BNY Mellon EMEA CISO on Cybersecurity Innovation and AI Threats

Niamh Muldoon, the EMEA CISO and Innovation Lead at Bank of New York Mellon (BNY Mellon), brings over two decades of cybersecurity expertise to her dual role. As the first woman in Ireland to earn the CISSP certification, Muldoon is a trailblazer in the field. Her current focus is on integrating innovation into BNY Mellon's global cybersecurity strategy, particularly in response to the rapid advancements in AI and associated threats.

Dual Role: EMEA CISO and Innovation Lead

Muldoon's role as EMEA CISO involves understanding regional cybersecurity regulations and client needs, supported by BNY Mellon's global teams. Her Innovation Lead role, however, is what excites her the most. She collaborates with cyber startups worldwide, identifying cutting-edge technologies to address emerging threats. "You're the only CISO who makes money for BNY," Global CISO Matt McCormack told her, highlighting the value of her work in driving investments in cyber innovation.

AI and the Future of Cybersecurity

Muldoon and her team are closely monitoring AI's impact on cybersecurity. They have identified vulnerabilities in large language models (LLMs) and are exploring tools to secure the software development lifecycle (SDLC) for AI applications. The next wave of threats, she predicts, will involve AI agents replacing humans in certain tasks, raising questions about identity management and behavioral training for these agents.

The Evolving Role of CISOs

Muldoon reflects on the changing profile of CISOs, noting a gap in business and financial acumen among newer professionals. "People have been promoted to CISO roles and they really don't have the expertise needed across the technology and the business," she says. This lack of experience, she argues, contributes to the 'Great CISO Resignation,' as many struggle to articulate cyber risks to executive teams.

Advice for Aspiring CISOs

Muldoon advises aspiring CISOs to choose their organizations carefully and ensure they have direct reporting lines to the CEO. She also highlights the growing opportunities in cyber innovation for those who may not want to remain in traditional CISO roles. "If you realize you don't want to be a CISO anymore, the cyber innovation space is an ideal place for you," she says.

For more insights, visit Infosecurity Magazine.