In this interview, we sit down with Prescott Pym, a cybersecurity expert with over 25 years of experience in both government and enterprise sectors.
Now, as a Principal Consultant at Cosive, he helps organisations strengthen their security operations and CTI programs.
Beyond his professional life, Prescott is deeply committed to his community and family, balancing a demanding career with personal growth.
In this conversation, he reflects on his journey, shares insights into the cybersecurity industry, and offers advice for those looking to break into the field.
Tell us a little bit about yourself.
Sure! I’m Prescott Pym, and I’ve been living in Canberra, ACT, for the past 25 years. This has also been the base for my professional career, mostly within government and enterprise sectors. I’ve been keenly engaged with IT ever since dad came home with a Commodore64 in the 80’s and I learned how technology could play a role in our lives.
Very early in my career I specialised in information security because of the dynamic nature and the constant challenges presented where I could use my skills to help others.
Outside of work, I’m really passionate about my local community and making the world a better place for those around me. I’ve got two kids and my partner Kathyrn has three, so we have a large family that keeps us pretty busy.
A huge part of our family is Roxy—greyhounds are a great breed if you’re looking for a low-maintenance dog with heaps of personality. She keeps me company when I’m working from home at Cosive, and helps motivate me to get out for walks in the evening.
In recent years, I’ve also been focusing a lot on personal growth, and I think that focus and self-reflection has played a role in my career path, which has evolved from large scale operations to more focused consulting in areas I’m passionate about with Cosive where I can directly help our clients.
Tell us about your role at Cosive. What are you working on, and what initially attracted you to Cosive?
My background has primarily been in cyber security operations, and that’s an area Cosive specialises in, particularly for SOC maturity assessments and consulting.
I’ve also helped lead the national threat intelligence sharing platform in Australia, which had me working with SOC and Threat Intel teams across the country from small business to global system integrators. These focus areas really align with the work Cosive does, so it’s been a great fit.
Cosive was also attractive because I wanted to work in a small but highly capable company with people of the highest calibre. I actually met most of the team through collaboration on the threat intel program, and they have a great reputation in this space.
I’ve spent most of my career in large international organisations or the federal government, and I was looking for an opportunity to have a more direct impact. It’s been exciting to be part of a team where I can contribute to meaningful change and help organisations improve their security programs.
You’ve been in the cybersecurity space for over 25 years. Looking back, what are some of the key themes or throughlines you’ve noticed in your career?
There are a few things that stand out.
One is that cybersecurity is very much a team sport. Even though we come from different organizations, there’s a strong sense of community and collaboration in the field. I’ve found that the cybersecurity network is incredibly supportive—there’s always someone who can help you out with a problem or give you advice. I’ve really appreciated working with people from diverse backgrounds, who bring different areas of strengths to help solve the larger puzzle pieces in our industry.
Another theme is the high-pressure environment, particularly in security operations, where there are 24/7 demands. You have to be alert and ready to respond quickly and that can be quite draining sometimes. That’s when you can turn to your support network to help you through challenging times, not just professionally but also sharing the emotional burden helps you realise you’re not alone in the fight.
Cybersecurity is also always changing, and there’s always something new to learn, whether it’s a new technology or a new threat. That constant evolution is something I really appreciate about the industry. It’s hard to stay across all those threats, which is where solutions like Feedly can really help narrow down the things that are really important to me, without feeling overwhelmed with all the content out there.
How did you first get into cybersecurity? Was it always a clear path for you?
When I first started exploring different aspects of IT and computing at university, I was pursuing a double degree in business and computing. My marks in business weren’t quite as good as my marks in IT, so I quickly realized that IT was probably the area that aligned more with my skills and interests. But having those strong business foundations has been instrumental to my career growth.
I remember in my final year of university, I took a course on computer security, and I was immediately drawn to it even though the text was a bit dry! What I found so fascinating was that it wasn’t just about being pigeonholed into one specific area. You could be involved in network security, application security, programming or other areas, and you had to learn a little bit about everything. That really appealed to me.
So I thought, "Why not give this a shot?" I applied for a graduate role at the Australian Bureau of Statistics, and they pretty much said in the interview, "Yes, we’ve got a spot in our team. We’d love to have you join us." So, I took the opportunity and moved to Canberra. Over the years, I’ve worked in many different areas—operations, sysadmin, engineering, architecture, strategy and governance. It’s been great because cybersecurity offers so many diverse opportunities and keeps things interesting.
Can you share any advice or tips for people looking to break into cybersecurity today?
It’s definitely a bit overwhelming now with so many areas of cybersecurity to explore, but one piece of advice is to network and learn from others. Talk to people in the industry to understand what aligns with your skills and interests. Many people start in security operations centers as Tier 1 analysts, but there are so many different pathways into the field.
I’ve seen people with skills from all sorts of backgrounds—nursing, chemistry, even customer service—make the transition into cybersecurity. I hired one guy from a cafe here in Canberra who had really great customer service and we taught him how to be a SOC analyst. He's gone on to be a good cyber security consultant.
I think it's important to know yourself and what motivates you, what your skills are and then, if you really want to make it into cyber, talk to people to understand where you can apply those things most effectively.
What’s something that your professional network might be surprised to learn about you?
Well, despite being pretty active in networking and helping others, I’m actually a huge introvert. I don’t find it easy to attend networking events or speak at conferences, though I push myself to do those things because it helps me grow and I feel I have lived experience that would help others.
It’s a bit of an internal struggle—people often tell me I’m great with people, but I have to recharge in my own ways. I think a lot of people in IT might feel the same way—sometimes you feel like an imposter, but it’s important to keep pushing yourself and listening to feedback to grow.
What’s something you’re geeking out about outside of work?
Right now, it’s all about Lego! My partner and I love building Lego sets together, and our kids enjoy it too. Over Christmas, we were all gifted different Lego sets, and we’ve been working through the Lego Botanicals set over the past year and some new sets just got released. It’s a fun way for us to connect and spend time together. Our goal is to eventually have a dedicated Lego room in the house!
