magineusingasocialmediasiteforfun.Youshare
Iyourprivatepictures,videos,andotherpersonalthings withyourfriendsandfamily.Youmaybelieveitissafe todosobecauseitissolelybetweenyouandyourpal. Spoileralert:you'rewrong!
Someonecouldbeaccessingyourprivatedata,possiblyon theothersideoftheworld,watchingthephotographsthat onlyyourfriendissupposedtosee,andyouhavenoidea. Spine-chilling,isn'tit?Ifyourdataisstoredanywhere online,eveninaprivatechatroom,itispronetobeabused bycybercriminals.
Thisremindsmeofthefamousdatabreachwiththesocial mediaplatformFacebook.In2019,Facebooksuffereda massivesecuritybreach,exposingthepersonalinformation ofover500millionmembers.Thedatabasewasrumoredto havebeenpubliclyavailableontheDarkWebfornearly twoweeks.
SuchoccurrenceshighlightthenecessityofCyberSecurity sinceoureverymoveisnowcapturedandstored someplace,makingitcriticaltoprotectoursensitivedata. Cybercriminalsarebecomingmoreandmoreinventivein thetypesofcyber-attackstheyperformagainstbusinesses eachyear.
BusinessesmustinvestinandfocusmoreontheirCyber Securityframeworks,asalackofattentiontoitcanbe harmfultoyourcompany'sassetsinvariousways. Economicandregulatoryexpensesaretwoofthem.Theft ofintellectualproperty,companyinformation,andthecost offixingdamagedsystemsareallfactorstoconsider.
Regardlessofsize,allbusinessesmustguaranteethattheir employeesareawareofcybersecurityhazardsandknow howtomitigatethem.Trainingregularlyandastructureto workwithshouldbepartofthistoreducethechancesof dataleaksorbreaches.
Thecyberattacksweareseeingtoday,inmyopinion, areonlythetipoftheiceberg,andtherewillbemore tocome.We,ashumans,havenoideahowsevere cybercrimescanbeorhowtheycanalterourdaily lives.Governments,businesses,educational institutions,non-profits,andotherorganizations requireaCyberSecurityframeworktoprotecttheir information.
Asthenumberofcyberattacksissurging,sodoesthe appealoftheCyberSecurityspecialty.Tocombat cybercriminals,theworldneedsmoreCyberSecurity technologiesandupdatedsolutions,asitishardto predicttheirnextmove.
Featuredonthecoverofthisedition, “10 Most Influential Business Leaders in Cyber Security, 2022,” isVictorCheah,theCEOofVigilantAsia, aleaderwhoisdeliveringworld-classCyber Securitysolutionstocombatthethreatsof cybercriminals.
Learnaboutthecontributionsofsuchpersonalitiesin theCyberSecurityworldbyexploringmoresimilar andexcitingstories.
Readoureditorialstaff'swritingsandtheCxO perspectivesofsomeoftheindustry'stopexecutives togaininsightintothefield.
AriJacoby
FounderandCEO
DebraBaker DirectorofInformation Security
ElenaElkina Partner&Co-founder
GregTaylor CEO
KavyaPearlman
Founder&CEO
LoriSussman
AssistantProfessor
MathieuGorge
FounderandCEO
NirAyalon CEO
NiteshSinha
FounderandCEO
VictorCheah CEO
Deduce deduce.com
Deduceisfocusedondemocratizingcybersecurity,riskand fraudtechnologies.
RedSealthroughitscloudsecuritysolutionandprofessional serviceshelpsgovernmentagenciesandGlobal2000 companies. RedSeal,Inc redseal.net
AleadaConsulting aleada.co
Sertainty sertainty.com
Universityof SouthernMaine usm.maine.edu
Aleadaiswomenandminorityownedprivacyandinformation securityconsultingfirm.
SertaintyCorporationisaNashvillebasedtechnology company
XRSafetyInitiativeisaworldwidenot-for-profitcharitable organizationfocusedonpromotingprivacy,security,ethicsin XRdomain.
UniversityofSouthernMaineisapublicuniversitywith8,000 undergraduateandgraduatestudentstakingcoursesonlineand atcampusesinPortland,GorhamandLewiston-Auburn
VigiOneenableorganisationstoachieveandmaintain compliancewithlegal,industrialandsecuritystandardsand frameworks.
