Unstoppable People - Tatyana Arnold - Security Analyst - Compliance and Governance

Milliken’s Unstoppable People series highlights Milliken & Company associates who guide us to success and embody our values: integrity, excellence, innovation, sustainability, and people.

How long have you been with Milliken?

I've been with Milliken for almost two years. My two-year anniversary will be in May. I got this job right after college. I went to USC Upstate, so across the street from RMC.

When I was in school, I was going for a degree in computer information systems. With that degree, it was basically going through different fields in the IT world. So, I learned a little bit about networking. I learned a little bit about applications and how to code, but my main interests were in cybersecurity. We learned about cybersecurity, and I just fell in love with it.

When I was offered this job, I told myself, well, this is the opportunity to take on because, if I'm already passionate about cybersecurity, this would be the perfect job.

Before I came to Milliken, I told myself I wanted to be that type of person who was ‘behind the curtains.’ I didn't want anybody to know what my name was.

I just wanted to help people without my name out there, but once I came to Milliken, that perspective changed a lot. I came in very shy, and I was like, ‘I'm just going to do my work’ because I don't want anyone to ask me anything, and I’ll just stick to myself. And I just wanted to help people without them asking, ‘Oh who was that person who really helped me,’ right?

That's what I was thinking; that was who I was going to be. But that changed. And my director challenged me to put myself out there and network with others. And at first, I was kind of nervous and thinking, ‘I don't know if I should do that.’

But I actually fell in love with it, just networking with people from different departments. And what made me fall in love with my career is teaching people about cybersecurity and what they should be aware of. That’s what I do on a day-to-day basis; it's just helping people.

Like when we get phishing emails. I investigate and just make sure if it's spam, phishing, or a legitimate email. It makes me feel like I'm a superhero, because people are like, ‘Oh, thank you. Thank you for helping me and making sure that the data is protected.’

How did you get to where you are now?

Two years ago, I started on the security operations team. It started off well, learning different things that the team has done. Getting insight into what applications we use and what tools we use. And then I joined the compliance and governance team to help us achieve ISO 27001 certification.
At first it was very challenging for me because I was just coming out of school and had no knowledge of ISO 27001. I didn’t even know what that was, so it challenged me.

It pushed me – you know, after college, you're used to a teacher teaching you – but this gave me the opportunity to do independent work, do my own learning, and educate myself on what ISO 27001 was. As part of our ISO 27001 journey, my director challenged me to take a lead role with our cyber risk management process.

He said, ‘Tatyana, you're going to be the one that leads our risk management meetings.’

And I said, ‘I just came to this team. I don't know anything about leading a team. I don't know where to start.’

But, I'm grateful that he let me have that, he knew something. He saw something in me that I didn't see.

So, for two years now, I've been leading the ‘Risk Management’ process which is a key component of the ISO 27001 standard. We had a meeting with the auditor last month, and his positive feedback on our cyber risk management made me proud of myself.

He said we took the risk management process to a whole new level. We accomplished the requirements for ISO 27001, but we also did things to exceed them.  We had zero non-conformities in all stages, and the auditor said Milliken had the smoothest initial certification audit he has ever seen.

Now that we are certified, we are helping others understand ISO 27001 and using the standard to continuously improve our program. Cybersecurity is a team effort that extends beyond IT. We've been having meetings with different departments, like HR, physical security, and application development. I’m getting to know what they do on their day-to-day basis.

They’re helping us succeed with ISO 27001, but on another side, it's helping me understand what different departments do. It has been very beneficial for me to know Milliken as a company, and now I have a new project where I'm doing cybersecurity awareness which gives me even more opportunity to get to know people outside of my area.

Now I'm networking and getting my name out there for people to say, ‘Hey, she's the girl that's doing the awareness posts.’ If you need help seeking out tips and tricks, that will be me.

What is ISO 27001?

ISO 27001 is the international “gold standard” for cybersecurity. Our certification is a strong testament of Milliken’s cybersecurity maturity to external customers, senior leadership, and other stakeholders.

Since Milliken’s cybersecurity program was chartered in 2014, we've been working to improve the cybersecurity program by looking through, searching for, and following best practices. And just making sure we meet our company’s values and delivering on our objectives.

With ISO 27001, it requires implementing, establishing, maintaining, and continuing to improve the information security management system. We were already doing the right things, but we needed to formalize it so we could be certified against a framework.

It’s just showing associates and other companies, and our senior leadership, that we have a strong cybersecurity program to protect our confidential data and to protect our associates.

The people are what I love most about working at Milliken. I am in the Women's Alliance and the New Kids on the Block. And working here it's – Yes, you're here to grow in your career – but Milliken gives me the opportunity to grow personally as well.

I remember having meetings for our Strive goals and having that as a development goal, and without Milliken, I don't think I would be the person who I am today like, I don't know if I would want to do a lot of presentations to challenge myself. It just shows that Milliken challenged me, to be my very best, to be proud of, and to be confident in myself.

One thing that my director and my manager had helped me with was not being overwhelmed with all that I had to learn. I'm trying to be on the same knowledge level as my coworkers who have 15 or 20 years of experience. It kind of scares me a little bit because of the knowledge that they have already, and I want to hurry up and get to that point.

And my director sat me down and he told me, ‘Tatyana, you’ve only been here for 18 months, and that's OK because you have your own journey to take in. You are learning your ways to understand this material. We're not asking you to get it on the first go-round. It takes time.”

I like that about my director and my manager, they are patient with me and know I’m learning.

Want to join our team of #UnstoppablePeople? Visit our careers webpage to learn more about your next opportunity.

Do you know an Unstoppable Person you’d like to recognize? Nominate them at [email protected].