In our first Vault Spotlight, we spoke to our InfoSec Leader, Ash Mohanaprakas. As anyone at Vault would tell you, Ash is an incredibly knowledgeable expert who combines approachability and kindness with her calm intelligence. 

Have any questions relating to data security, privacy or risk? Ash is your person! Enjoy learning more about Ash and her approach to security at Vault.

Keeping Vault and its customers safe

As Head of Information Security, Ash helps Vault achieve its mission and support its customers through programmatic risk and control management.  This can range from risk assessments of novel technologies, services, or product features to incident management, and business continuity preparedness. 

The infosec function plays a pivotal role in safeguarding the organization’s digital information assets and ensuring the integrity, availability, and confidentiality of sensitive information. 

Vault is proudly certified to the ISO 27001 and SOC 2 Type II requirements. It has also been recognised by the National Cybersecurity Alliance as a champion organization, for showing dedication to promoting a safer, more secure online world.

An impressive career trajectory

Ash began her career in philanthropy at the University of Oxford, where she did her undergraduate degree. She focused on system design, training, and process development for SaaS applications. Over the past decade, she transitioned into Infosec operations, consultancy, and leadership roles at various organizations, before ultimately joining Vault. Her infosec journey coincided with the introduction of GDPR, and she found satisfaction in translating regulatory requirements into practical solutions for enterprise applications.

Security by Design at Vault

Ash explains:

“Vault takes infosec very seriously, and has done, since day one. We have adopted a ‘Security by Design’ approach to continually develop secure software, with regular internal and external assurance activities to ensure that the reporter and case information for our customers are secure.”

Vault proactively manages security risks to ensure that customer information is handled securely, and it leverages opportunities in a risk appropriate manner. Strategic decision making takes infosec and privacy as key considerations as it has a shared responsibility towards the security, and reputation of its customers as well.

All Vaulties are trained on the prevalent security threats, and controls, as well as specific training relating to their roles. Ash concludes, “We encourage each Vaultie to make risk informed decisions at all levels, so that we can together secure Vault Platform.”

In Vault’s Trust Center you can find information on how Vault manages information security, as well as the latest pen test report, and information on Vault’s security controls. 

Words of advice for prospective infosec leaders

Ash believes that great infosec professionals can come from all backgrounds. She was a linguist previously! What’s needed is the curiosity to understand a problem, and the perseverance to work out the solution. Ash shared:

“This is a key period for the infosec industry as we’re all much more online now post-Covid, than we were at any other point in the past. This also means that our attackers can easily cause more damage as organizations, big and small, are all likely to be affected by cyberthreats as they mature in their information security practices in this new world.”

In the UK, the Government has funded infosec-related training (such as the Certified in Cybersecurity programme) in order to encourage more people to consider Cyber and Information security as a career pathway.

Thank you to Ash for sharing your journey with us! Check back soon for a Spotlight on another Vaultie expert.