Cydomeprovidesaward-winningcybersecurityandprotection tothemaritimeindustry Cydome cydome.io
SacumenspecializesinworkingwithSecurityProduct Companies. Sacumen sacumen.com
VigilantAsia vigilantasia.com.my
VigilantAsiaisaManagedSecurityServiceProviderofferinga fullrangeofcybersecuritysolutionsandservices.
Victor Cheah CEO
Aprofessionaljourneythatbeganin1992thatshone overthedecadesachievingseveralmilestones; servingeverybusinesswithoneessentialaspect: trust,VictorCheahhasmadehismarkonthebusiness world.TodayastheCEOofVigilantAsia,Victoriskeen ondeliveringworld-classsecurityservicestailoredto protectyourorganizationagainstthethreatsoftodayand tomorrow
InsightsSuccesscaughtupwithVictortofindthemost influentialbusinessleadersinthecybersecurityniche.We interviewedhimtoknowabouthisremarkablejourneythat hasnowcurvedtowardssecuringpeople'sfuturefromcyber threats.
Unveilhisthreedecadesclimbuptheladder!
Victordabbledinseveralindustriesgoingthroughvarious challengestofoundEfficientE-Solutions,whichinitially wasamailinsertionbusiness.However,whenthe opportunitystruckduringtheAsianfinancialcrisis,the companytappedintodocumentmanagement.Afterthe financialcrisis,theregulatorsinMalaysiastartedtoallow financialinstitutionstooutsourcetheirnon-coreactivities, non-decision-makingactivities,managingsensitive documents(printing),whichgaveVictoraleadingstart.He states, "The sensitivity part about it is that the data confidentiality becomes paramount in all things. So, the bank has to trust you, right, for them to pass on - while it's a non-decision-making, but I think it was a critical enough mission within their system that they needed to make sure that the partner they choose."
Victor'spathtosuccessspannedoverthenext20years, expandingonecustomeratatimeuntil2016,whenhe decidedtosellthebusinessthatgrew,covering80%ofthe marketshareinthefinancialservicessectorinMalaysia.
Victorbelievesthatsuccesscomestothepeoplecommitted tothecause.Thisvaluewascarriedwithhisteam, supportingVictorinhiscybersecuritydrivewithVigilant Asia.Hemaintainstheconsistencyandintegritywith everythingthatVigilantAsiaoffers,resemblingitsslogan "Name you can trust," becomingoneofthecriticalsuccess factorsforitssuccess.VigilantAsiaiscommittedtoits
client24/7/365,operatingatthehighestlevelkeepingits teamontheirtoenailstodeliverstreamlinedsolutions.
Victor'sfarsightedvisionofadigitalworldanditspotential problemandsolutionbirthedVigilantAsia.Whenthe pandemichittheworld,itacceleratedthedemiseof paperless,givingrisetoremoteworkcultureandseveral securitythreats.VigilantAsiacouldhavetappedintoan arrayofstuff.However,thetechnologychangesrapidly; thus,withhisteam,decidedtheirnextsteptopreventthese threatswithinnovativesolutionsthatidentifiedand resonatedwiththecompany'sDNAoftrust.
Victornotes, "We're not here for the overnight success; we're here for the long haul." Hewantstobuildastrong practice,simultaneouslymakinganameforVigilantAsia. Hefoundthat95%ofthemarkettalkingaboutdigital transformationlackedonecrucialingredient;theydidnot understandsecurityenough.Heintendstobea cybersecuritypartnerinsidealargeorganization.Theyoffer visibilitycomparedtosubstantialvendors,service providers,ortheMDRspace,havingexpensivesetups lackingvisibilitytowardsmicro-enterprisesrequiring resilience.Victoraimstoachievethisgoal,ensuringto educatethespaceenoughtomoveforwardtocreating servicepackagesthatarebestatareasonableprice.
Despitebeingarelativelyyoungcompanyinthespaceof cybersecurityascomparedtootherpeersintheniche, VigilantAsiahasimprinteditsnameandvolumeby buildingthestackaroundbestpractices,reachingoutto globalcertificationbodieslikeCREST,goingbeyondthe standardrequirementsoftraditionalcybersecurity practitioners.Sinceitsinception,theVigilantAsiateam realizedthatmuchbiggerbrandedCIOsresearchpeople's reports.So,itstartedengagingwithGartner,receiving feedbackfromtheanalystsfollowingtheglobalguidelines, focusingonthedealscreatingmorevitalbranding.
