Accenture’s Hannah Twomey discusses working in cyber, managing burnout and the ever-changing nature of her career.
A security consulting senior manager at Accenture’s security practice in Ireland, Hannah Twomey joined the organisation in 2013, having left university as a technology consulting graduate of mechanical engineering.
Now, 12 years in, she has much to offer in terms of advice for recent graduates, novices and established professionals as they navigate the often challenging, but always interesting waters of the cybersecurity industry.
Can you describe a typical day in the job?
One of the aspects of consulting that I really enjoy is the variety in my days. As I can often be working in more than one role for more than one client at a given time, each day can vary quite considerably. That being said, I try to start my days in similar ways to get outside before work whether that’s for a run, a stroll for a nice coffee or walk to the office.
My role is hybrid, so I get to enjoy the social interaction and working collaboratively with my colleagues and clients in person, as well as work from home sometimes. No matter my role, I often have a lot of meetings and workshops to help keep connected with the team and to ensure we are supporting our clients in the best way we can.
I also like to ensure I have time for one-on-one meetings with the wider team.
What types of cybersecurity projects do you work on?
I have been fortunate to work on a few different projects and with a few different clients, from short strategic engagements of a few days up to a couple of years in a larger project delivery or operations role. I have enjoyed all these for different reasons and have learnt a lot by embracing each role as an opportunity to grow and learn in the role while helping to manage or reduce cybersecurity risks for our clients.
Two projects that come to mind as being particularly interesting and rewarding are a cloud security strategy project to enable the client’s digital transformation and a data security project that stretched across people, process and technology to significantly reduce their data security risks.
What skills do you use on a daily basis that are specifically helpful in cybersecurity and how do you upskill within the field?
There are so many exciting opportunities to use a wide range of skills and utilise different backgrounds in cybersecurity. For the roles I am in, in cybersecurity, I would say that I need technical skills and softer people skills in equal measure, as I often need to be able to communicate risks or issues to technical engineering teams and other stakeholders. This requires clear communication skills, business and technical acumen and strong stakeholder skills.
What I have learnt in my career is that cybersecurity trends and risks can change rapidly so finding a way to keep up to date is so important. I have found podcasts to be one way that works best for me to keep up with trends in security, tech and even business and leadership.
What are the biggest challenges when working in cybersecurity and how do you navigate them?
While cybersecurity is a huge industry globally, for organisations it has historically been an under-invested and often under-staffed area. This has meant that cybersecurity teams have had to play ‘catch up’ on maturing their cybersecurity capabilities as funding expanded.
The consequence of this is that as an industry, sometimes cybersecurity can be seen as a blocker or an obstacle to transformational change and innovation by business and technology teams. This has been a real challenge for the industry to balance getting the greatest impact on mitigating cyber risks while enabling the business to be innovative in a security manner and working in a rapidly evolving threat landscape.
To navigate this challenge, it’s crucial to foster a forward-thinking cybersecurity culture. By building strong, collaborative relationships across the business and engaging stakeholders early, we can ensure that new projects are secure by design.
Cybersecurity is known for high levels of burnout, how do you manage your work to avoid this?
The ever-changing landscape of cybersecurity offers an exciting work environment, yet it can also be a source of stress. Throughout my career, I’ve navigated these challenges with varying degrees of success, constantly needing to adapt to meet my needs. I believe it’s essential for everyone to discover their own strategies, understanding that it often involves trial and error and may evolve over time.
Some effective tips I recommend include recognising when you’re feeling stressed, making a to-do list, taking breaks to walk outside and not hesitating to ask for help.
What are the biggest trends that are changing the landscape for cybersecurity workers?
I don’t think anyone would be surprised by me saying that AI is one of the biggest trends in most industries for 2025. AI poses great opportunities to help automate and bridge the skills gap for many entering the cybersecurity workforce. However, it is already creating serious threats for many organisations with attackers maliciously using AI, for example by creating malware, developing deepfakes for fraud and increased sophistication in social engineering.
What do you enjoy most about working in cybersecurity?
Cybersecurity stands as one of the most dynamic fields in technology today, which has continued to keep me interested but also given great purpose to my work. In our interconnected world, we are citizens, customers, patients and consumers, relying on technology-enabled services to safeguard our most sensitive information.
Whether it’s ensuring the confidentiality of your salary, the accuracy of your payments, or the availability of your health data, trust is paramount. Cybersecurity professionals are dedicated to upholding these principles, continuously adapting to an ever-evolving landscape. I think for many in the industry, this shared mission to protect our digital lives unites us with a sense of purpose.
What advice would you give to someone who wants to work in cybersecurity?
A great starting point is to attend industry group meetings, which aim to build a community of cybersecurity professionals across Ireland. These meetings can be excellent for learning and networking. Cybersecurity can often seem like a daunting field to break into, with its complex language and terminology creating barriers for newcomers.
To overcome this, generative AI can play a role in simplifying jargon to help in networking all the way through to interview preparation. Additionally, the cybersecurity industry greatly benefits from diverse and varied backgrounds, so I strongly encourage anyone with an interest to pursue it.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
