Question
What makes working in information security at a regulated insurer or bank different from other industries, and what skills does it demand?
Answer
Regulated sectors face strict supervision, sensitive data, and close proximity to management, so security work blends technical control with consultancy, communication, and resilience under stress.
A practitioner described the field as "demanding and interesting": you need to be curious, stress-resistant, flexible, consequent, open, collaborative, and (in international firms) able to work in English. Relevant differences for regulated sectors (banking, insurance, critical infrastructure) include the regulated environment, processing of sensitive data, a strong security culture, proximity to management, being early adopters of GenAI / new ways of working, and heavy consultancy demands. The job is as much about advising the business as configuring tools.
Note saved — thanks!