Recently, Highline Public Schools, a school district serving about 18,000 students in King County, Wash., was shut down for three days due to a possible cyberattack, according to King 5 News.
This incident might not be particularly noticeable on its own, but the alarming fact is that cyberattacks on educational institutions have started happening more frequently.
However, it should be noted that such attacks are not just confined to schools alone. They have occurred in such places as hospitals and banks in the past.
Raoul Hira, a cybersecurity expert and former cybersecurity strategy consultant for PricewaterhouseCoopers (PwC) who understands the need for a robust cybersecurity strategy to guard against such attacks, can develop and implement effective cybersecurity solutions to forestall a recurrence.
Raoul has worked with leading institutions worldwide, including PwC. His innovative approaches to resolving crisis situations like the district attack offer a unique perspective on how businesses and organizations can strengthen their defenses while navigating the complexities of modern digital landscapes.
Working on the Cybersecurity Redesign for a Children’s Hospital
Raoul’s ability to manage complex and high-risk projects has earned him a prominent role in the field of cybersecurity. Notable among them was his work on a two-year cybersecurity redesign for a children’s hospital, where he was integral to the project. The hospital once fell victim to a cyberattack that crippled essential services in patient care. Moreover, key systems of the hospital were down, and patients’ private health information leaked. Raoul stepped in during the crisis to guide the hospital through a systematic security improvement process. He worked hard to restore the hospital’s systems and rebuild trust with the patients and staff to protect them from cyber threats in the future.
“The project achieved significant results, including remediation of over 2 million critical vulnerabilities, reduction of 90% of old firewall rules, and closure of over 100 critical external auditor observations,” Raoul notes. “The project’s long-term impact on the hospital was significant. Cyber hygiene and resiliency improved dramatically, and no major security incidents have occurred since the project’s completion. This transformation not only mitigated immediate risks but also established a robust foundation for ongoing security management, ensuring the hospital can continue to provide safe and secure care for its patients.”
Resolving a Consent Order for a Leading U.S. Bank
This wasn’t an isolated success. Raoul also helped in resolving a consent order for one of the biggest banks in the U.S. At that point, the bank was facing compliance problems regarding its cloud platform and identity and access management (IAM) systems. With little time and regulatory pressures, Raoul and his team quickly moved in to strengthen the security controls of the bank in record time. This helped the bank avoid any regulatory penalties while enhancing its security tremendously.
“The project had a significant long-term impact on the bank’s security posture,” Raoul explains. “The successful resolution of the consent order not only ensured compliance but also established a robust foundation for ongoing security management. The improvements in cloud security and IAM processes have contributed to a more secure and resilient banking environment, safeguarding customer data and maintaining trust.”
Developing a Custom Framework for SaaS Applications
In addition to these large-scale innovative solutions, Raoul has the ability to develop solutions that become benchmarks in the industry. He developed a custom framework assessing the cybersecurity maturity of Software as a Service (SaaS) applications. This tool has been embraced by his clients to validate the security of their SaaS solutions and enhance overall cybersecurity hygiene. His framework reflects his deep understanding of both the technical and business sides of cybersecurity, helping organizations protect their businesses in the complex age of technology.
Developing a University-Level Cybersecurity Course
Raoul also worked for academia. In 2005, he was involved in the development of the first university-level cybersecurity course in India. At that time, cybersecurity education was significantly scarce, whether online or in the classroom. As the team leader, he spearheaded the development of the syllabus and served as the primary author for multiple domains. His efforts resulted in a detailed textbook and training presentations for the faculty. This significantly contributed to national cyber defense and information security education. “The impact of my work was immediate and far-reaching. Within the first year, over 50 students enrolled in the program,” Raoul says. “The syllabus also served as a foundation for cybersecurity programs across multiple universities in India, jumpstarting formal education in this critical field. This initiative enabled collaborations that further developed cybersecurity education nationwide.”
Leading and Mentoring Others
Raoul’s leadership extends beyond technical projects and academia. He worked for PwC for eight years, from 2015 to 2024. During the period, he led over 50 teams spread across the U.S., Europe, Argentina, and India. His teams had to evaluate cybersecurity maturity, optimize business processes, and determine comprehensive strategies for different industries. While at Tech Mahindra between 2008 and 2015, he also led the team responsible for the security of one of the major telecom providers in the U.S.
“This included leading a team of 20 people to help our customers identify critical security issues before their applications went live,” Raoul says. “Not a single cybersecurity issue was reported to have impacted the applications that we were responsible for.”
Apart from leading teams, Raoul has equally mentored the next generation of cybersecurity professionals. So far, he has helped more than 50 individuals successfully navigate their careers by providing valuable feedback and guidance, particularly when it comes to building cases for promotions.
Membership and Recognition
So far, Raoul’s expertise in cybersecurity has earned him membership and recognition in various prestigious forums. He was part of the prestigious content advisory panel of the UBK project of ISC2 to create next-generation cybersecurity standards that all cybersecurity practitioners can use to secure information systems. He is also a CISSP certification holder. Moreover, he has judged both the Globee and Stevie awards, where he has had an opportunity to assess contributions in the areas of technology and business innovations.
Achieving Success in the Midst of Challenges
“What helped me in achieving success included persistence and curiosity about how everything works,“ Raoul explains. “Others are my attraction to cybersecurity as an immersing area and ability to grasp extremely technical topics with ease and solve business problems effortlessly.”
Future Aspirations
Raoul plans to expand his influence in the world of cybersecurity and help further develop the industry. He also plans to continue his active work to support organizations facing the growing problem of cybersecurity while training the next generation of talent.
The story of Raoul Hira is that of hard work, proficiency, and commitment to create a positive impact in both the cybersecurity industry and society in general. His work continues to shape cybersecurity standards worldwide, ensuring that vital systems are safeguarded and reliable in the face of emerging threats.
