for 2026.

Mentoring the next generation: “Give to Gain” in action

As director of professional development at ISACA China Hong Kong Chapter and a long-time PolyU mentor, Ihensekhien lives the “Give to Gain” principle. She counters the “male-dominated” perception by serving as a visible role model and encouraging female mentees to explore cybersecurity’s stability amid AI disruption.

While she confirms that “Security is a pretty stable job”, she also acknowledges that “AI has replaced a lot of jobs.”

Asked to offer practical advice on staying in tune with current trends, she suggests starting with free online courses for an overview, identifying a passion area, and understanding market salaries for realism. For mid-career women, she coaches business storytelling—skills no YouTube tutorial can replace.

Her message is empowering: “Cybersecurity choose me, not I choose cybersecurity… opportunity open up… be grateful… find your passion.”

Closing the caps: Mid-career confidence and the road to parity

While Hong Kong celebrates 45% female senior leadership in finance, Ihensekhien acknowledges persistent mid-career gaps. Technical excellence alone is insufficient at the manager level; leaders must translate data into compelling narratives tailored to each audience. She coaches her team relentlessly: “It is the art… you learn from experience… the more you do, the more you’re good at it.”

As a side note, she acknowledges that burnout (in the cybersecurity profession) is real—“when things happen, it is very awkward”—but she advocates prioritisation and work-life balance once experience allows one to “say no.” Progressive organisations, she believes, now view mistakes as learning opportunities, provided they are not careless.

Opportunity, passion, and resilience

Ihensekhien’s career arc—from lecturer to award-winning CISO—proves that diverse paths strengthen leadership. Her advice to emerging women: “You may not know what you want to do (in the future), but you probably know what you don’t want to do (now). Go try and see what makes you happy.”

In 2026, with AI reshaping threats and opportunities alike, leaders like Ihensekhien demonstrate that technical rigour, emotional intelligence, and inclusive mentoring are the true competitive advantages.