Ekaterina Serban, Head of Privacy and Information Security, Bosch

With over 16 years of extensive experience in Supply Chain, Logistics, and Global Operations, Ekaterina specializes in B2B and B2C business, IT, digital, privacy, and information security across diverse markets including the US, Mexico, China, India, Malaysia, Turkey, UK, Germany, and Russia. She has a proven track record of successfully building and leading high-performing cross-cultural global teams, as well as driving strategic transformations towards modern digital, compliance, and IoT organizations. Her expertise also extends to establishing privacy and cybersecurity governance, risk management, and operational resilience frameworks.

Ekaterina is also recognized as a “Next Horizon Leader” in the new generation of global leaders, with a commitment to making significant impacts in her field and beyond, particularly in preparing industries for the digital era and strategically shaping the future landscape while cultivating future global leaders. She is an expert speaker on leadership, emerging technologies, cybersecurity, privacy, AI, digital transformation, women in the technology industry, diversity and inclusion, the future of industries.

Recently, in an exclusive interview with Digital First Magazine, Ekaterina shared her professional trajectory, the most favorite aspect of her current role, insights on the future of cybersecurity, personal leadership style and approach, the best piece of advice she has ever received, pearls of wisdom, and much more. The following excerpts are taken from the interview.

Hi Ekaterina. Please tell us about your background and areas of interest.

I was born and raised in a multicultural family, and I pursued an international mindset from the early stages. And having my father as a great leader and a role model predefined many unconscious traits in my development as a leader, and the most important as a Female Leader.

I studied international economics and law, as well as having an executive education at Harvard Business School. I have gained an experience of building a career and working in different fields (logistics, supply chain, IT, legal and compliance related), and many countries as well.

I can say that throughout my entire career I was the one who was (and is) creating and implementing a vision for the team and organization and being a visible leader as a pioneer of change. Always leading by example and I inspire employees to take smart risks and to drive positive change in their professional lives.

On a private note, I am a mom of two fantastic daughters and enjoy having time with my family.

What aspects do you enjoy the most of your current role?

It’s never boring. There are several aspects of my role that I find particularly rewarding and enjoyable. Firstly, I appreciate the opportunity to contribute strategically to the organization’s overall privacy and information security. Being able to develop and implement comprehensive strategies that align with business objectives allows me to have a significant impact on the organization’s success.

Secondly, I enjoy the continuous learning and problem-solving aspects of the role. The digital landscape is constantly evolving, presenting new challenges and opportunities for innovation. Staying abreast of emerging threats, technologies, and best practices keeps me engaged and motivated to find effective solutions to protect our organization’s sensitive information.

Thirdly, I value the collaborative nature of the role. Working closely with cross-functional teams, executives, and stakeholders allows me to leverage diverse expertise and perspectives to address challenges effectively. Building strong relationships and fostering a culture of privacy and security awareness throughout the organization is fulfilling and rewarding.

You are an International Partner at World Business Angels Investment Forum (WBAF). Can you please tell us about this organization and your role in it?

The World Business Angels Investment Forum (WBAF) is an affiliated partner of the G20 Global Partnership for Financial Inclusion (GPFI). WBAF is committed to collaborating globally to empowering the economic development of the world and aiming to ease access to finance for businesses from start up to scale up to exit, with the ultimate goal of generating more jobs and more social justice worldwide.

I am an International Partner for Germany, and the Forum interacts with leaders in all areas of society, first and foremost in business and political spheres, to help assess needs and establish goals, bearing in mind that the public interest is of paramount importance. We engage a wide range of institutions, both public and private, local and international, commercial and academic to help shape the global agenda.

According to you, how has cybersecurity changed over the last few years?

In recent years, privacy and information security have undergone profound changes driven by digital transformation and the proliferation of AI technologies. Organizations now prioritize robust measures to safeguard sensitive data amidst evolving cyber threats. AI-driven technologies have revolutionized cybersecurity practices, emphasizing the need for adaptable frameworks that uphold privacy principles in dynamic digital environments.

Security and Resilience are two interlinked concepts. From your perspective, why is it important to equally focus on building resilience?

Focusing equally on building resilience alongside security is paramount for organizations, particularly in the context of emerging technologies like artificial intelligence (AI), blockchain quantum computing, Web3, etc. As AI continues to advance, it introduces both new capabilities and potential vulnerabilities, necessitating organizational resilience to adapt to evolving cyber threats. In the broader spectrum of emerging technologies organizations must fortify their resilience strategies to navigate increased complexities and mitigate risks effectively. This balanced approach ensures that organizations can maintain operational continuity, safeguard sensitive information, and uphold stakeholder and customer trust in the face of cyber incidents and disruptions.

