As part of our Women in Cybersecurity Month, we are highlighting women and their careers, accomplishments and passions. This spotlight features CISO and CPO Victoria van Roosmalen, CISSP, CCSP, CSSLP who is a leading expert in security, privacy, and data protection. She combines technical, legal, and strategic expertise to shape industry standards and helps organisations stay ahead of evolving threats. 

Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2. 

Growing up surrounded by computers, Victoria’s interest in the digital world took root early. “My mom specialised in computer hardware, and my dad was a systems administrator, so technology was integral to my upbringing,” she explained. As a kid, she learned about systems at their most fundamental level.

Technology as a Foundation

Her first lesson in security awareness, however, came as a surprise. “One day, I received an email from Bill Gates. He was disappointed that I wasn’t using Windows, highlighting that it ‘works straight out of the box!’” she recalled with a laugh. “Of course, it wasn’t really him – it was a spoof email from my dad, jokingly adding fuel to the fire after I struggled all day with [Linux] compilation errors.”

That moment led her into low-level system programming. In her teens, she attempted to write her own operating system. This experience laid the groundwork for her technical expertise and desire to maximise the relationship between software and hardware, and it eventually sparked her curiosity about system security.

The Security Wake-Up Call

During her academic engineering studies, Victoria joined a software company and quickly became responsible for its management and operations, shaping her early career. “It was a lot of responsibility and hard work, but I thrived on it. The hands-on learning experience was priceless,” she recalled. Leading business and technical operations gave her firsthand exposure to managing real-world risks.

As Victoria audited third-party software systems, security became personal. She uncovered flaws with potentially devastating consequences. That’s when she realised that security wasn’t just about protecting systems. “It’s about designing them with safety in mind—fundamental to safeguarding society and infrastructure. After all, there’s no CTRL+Z for real-world damage”.

Bridging into Privacy: A Deeper Responsibility

Initially, Victoria saw privacy as just another facet of security. “I didn’t realise they were considered distinct fields,” she admits. As she dug deeper,Victoria realised privacy wasn’t just a technical data protection or a regulatory compliance issue. “At its core, it’s about protecting human rights – equality, autonomy, and dignity,” she explained.

Her experiences further deepened this understanding. As a woman in a male-dominated industry, she had already faced and navigated biases throughout her education and career. When she became a target of stalking, her advocacy for privacy spiked her sense of urgency. “That experience made me realise how threats translate into the physical world as well,” she shares, fuelling her commitment to driving privacy and security as essential to safety and overall well-being.

Security and Privacy: Inseparable by Design

For Victoria, advancing safety and protecting fundamental freedoms isn’t just a job; it’s her mission. Her work extends beyond her role as a CISO & CPO in the social media sector. She actively reports and helps resolve issues she encounters online. “It’s second nature to me, but it’s also exhausting. It’s a constant reminder of how much work still lies ahead of us,” she shared.

She also applies her analytical Open Source Intelligence (OSINT) skills to support causes such as helping find missing persons. “It’s incredibly fulfilling to use technology for meaningful work, yet it highlights how much information we unknowingly expose. It can be terrifying, really,” she added.

To Victoria, security and privacy are inseparable.“Security without privacy is surveillance. Privacy without security is an illusion,”she explained. Her goal is to empower a brighter future where both remain at the heart of innovation. With her expertise and dedication, she continues to drive change and advocate for responsible practices that make the digital world safer for everyone.

Related Insights