VigilantAsiahasassociatedwithMicrosoftinMalaysiaas managedpartners,constantlyimprovingtodeliverunique solutionsfocusedonsecuritystack.,increasingits capabilitytogetessentialdealswithMicrosoft. Additionally,VigilantAsiaispartneringwithlarge organizations andhasonboardedtwotelcosinMalaysiato pushitsmobile-securitysolution.
lot of these partners, they have their relationship with their customers, in which we may need time to build. I think working through partners is always going to be important your net can be cast a lot wider."
VigilantAsiaistheonlycompanyinMalaysiathatprovides mobilethreatdefensesupport,coveringthewholespectrum ofthedigitaljourney,movingfromblueteamingtored teamingsolutionsasaservice.Itstrivestobeatopservice
providerworldwide,aspiringtobeonthe upwardtrajectorykeepingupwiththelatest trendsandexpandingitsbrick-and-mortar asahomegrowncybersecuritycompany thatwillreachoutbeyondtheshores.
Victoradvisesaspiring entrepreneurstostayfocused ontheobjective.Hesays, "It's not only in cybersecurity but also across any other industry. People try to be focusing on too many things. But every time we do that, we need to remember to pull ourselves back to the center. It's always easier to see things from the center than to be too left or right. It's always good from the center."
Victorcontinues, "You get a better overall view of where you are today And staying focused is one of those key aspects of success for any business. It's evident in the space in the West, as far as cybersecurity companies are concerned, all the recent big guys who have gone listing, they have stayed focused on one area. Obviously, no one cybersecurity company in the world can tell you they have solutions for every problem."
"That's where we come in and say, No, you don't need to have the product, you can buy the services, and someone like us will be able to put it together and provide you with the whole nine yards," concludesVictor.
nourendeavortofind “Most Influential Business
ILeaders in Cyber Security, 2022”, wecrossedour pathswithAriJacoby,theFounderandCEOof Deduce WegotintoconversationwithAritolearn moreabouthowheandhisteamatDeduceare protectingbusinessesandtheirconsumersfromidentity fraudthreatswhilesimultaneouslycreatingmoresecure, frictionlessexperiences.
Accounttakeover(ATO)attackstakeplacewhenfraudsters gainaccesstoavictim'saccountandleveragethataccessin ordertostealfunds,information,rewards/perks,make purchases,orleverageapplicationfunctionalityforother formsofintendedgain.
Itisanunfortunateconditionthataplethoraofstatic identitydatahasalreadybeenbreachedduetomassive historicalattacks,andtheavailabilityofsuchdataonthe darkwebcontinuestoflourish.Thisstaticidentitydata extendsbeyondcredentials,oftenlinkingstaticcredentials withdigitalfingerprints.
Thesereadilyavailableattributesenableanadversaryto extendtechniquesbeyondcredentialvalidationattacks, leveragingfracturepointssuchasaccountrecovery processesoraccesstoanindividual’semailaccountto successfullycompletetheirattacks. Asmorecompletedataattributesaboutanindividual becomeavailableandlinkedovertime,thisresultsin decreasedcomplexityandcostrequiredtosuccessfully executeATOandmakesthisformoffraudmoreattractive tobadactors.
Moderntechniquesbyattackersunderminetheintended goalsoffriction.Ifidentityandauthenticationcontrols predominantlyrelyonstaticdatatopreventATO,an organizationisatalonger-termdisadvantage.
HowdoestheDeducesolutionaddressthisATOrisk?
DeducehascreatedtheDeduceIdentityNetwork,a consortiumofover150,000+participatingwebsitesand appswiththeobjectiveofsourcingthemaximumamount ofreal-timeactivitydataforagivenuserastheytraverse theinternet.Itsintentistospecificallyrivalthevisibility andscaleonlypreviouslyseenatinternetgiantsandto commercializeanofferingforriskteams.
“We build developerfriendly tools that empower businesses to do their part to keep their users and communities safe.”
Withover450Muniqueidentityprofilesandcollectively generatinginexcessof1.4Bdailyinteractions,Deducesees themajorityoftheU.S.populationtransactinreal-time, severaltimesaweek—basedonfourprincipalthreat vectors:device,network,geography,andactivity.
BuiltontopoftheDeduceIdentityNetwork,Deduceoffers twosolutionstocombatATOfraud:
1. Identity Insights — Risk&Trustsignaldatatoempower riskteamswithadev-opsfriendlyapproachtomanaging identity/authenticationrisk.