What is your leadership style and approach?

I consider myself as a new generation of global leaders, I call it “Next Horizon Leader”. Today’s leaders are expected to be collaborative, transparent, innovative, visionary, boundary-pushers, trendsetters, pioneers, trailblazers and future-oriented. I am deeply convinced that companies’ greatest asset is their PEOPLE (yes, people- not technology or/and data!).

And I see as my mission to develop new global leaders, the individuals who anticipate and navigate upcoming challenges and opportunities with a strategic focus on shaping the future landscape.

What does working in privacy and information security mean on a practical level, and what kinds of skills/personality traits are an asset in the field?

Working in privacy and information security entails the dual responsibility of safeguarding business interests while ensuring regulatory compliance. On a practical level, this involves collaborating closely with IT and business teams, executives, and stakeholders to develop a holistic approach to privacy and information security. This approach, encompassing both operational and strategic aspects, is aligned with business objectives. Effective communication and leadership skills play a pivotal role in emphasizing the significance of these matters and cultivating a culture of security awareness across the organization.

What are some of the roadblocks you face to doing your job well? What do you do to overcome those challenges?

There are some of them:

Number one is the current complex regulatory landscape in the world and especially in Europe right now. It requires a thorough understanding of various regulations and standards, as well as ongoing efforts to ensure compliance across all aspects of the organization. Next 2-3 years many industries will face massive impact from upcoming digital regulations, especially when it comes to digital platforms and services, connected products. And what I see right now many companies still underestimating upcoming impact and not putting this topic in the board room. And this is a part of my job as well to prepare business for those regulatory changes and advocate for a proactive approach to compliance, positioning it as a strategic enabler rather than a mere obligation.

Number two is rapidly evolving threats and lack of organizational buy-in. The cybersecurity landscape is constantly evolving, with new threats and attack vectors emerging regularly. However, many people believe that cyber related risk and disruptions won’t affect them and it’s “happening only in a movie”.  Building a strong security culture within an organization requires active engagement and buy-in from leadership, employees, and stakeholders.  And on that matter, we work on ensuring that privacy and information security initiatives are aligned with the organization’s overall business objectives and risk tolerance, and that it seen as a strategic priority for the organization.

Number three is cross-organizational silos. There may be differences in knowledge and understanding of cybersecurity risks and best practices among various departments and external suppliers, especially when it comes to the supply chain. There may be resistance or skepticism from some departments or external suppliers regarding the need for measures or the perceived impact on their operations. Therefore, we are building collaborative partnerships across different departments and with external parties in overcoming siloed thinking and organizational barriers.

In your academic or work career, were there any mentors who have helped you grow along the way? What’s the best piece of advice you have ever received?

Throughout my professional career, I have been fortunate to have several mentors who have played instrumental roles in my growth and development. These mentors have provided guidance, support, and valuable insights that have helped shape my career trajectory.

One of the best pieces of advice I have ever received from a mentor is to embrace continuous learning and never stop seeking new knowledge and skills and be open for new opportunities. This advice has encouraged me to stay curious, be open to new ideas, and continuously strive for personal and professional growth. It has inspired me to pursue opportunities for learning and development, whether through formal education, professional certifications, or informal mentorship relationships.

Another piece of advice that has resonated with me is to embrace failure as a learning opportunity rather than a setback. Failure is inevitable (nobody is perfect) in any journey of growth and success, and it is how we respond to failure that ultimately shapes our resilience and determination. This advice has taught me to view failures as valuable learning experiences, to reflect on what went wrong, show your vulnerabilities and to use those insights to improve and grow stronger.

Overall, the guidance and wisdom imparted by my mentors have been invaluable in shaping my career path, instilling a mindset of continuous learning and growth, and empowering me to overcome challenges and achieve success.

Where would you like to be in the next 5 years?

My goal is to continually progress in my career while also making significant impacts in my field and beyond, particularly in preparing industries for the digital era and guiding GenZ towards success. Ultimately, I aspire to embody the qualities of a “Next Horizon Leader” – bold, yet humble, and dedicated to making a positive difference in the world.

I view it as my mission to cultivate future global leaders who possess the foresight and skills to tackle upcoming challenges and seize opportunities, strategically shaping the future landscape. I firmly believe that opportunities don’t happen, you create them.

What advice would you give to aspiring cybersecurity professionals?

I would advise embracing continuous learning, building a strong technical foundation, and gaining hands-on business experience. Cultivate a security mindset, prioritize ethical behavior, and stay adaptable to the fast-paced nature of the field. Lastly, network actively, maintain integrity, and approach privacy and information security as a mission to protect and defend the digital world.

Content Disclaimer

Related Articles