In a world where cyber threats evolve by the minute, Rosemary Chisom Dimakunne stands at the frontline, protecting the digital heartbeat of industries that power our everyday lives: finance, energy, healthcare, and oil & gas. As the Incident Response Lead at Access Bank, Dimakunne has been instrumental in fortifying critical systems against digital intrusion. Her recent development of an AI-powered intrusion detection system has strengthened the security of ATMs, biometric platforms, and surveillance infrastructure, significantly reducing fraud and reinforcing global compliance standards.In this interview, she opens up about her journey, the evolving threat landscape, and what it takes to lead in an era of intelligent cybersecurity.
What inspired you to pursue cybersecurity, and what keeps you motivated?
I’ve always been driven by the challenge of protecting critical systems and data from evolving threats. Early in my career, witnessing how cyberattacks could disrupt lives and businesses pushed me to dive deeper into cybersecurity. What keeps me motivated is the constant evolution of this field, new threats, technologies, and opportunities to make a difference. I see my work as a way to safeguard not just organizations, but the broader ecosystem that supports everyday life.
How does cybersecurity differ across sectors like oil & gas and banking?
Each sector has unique challenges. In oil & gas, securing offshore and remote infrastructure demands a focus on physical connectivity, IoT devices, and industrial control systems. In banking, the emphasis is on protecting digital transactions, customer data, and regulatory compliance. While the core principles of cybersecurity remain risk management, threat detection, and resilience the strategies and tools must adapt to each industry’s specific risks and compliance frameworks.
How is AI changing the future of cybersecurity?
AI is transforming cybersecurity by enabling proactive threat detection and faster incident response. It helps analyze massive datasets, identify anomalies, and predict attack patterns. At Access Bank, I led an AI-powered intrusion detection system that protected ATMs and biometric devices, showcasing how AI enhances security in real-time. Looking forward, AI will continue to be the backbone of adaptive, intelligent defenses in a hyper-connected world.
What are some threats the public might not be aware of?
One often overlooked threat is the vulnerability of IoT devices in everyday settings, think smart thermostats, security cameras, or medical devices. Another is the risk of supply chain attacks, where an organization is compromised through a third-party vendor. Also, deep fake technology and AI-generated phishing campaigns are evolving rapidly, and many people aren’t aware of how convincing and dangerous they can be.
Can you tell us more about the AI-powered intrusion detection system for ATMs and its impact?
At Access Bank, I developed an AI-powered system that monitors ATM transactions, biometric authentication, and surveillance data. It uses behavioral analytics to detect suspicious activity like abnormal login patterns or transaction anomalies and triggers alerts in real time. This system reduced fraud incidents significantly, improved customer trust, and ensured compliance with banking regulations, ultimately protecting both the bank’s assets and its customers’ financial safety.
What’s the most overlooked risk in IoT security?
The most overlooked risk is often the default configuration of IoT devices using factory set passwords or outdated firmware. These small gaps can become entry points for larger attacks. Another critical risk is the lack of network segmentation; without proper isolation, an attacker gaining access to a single IoT device can pivot across the entire network, potentially compromising critical systems.
What do companies get wrong when securing cloud environments?
Many companies assume that moving to the cloud shifts all security responsibilities to the provider. While cloud platforms like AWS or Azure offer robust tools, it’s still the organization’s responsibility to configure security settings correctly, manage access controls, and monitor for threats. Misconfigured permissions, lack of encryption, and weak identity management are common mistakes that leave cloud environments vulnerable.
How do you balance regulatory compliance with evolving security threats?
It’s a balancing act between following strict frameworks and adapting quickly to new threats. For instance, while implementing anti-money laundering (AML) systems, we ensured compliance with regulations like PCI DSS and GDPR, but we also integrated AI-driven fraud detection to stay ahead of emerging risks. The key is designing systems that meet compliance requirements while remaining agile enough to adapt to evolving threats.
In a high-stakes incident response scenario, what’s the first thing you focus on?
Containment is always my first priority. Stopping the spread of the attack and isolating affected systems buys critical time. Once the immediate threat is contained, I shift to root cause analysis, remediation, and recovery. Clear communication and coordination across teams are also essential to ensure a swift and effective response.
How does academic research complement your hands-on experience?
Academic research helps me understand the “why” behind security principles whether it’s cryptography, AI models, or emerging threat vectors. My current master’s program at Baylor University sharpens my analytical and problem-solving skills, and bridges the gap between theory and practice. It also keeps me informed about the latest trends, which I apply directly in real-world projects.
How has your experience been as a woman in cybersecurity, and what advice do you have for young women?
It’s been a rewarding journey, but also one where I’ve had to push through biases and advocate for my voice. I believe in creating a culture of inclusion and mentorship. To young women, I’d say: Be bold, stay curious, and don’t let anyone define your limits. Cybersecurity needs diverse perspectives, and your contribution is valuable.
What role do professional networks like Women in Cybersecurity (WiCyS) and Society of Women Engineers (SWE) play in your journey?
These networks have been instrumental in my career providing mentorship, collaboration opportunities, and a sense of belonging. WiCyS, for instance, connects me with other women who understand the unique challenges in cybersecurity, while SWE fosters a broader community of women in STEM. Both have helped me grow as a leader and advocate for others in the field.
What makes an effective cybersecurity leader today?
An effective leader combines technical expertise with empathy, clear communication, and the ability to inspire teams. It’s about seeing the big picture understanding both business goals and security risks and empowering teams to develop innovative, practical solutions. Continuous learning and adaptability are also crucial, as the threat landscape is always evolving.
Where do you see the greatest cybersecurity challenges and opportunities in the next five years?
The convergence of AI, cloud, and IoT will bring both challenges and opportunities. On one hand, these technologies expand attack surfaces and introduce new risks like AI-manipulated data or large-scale IoT breaches. On the other hand, they offer incredible opportunities for proactive defense such as AI-driven threat detection, zero-trust architectures, and quantum-resistant encryption. The key is to embrace innovation while building resilience into every layer of our digital infrastructure.