Matambila is a visionary cybersecurity leader and Regional CISO whose career spans Africa and Australia. Starting in technical support, she returned to Zambia and rose from IT Helpdesk Officer to Regional Chief Information Security Officer, driven by curiosity and a passion for protecting people in the digital world. Certified in ISO 27001, ISO 27701, PCI DSS, and a CDPO, she has earned awards including the 2024 ICT Association of Zambia Cybersecurity Excellence Individual Award and Trellix 2025 Cyber Titan Top 10 Global Women Leaders. She co-hosts HoneyPot Chats and mentors emerging talent, inspiring a new generation of cybersecurity professionals.
Recently, in an exclusive interview with CIO Magazine, Matambila shared insights into her career journey, leadership philosophy, and vision for cybersecurity, highlighting the importance of diversity, inclusion, mentorship, and continuous learning in building a strong and resilient digital ecosystem. The following excerpts are taken from the interview.
Hi Matambila. Can you walk us through your career journey and how you became a cybersecurity leader?
My cybersecurity journey began in a very hands-on way. While completing my degree in Australia, I worked as a technical support analyst for a major telecommunications company. That role gave me a strong technical foundation and direct exposure to user needs — which remains a core part of how I lead today.
When I returned home to Zambia, I entered the financial services sector, where cybersecurity isn’t just important — it’s mission-critical. I started at the IT Helpdesk, solving real-world problems on the front lines. From there, I stepped into Team Lead IT Security and Risk and Management, where I learned how technology decisions connect to business strategy and regulatory accountability.
That broadened perspective prepared me for my transition into formal cyber leadership. I became Country Head of Information Security, responsible for building a security culture and aligning cyber priorities with organisational objectives. Today, as Regional Chief Information Security Officer, I lead cybersecurity strategy across multiple countries — ensuring resilience, driving continuous improvement, and shaping the governance needed to protect our customers’ trust.
What has remained constant is my passion for elevating cybersecurity to a business enabler — and my commitment to becoming the strongest version of myself while empowering others to do the same.
What do you love the most about your current role?
What I love most about my current role is the challenge and the impact. Every day pushes me to think differently — to innovate, solve complex problems, and collaborate with diverse teams across the organisation. Cybersecurity touches every part of the business, so driving that shared accountability and enabling the organisation to operate with confidence is incredibly rewarding. It’s not just about protecting systems — it’s about empowering the business to move forward safely.
What do you think is the biggest misconception about cybersecurity, and how do you address it?
One of the biggest misconceptions about cybersecurity is that it’s purely an IT issue, only relevant when something goes wrong — and mainly in corporate environments. In reality, cybersecurity is a business issue, a people issue, and even a societal issue. Whether you’re a large enterprise, a small organisation, or an individual with a mobile phone, you’re a target in today’s digital world.
How I address this is by engaging the business in a language they recognise — risk, trust, continuity and growth. I work closely with non-technical functions to show how cybersecurity enables operations, protects our reputation, and supports innovation. When people understand the value and their role in it, security becomes a shared responsibility rather than a technical problem to be escalated.
Can you share your thoughts on the importance of diversity and inclusion in the tech industry?
Diversity and inclusion in tech — and especially in cybersecurity — isn’t a “nice to have,” it’s mission-critical. We are solving problems that affect people from different backgrounds, cultures, genders and abilities. To design protections that truly work for everyone, we must ensure the people building those solutions reflect the diversity of those they protect.
Representation brings different perspectives, lived experiences and ways of thinking. It helps us identify risks we might otherwise overlook and innovate in ways we wouldn’t have imagined alone. Inclusion then ensures those voices are not just present, but empowered to influence decisions.
Ultimately, diverse teams create stronger, more resilient technology — and a safer digital world for all of us.
What inspired you to co-host HoneyPot Chats and advocate for cybersecurity awareness?
HoneyPot Chats was inspired by a simple but important observation during the COVID-19 lockdown: as the world moved online overnight, many people didn’t understand the basic cyber hygiene needed to stay safe. My co-host, Brenda, was in Spain, I was in Zambia, and we found ourselves having long conversations about the growing risks and the gap in awareness — especially in our local market.
We realised that cybersecurity education was either too technical or simply not reaching everyday users. So, we created HoneyPot Chats to bring cyber awareness to people in a relatable, accessible way — using storytelling, real-life examples, and conversations that anyone could follow. For me, it was about empowering communities with knowledge, because everyone deserves to feel safe and confident online.
What role do you think mentorship plays in shaping the next generation of cybersecurity professionals?
Mentorship plays a critical role in cybersecurity because this industry is constantly evolving, and no one succeeds alone. Mentors carry the blueprint of a road already travelled — the challenges, the lessons, the breakthroughs. By sharing that experience, they can guide emerging professionals, help them avoid common pitfalls, and accelerate their growth.
But mentorship is more than advice. It’s about opening doors, building confidence, and helping people see possibilities they may not yet see in themselves. When we invest in mentorship, we build a stronger pipeline of skilled, diverse cybersecurity talent — which ultimately strengthens the resilience of our entire digital ecosystem.
Can you share a book or resource that inspires you and why?
A book that continues to inspire me is ‘The Professional Troublemaker’ by Luvvie Ajayi Jones. It’s a bold reminder that courage is required to drive meaningful change. In cybersecurity, we often have to challenge the status quo — speak up when something isn’t secure, push for investment, or advocate for accountability even when it’s uncomfortable.
This book reinforces the importance of fearlessly using your voice, especially in rooms where security may not yet be understood or prioritised. It reminds me that being a “troublemaker” — in the best sense — is part of protecting people, enabling trust, and leading with integrity. It encourages me to be brave, even when the easier option is to stay silent.
What are some of your passions outside of work? What do you like to do in your time off?
I’ve recently developed a love for creating content that empowers people to stay safe online — it’s a way to make an impact beyond my day-to-day role. I also enjoy reading books that challenge how we think about leadership and purpose. And when I need to recharge, I love travelling and exploring new places — experiencing different cultures and perspectives always inspires me in unexpected ways.
What is your biggest goal? Where do you see yourself in 5 years from now?
My biggest goal is to continue elevating cybersecurity as a strategic business enabler. In five years, I see myself shaping cyber strategy at a global level, developing the next generation of talent, and ensuring organisations — and communities — can operate confidently in a digital-first world. Ultimately, I want to leave a lasting impact by combining leadership, innovation, and resilience.
What advice would you give to organizations looking to improve their cybersecurity posture?
The first piece of advice I would give is to treat cybersecurity as a business priority, not just an IT issue. It requires engagement from every level — from the boardroom to front-line staff. Start by understanding your risks, aligning security investments with business objectives, and creating a culture where security is everyone’s responsibility.
Second, invest in people as much as technology. Skilled, empowered teams are your strongest defence. Provide ongoing training, mentorship, and opportunities to grow. Finally, embrace continuous improvement: threats evolve daily, so your strategy, policies, and controls need to evolve with them. Cybersecurity isn’t a destination — it’s a journey of resilience, awareness, and accountability.