In the early days of her career, Wendy Kanna wasn’t planning to go into cybersecurity. It was an openness to unexpected opportunities that landed her in the field and an innate curiosity that kept her open to those opportunities.
“Even when I was a child, I was very curious,” she says. “Having a curiosity mindset always led me to trying new things, and it led me to where I am now.”
Now at Takeda Pharmaceuticals, a global biopharmaceutical company with more than eighty locations around the world, Kanna is the global head of digital trust governance and oversight.
As she has done throughout her career, she took a leap of faith by stepping into this outward-facing position after years of running operations behind the scenes. Fortunately, her latest evolution aligns with her passion for building connections, whether in Takeda or the cyber community at large.
Originally from the Philippines, Kanna got her start by leveraging her programming background into a consultant’s role in Internet Security Systems. While conducting training in Japan for her then employer, she accepted an offer to work in the local headquarters instead of her office back home. What was meant to be a two-year stint in the country turned into almost twenty years of residence, during which time she put down roots and grew her family, as well as her career.
Prior to joining Takeda’s security operations capacity, Kanna spent close to twelve years at Citibank. She knew the jump from financial services to the pharmaceuticals industry would be a big one, but Takeda’s ethos of PTRB (“Patient-Trust-Reputation-Business”) convinced her it was the right move.
“It wasn’t just everyone talking about it; you could see it and you could feel it,” she says. “Being in security for a long time, I’ve learned how to read people. And I could sense something in Takeda that intrigued me.”
Kanna was further intrigued by the prospect of shaping a team. By contributing to the team in its early stages, she acquired an intimate understanding of both the team itself and the business units with which it partners—an understanding she has carried into her current role in governance and oversight.
In that current role, Kanna has sought to reframe security as a collaborative practice rather than a roadblock to the business. “Security is not the sole responsibility of the security team; it’s a mindset for everyone in the company,” she elaborates. “It’s critical for us to be part of the initial conversations with our business functions to ensure security by design. If we’re not part of the conversation until something is already underway, we miss the opportunity to be enabling partners, and revert to the business of saying ‘no.’”
Kanna prioritizes communication in her leadership as much as in the realm of security. “The way I approach communication differs depending on the audience and the situation. I have team members scattered across the globe, so I consider the culture of the team,” she notes.
Just as she embraces her own team’s diversity, Kanna supports Takeda’s active stance toward diversity, equity, and inclusion (DEI). “It’s great that companies like Takeda are making DEI a part of their DNA and promoting the awareness of being able to bring your whole self to work, which you can only do if the community and the space where you’re working is accepting of it,” she says.
She cites Takeda Resource Groups and the company’s involvement in organizations like the Healthcare Businesswomen’s Association (HBA) and the Executive Women’s Forum (EWF) as just two avenues through which the company has committed itself to creating a sense of belonging and empowerment central to DEI.
Beyond finding community among her fellow professional women in the EWF and the HBA, Kanna has made a point of building bridges with other cybersecurity experts since coming to Takeda. Takeda itself is a member of the Health Information Sharing and Analysis Center, as well as a cyber-centric group of over a dozen Japan-based pharmaceutical companies.
“Our companies might be competing in terms of our patients and our therapeutics, but when it comes to cybersecurity, we’re all in this together,” she emphasizes.
That real-world impact drives Kanna in her mission of attracting fresh talent and perspectives to the cybersecurity space. Perhaps, unsurprisingly, the core of her advice to newcomers is to keep an open mind.
“People think they can’t join cyber because it’s too technical or too elliptical, but there are so many other aspects of the field,” she says. “As long as you have that passion and that curiosity in you, you can mold yourself into any number of things.”