Unilever poaches Kirsten Davies from Estée Lauder as its new CISO

The experienced security leader joins from Estée Lauder

Unilever has appointed Kirsten Davies as its new Chief Information Security Officer (CISO). Davies was previously CISO at the Estée Lauder group. An experienced security leader, she has previously led the security function at Siemens, HPE, and more recently, Barclays Africa – where she designed and led the Converged Security function for Barclays Africa (now known as Absa) amidst the bank's complex separation from Barclays PLC.

Davies also established Barclays’ Converged Security Academy, which guided applicants through a 14-week immersion course to re-skill them for entry level cybersecurity positions – with training spanning cybersecurity, information security, fraud defence, physical and executive security, and forensics/investigations.

See also: Veeam CISO Gil Vega on "swinging for the fence"

Prior to her role with Barclays, Kirsten Davies served in two capacities at Hewlett Packard Enterprise (HPE): VP & Deputy CISO, and VP for Enterprise Security Strategy, heading up one of four worldwide, strategic customer-facing areas for HPE. During her tenure with HPE, she achieved the first-ever Cyber Security Master Agreement with the German Workers Council, now replicated across HPE’s 20+ Works Councils in EMEA.

A specialist in guiding large-scale global transformation programs focused on cyber and information security, technology, business process, and organisational transformation, Kirsten Davies joins as Unilever CISO as the €50 billion by annual revenues consumer goods company goes through a sweeping digital transformation.

The company has acknowledged it has work to do, warning in its most recent annual report that it is “particularly reliant on third party experts in [the IT infrastructure] space and thus the impact of Covid-19 on their operations also poses a risk for us” adding in the early 2021 report that “cyber threats continue to expand. The business continues to upgrade its resilience programmes to protect its people and assets.”

See also: The evolution of the CISO

Like most companies during the pandemic Unilever has digitalised at a previously unseen pace (opening up potential threat vectors.) As its annual report notes, “increasing digital interactions with customers, suppliers and consumers place ever greater emphasis on the need for secure and reliable IT systems and infrastructure.”

Among areas of rapid digitalisation at Unilever have been a push to use technology for more dynamic adjustments to supply chain movements. As the annual report notes: “As we worked alongside suppliers to respond to the surges and falls in demand across different product categories, the value of data insights, smarter sourcing and more real-time visibility of goods and logistics became very clear. This is a critical focus for us – we’re using increasingly sophisticated digital tools to identify new potential innovation partners, bring new suppliers on board, audit suppliers virtually, and monitor logistics and supply risk in real time.

The events of 2020 also fast-forwarded the shift towards digital ordering and fulfilment. As the March 10, 2021 report notes, online ordering from Unilever’s small retailer servicing apps and web stores surged from roughly 350,000 stores at the end of 2019 to 115,000 new stores ordering online each month in 2020: “By the end of the year, more than 1.4 million stores had moved to our digital small retailer servicing solutions that help in checking inventory and promotions, ordering products and making payments for products purchased.”

Follow The Stack on LinkedIn