David Gillet: Leading the Charge in IT and Compliance Excellence

Regulatory Compliance
David Gillet: Leading the Charge in IT and Compliance Excellence

Published:

Reading time: 4 min.

Transitioning from Aviation to IT: A Journey at VBS

Two years ago, I made a significant career shift after spending 21 years in the aviation sector. I joined Victor Buck Services (VBS), a company known for its commitment to excellence in IT services, particularly in the realm of data management and cybersecurity. My initial impressions upon arriving at VBS were overwhelmingly positive. I found myself in a highly collaborative and healthy organization, surrounded by skilled and dedicated teams—essential factors for achieving success in any industry.

Embracing a New Culture

One of my first challenges was to integrate quickly into VBS’s unique culture. Coming from a different sector, I had to familiarize myself with the internal processes and dynamics that define the company. Understanding the complexities associated with VBS’s regulatory obligations as a Support PSF (Professional Service Firm) provider was crucial. This transition was not merely a change of scenery; it was a learning experience that has continued to be exciting and enriching.

Taking Immediate Action

Rather than spending time in observation mode, I chose to dive headfirst into several projects upon my appointment. My approach was to reinternalize key competencies and resources, introduce tools for enhanced cost control, renegotiate ongoing contracts, and bring about changes in certain HR practices. I also focused on regaining control over existing applications and infrastructure, initiating transformation projects for our software architecture, and launching the first initiatives for cloud service adoption. My overarching goal was to cultivate a culture of change and leadership within the organization from the outset.

The Dual Role of a CIO

As the Chief Information Officer (CIO) at VBS, I find myself wearing two hats that I juggle daily. In my capacity as the Head of IT, I am responsible for ensuring the excellence of our IT operations. This involves implementing initiatives that not only address our clients’ needs but also meet their expectations and contribute to the company’s future.

Since our CEO established the executive team in 2023, I have also been part of the executive committee. This role allows me to focus on broader strategic initiatives that may not be directly related to IT but are beneficial to the company as a whole. An anecdote that illustrates this dual role occurred during a budgeting session when a colleague asked if I had effectively advocated for the IT department’s interests. I confirmed that, as the Head of IT, I had done so, but as a member of the executive committee, I also had to arbitrate certain decisions, balancing the needs of various departments.

Cybersecurity: A Top Priority

Given the evolving landscape of strategic initiatives, one of my key responsibilities is to ensure robust cybersecurity measures are in place at VBS. Cybersecurity is fundamental to our operations, especially considering the sensitive nature of the data we manage, which includes financial information and patient records in sectors like banking, investment funds, and healthcare. Our Information Security Officers are vital resources, regularly consulted and working closely with all colleagues to ensure the security of our data and that of our clients.

We continuously invest in solutions to enhance our cybersecurity posture. Recently, we adopted a “security by design” approach and integrated automated secure coding into our development cycles using a new Dynamic Application Security Testing (DAST) tool. This allows us to continuously assess vulnerabilities from an external perspective. Additionally, we deployed a new Endpoint Detection and Response (EDR) solution and a cutting-edge Key Management System (KMS) for encryption key rotation, underscoring our commitment to robust security measures. Our efforts have paid off; in 2023, we became one of the first companies in Luxembourg to obtain the new ISO 27001:2022 certification.

Navigating Regulatory Challenges

The regulatory landscape at VBS is complex, and it significantly impacts my daily work. We often describe our operations as being in a “perpetual audit mode.” With various regulatory bodies such as CSSF, OSPAR, and ISO standards to adhere to, VBS operates within a highly regulated environment. The management of audit phases is a massive effort for a company of our size, with significant costs that continue to grow.

Despite the challenges posed by these regulations, they are essential for our clients and serve as a key strength for VBS. They underscore our dedication to strict security and confidentiality standards and reinforce our reputation as a trustworthy and reliable partner. In our day-to-day operations, I often wish for an AI solution that could streamline our responses to auditors and regulators by learning from our existing processes, making compliance more efficient.

Conclusion

My journey at VBS has been a transformative experience, marked by challenges and opportunities for growth. From integrating into a new culture to navigating the complexities of cybersecurity and regulatory compliance, every day presents new learning experiences. As I continue to lead our IT initiatives and contribute to the broader strategic goals of the company, I remain committed to fostering a culture of change and innovation at VBS. The future looks promising, and I am excited to be part of this dynamic organization.

Related articles

Recent articles

Latest news

© 2024 BasicFundas.com [ CYBERSECURITY NEWS UPDATES ] All Rights Reserved.