PEXA’s Tara Dharnikota: Using Tools and Tech to Build a Cybersecurity Culture
Tara Dharnikota unravels proactive cybersecurity practices
With a diverse background that encompasses both network engineering and cybersecurity, Tara Dharnikota is currently the Head of Information Security Management for PEXA Group. She is responsible for overseeing the organisation’s end-to-end security governance, compliance, and processes.
“I work closely with stakeholders to ensure our products and services meet PEXA’s rigorous security standards,” Dharnikota says.
“Leveraging my technical background and leadership skills, I navigate the complex landscape of compliance and audits, provide comprehensive monthly reports on our cybersecurity function, and drive impactful security education and awareness programs across all divisions of PEXA Group.”
Dharnikota started her career as a network engineer, implementing network infrastructure and focusing on information security and risk management for a small-to-medium-sized business.
Later, she joined Telstra, where she began as a security evangelist for network engineering and operations teams.
“In this role, I worked closely with technical teams, promoting security best practices and raising awareness about the importance of cybersecurity,” she says.
“As my passion for cybersecurity grew, I transitioned into technical roles within Telstra, where I immersed myself in hands-on work and expanded my knowledge across various cybersecurity domains. I had the privilege of leading teams in complex security projects, leveraging my technical expertise and leadership skills. “My journey from a network engineer to a cybersecurity leader has provided me with a unique perspective, combining technical expertise with a deep understanding of security management. I am excited to contribute my wealth of experience and knowledge to the cybersecurity community, making a meaningful impact in protecting digital assets and ensuring a secure cyber landscape.”
Forging a Collaborative Culture
Creating a strong cybersecurity culture within organisations is key to getting stakeholders at all levels, from junior staff to senior executives, to understand the importance of cybersecurity.
Dharnikota actively engages with them by emphasising the potential risks and impacts of cyber threats, highlighting real-world examples and case studies.
“By effectively communicating the significance of cybersecurity in protecting sensitive data, maintaining customer trust, and safeguarding the organisation’s reputation, I ensure that cybersecurity becomes a priority and receives the necessary support and resources” she says.
Collaboration is also vital for the success of cybersecurity projects. To foster a more collaborative environment, Dharnikota has established open lines of communication, encouraged diverse perspectives, and created a supportive environment where team members feel comfortable sharing their ideas.
“I organise regular meetings, workshops, and brainstorming sessions to encourage open communication and idea sharing,” she says
“I have also implemented collaborative tools and technologies to streamline communication and information sharing, while also facilitating cross-functional collaboration through inter department meetings and workshops.
“Additionally, I emphasise the benefits of shared knowledge and expertise, encouraging team members to collaborate, provide feedback, and leverage each other’s strengths. By creating a collaborative culture, we can enhance the effectiveness and efficiency of our cybersecurity initiatives.”
Dharnikota has worked on a variety of cybersecurity projects throughout her career. One of her most significant achievements was spearheading the establishment and maturation of an Open-Source Intelligence (OSINT) team.
“This highly specialised team, which only a few organisations have, focused on gathering and analysing intelligence from various external sources to enhance our cyber defence capabilities,” she says
“I led the recruitment of skilled professionals, designed the team’s structure and processes, implemented tools to support their operations and overall, created a sustainable framework and guiding principles for the team.
“Additionally, I was provided the initiative to address cyber security concerns by spearheading the implementation of the ASD Essential Eight Risk Management Framework across Telstra. This comprehensive framework provided a mitigation strategy to address cyber threats and vulnerabilities. By ensuring compliance with the Essential Eight, we significantly improved our cyber security posture and reduced the risk of potential breaches.
“The success of these projects highlights my ability to establish specialised teams and implement industry best practices. These accomplishments not only enhanced our organisation’s cyber defence capabilities but also positioned us as a leader in leveraging external intelligence and adhering to recognised risk management frameworks.”
The Endless Game of Catching-up
In a rapidly evolving technological landscape, staying current is crucial for a cybersecurity professional. We asked Dharnikota what strategies she employs to keep up with the changes and developments in technology.
She thinks it’s critical to actively participate in industry events, conferences, and webinars to stay informed about the latest trends, technologies, and best practices.
“I also engage with professional networks and online communities, where I can connect with peers, exchange insights, and learn from their experiences,” she says.
“In addition to the above, I regularly read industry publications, research papers, and blogs to gain in-depth knowledge. Continuous learning, pursuing certifications, and participating in relevant training programs are also essential to stay updated and maintain a strong skill set.”
Dharnikota also enjoys sharing her knowledge to help others in the industry. She is delivering a presentation at the upcoming CISO Melbourne 2023 conference, taking place from 17-19 July at Crown Promenade.
The presentation she will deliver at this event offers a strategic view of establishing a proactive intelligence function within organisations.
“Attendees will learn practical strategies for mitigating cyber threats using open-source intelligence (OSINT) and monitoring critical areas such as the dark web, phishing intelligence, and ransomware. They will also gain insights into obtaining stakeholder buy-in, securing funding, and fostering a security-aware culture,” she says.
“The main takeaway from this presentation is a deep understanding of proactive cybersecurity practices that complement existing security governance and compliance processes. Attendees will be equipped with actionable insights to strengthen their cybersecurity posture, effectively manage risk, and proactively safeguard critical assets. “By implementing these strategies, organisations can enhance threat detection and response capabilities, staying ahead of evolving threats.”