Dolores Perez, Head of Group Data Protection at KBL European Private Bankers S.A.
Hard work, ambition, and a strong academic background are the recipe for success for Dolores Perez. Unmatched by her predecessors, Dolores held the position of CISO at the international private bank KBL for more than 6 years. Her previous experience in consulting developed her perseverance and ability to make an impact with top management. These two skills have been key to her success.
Dolores started her career armed with an engineering and finance diploma from the esteemed Louvain University in Belgium. “From my point of view, a career needs to be built on confidence. Having a good diploma is very important as it already gives you credibility and confidence in what you can do. It shows that you have some grey matter in your head”. She entered the professional world with an adventurous mind looking for new challenges and travels. Dolores first joined a consulting firm and seized the opportunity to work all over Europe in core banking system integration. Then Dolores joined KBL as a supervisor of KBL & Subsidiaries Internal Audit. She evaluated the risks at subsidiaries located in many places including Spain, Germany, England, and Ireland for eight years. This first position at KBL helped her to gain a deep understanding of all the processes within the company.
“Being an auditor of the group requires strength and direction. You usually end up in a new country where, as an auditor, you are not always well received, and you need to fight your way in”.
After her success in audit, Dolores was promoted to the group’s CISO, and more recently DPO. Dolores’ journey is a good example of how you can flourish in a large international company.
Having climbed to the top of the corporate ladder, Dolores takes a step back and explained what she called the “rubber band” effect, an effect one can experience in a career. Dolores then gives her advice on how to react to this effect, i.e. how to pull the rubber band, specifically in cyber security.
Dolores has a good metaphor for a career, especially for women in cyber security. Rubber bands are stiff at first just like careers: You need to pull on them to grow and progress. Sometimes, the rubber band will snap back into its original position if pulling too hard, and this can hurt. But eventually, the rubber will stretch and grow if you keep pulling it continuously.
“I mean several things by this. First, you need to accept failure and never expect to succeed every time. When you fail, it usually means that you need to change. Second, you need to have a lot of resilience. It is easy to say “be resilient”, but this can only be achieved if you believe in yourself and never compare yourself to others. Last but not least, do not be naïve in moments of difficulty. It is only the spring back, and it means you need to keep pulling.”
For Dolores, pulling the rubber band actually starts very early in life. Dolores believes that it is very important, especially for young girls, to have a role model and not to be subject to any limitations. During education, children must receive encouragement, ambition and self-confidence to tackle the world’s challenges head-on. Even if you are the person pulling your own rubber band career, Dolores recognises that other people can add a little strength in pulling. Networking should be seen as part of your job although it can be challenging at the beginning.
“It is something I hadn’t understood in the early start of my career. When networking, I had the impression I was not actually doing my job. I felt guilty. But that’s the wrong vision. Networking is part of your job and usually is a mutually beneficial activity. You learn from others and others learn from you. More than that, working hard 100% of the time is not always the way. Sometimes you need to step back and take time to build your career”.
Consulting gives you an incredible advantage in a CISO level position
Dolores explained:
“I was always a high-level person seeing the big picture. Consulting and audit jobs made me go deeper into details, which is a necessary skill for your career. It is easier to master a subject you experienced, not just read about. Consultants also gain experience very quickly as they interact with many different clients. Finally, I was exposed to management and executives very early on in my career, which taught me to synthesise”.
With her consulting experience, Dolores was armed with strong skills and deep knowledge to pursue her career at an international private bank.
Break down bias and don’t hesitate to seize opportunities for yourself
Dolores acknowledges that as a woman you sometimes face additional challenges, especially when it comes to breaking down biases. Dolores recalls a particularly intense moment in her life. While she was still on maternity leave for her second child, a position as group auditor opened up in Spain. She deeply believed she was the best fit for the position and she applied by sending an email directly to the bank’s CEO. As one key advice, Dolores stated:
“you should not be afraid to put the tennis ball just at the limit of the court: on the white line”.
Having the courage to apply, Dolores got the position of Group Auditor and moved to Spain.
Don’t hesitate to deep dive into a new subject
Dolores entered into Cyber Security later in her career. She is a good example that it is possible to jump into a moving train like the ever-changing field of Cyber Security. Dolores had to learn about Cyber Security through trainings, certifications and by consulting expert advice.
“I ended up in the security field by accident. Entering a new field, one needs to be humble and re-evaluate what one knows and needs to learn about the subject. I had to study very hard and would always suffer from headaches at end of the day during that period. You need to do something 21 times to change a habit.”
Aided by her scientific background and perseverance, she quickly embraced her new responsibilities.
“When I took the job, the CISO position was perceived as high-risk due to the increasing volume of cyber-attacks and breaches being discovered in the Financial Sector. Despite the warning of my friends and colleagues, I persevered. I’ve always liked to protect others, which is probably linked to a maternal instinct. I am not afraid to make decisions and assume the responsibilities for them, even in a high-risk position. That is probably why I stayed on as a CISO for 6 years.”
Communication skills and support from others are of great value
During her time as CISO, Dolores recalls that it was challenging to convey messages regarding security to top management.
“As a CISO, you need to be able to communicate in a simple and understandable way with all levels from operational to top management. Marketing skills are as important as hard technical skills. Yes, computers are very interesting, but as CISO, you also need to understand people, and especially the people sitting in the chairs of the Board.”
Dolores was recently promoted to the role of DPO where she will work hand-in-hand with the new CISO.
“In my opinion, DPOs and CISOs are strong supports one to another. The CISO focuses on security and the DPO focuses on compliance but both have the common objective to protect data. With the compliance dimension, DPOs can position CISOs at board level. When two voices are raised together, it makes a bigger impact.”