Thedataincludestelemetryfromreal-timeactivity informationpackagedintorisksignals(ImpossibleTravel, DeviceDowngrade,UnfamiliarDevice,PreviouslyUnseen
Email,etc.),trustsignals(FamiliarNetwork,Familiar Device,FamiliarCity,FamiliarActivity,etc.),orscoresfor simpleingestionintoariskengine.
TheDeduceIdentityInsightssolutionisintendedtobeused asahighfidelityapproachtoidentifyingsuspiciousactivity whiledecreasingunnecessaryfriction.
DeployedasanAPI,Insightsisconsumableinanyrisk engine,CIAM,orapplicationstack.Deduceistypically consumedatregistration,authentication,checkout,andrisk momentssuchaschangeofprimarycontact(email,phone).
2. Customer Alerts — DeducesendsanAlert—typicallya first-partybrandedemail,asynchronously,onbehalfofthe Deducecustomer—totheirend-usersonsuspiciouslogins toenableaproactivestanceagainstATO.Customersare promptedtoconfirmordenytheactivity Anegative selectionwillcauseallactivesessionstobeterminatedand proactivelyenableausertoresettheircredentials.
Deduce’ssystemisdesignedtocorrelateevent-level telemetrydata,augmentativedatasources,andfirst-party feedbackdata,tocreatehundredsofdatafeaturesonadatadrivenplatform.Wederivetheseinsightsbydeployingcode directlytousertouchpointsacrossthewebwhile aggregatinginformationinasecure,encrypted,and privacy-compliantenvironment.
Historicalfeaturesusedinourmodelprovidepredictive analyticsonuserbehaviorbasedonaccesspatterns— devicesusersleverage,geographiestheysigninfrom, networkstheyfrequent,securitypreferences(privacyconsciousindividualstypicallyleveragingVPN,for instance),andactivityacrosstheweb.Thisvisibility facilitatesdynamic,real-timeresponsestohumanbehavior whilestoppingfraudstersandbadactorsintheirtracks. Forinstance:
Ø Ifauserisseensuccessfullyauthenticatingatdozens ofwebsitesfromanewcityinthelastday,itcanbe inferredthattheuseristraveling.Deduce’ssystem referenceagainstsuccessfulATO(fromitsfirst-party Alertsandfromnetworkbehavior)beforeproviding thisinsighttotheenterprise.
Ø IfagivenIPthathasbeenshown(and confirmedbythird-partysources)tobea benignresidentialIPnodesuddenlysees aspikeinhigh-authenticationfailure ratepairedwithmanynewattempted usernames,itcanbeinferredthatthere ismaliciousactivity(typicallyindicative ofcompromisednode).
Deducerecognizesthatriskdatais continuouslyevolvingandmaintainsarich solutionthatprovidesusermetadata,trust andrisksignals,andscoring,providing never-seen-beforedataandexplainabilityto security/fraudforensicsteams.
Poweringalonglistofusecases,Deduce’scustomersuse thistechnologytosolveanarrayofcybersecurityproblems, suchas:verifyingthattheuserbehindthescreenisreally whotheyclaimtobe,optimizinguserexperiencesby removingauthenticationfriction,orstoppingfraudstersat authentication.
Tellusmoreabouthowintelligenceisusedtopower yourprocessingalgorithms?
Deduce’sgreateststrengthistheabilitytocorrelatedevice, networkandgeographicalinformationagainstaparticular accounttobuildpredictivetelemetryabouttheexpected behaviorofanindividual.Usingacombinationof statistical,unsupervised,andsupervisedmachinelearning models,thisallowsustounderstandthespecific characteristicsofspecificactorsandimpostersover hundredsofdatafeaturesinthedigitalworld.
Forexample:
Ø Statisticaldatafeaturesestablishbaselinebehaviors acrossthedimensionsofactivity,network,geography, anddevice,inthecontextofindividualactivity This createsabasicunderstandingofaparticularuser’s behavior
Ø Unsupervisedmachinelearningmodelsobserveuser activityinreal-time,continuouslydeterminingtrust andriskfactorstofacilitateimmediatecybersecurity responsestoquicklyevolvingthreats.
Ø Supervisedmachinelearningmodelsaugment Deduce’sunderstandingofparticularfraudprofiles, blendingfraudfeedbackdatawithobservancesacross thenetwork,tosurfacespecificthreatactors.
Usingafullyhorizontallyandverticallyscalable deploymentmodel,Deduceisabletoprocessbillionsof transactionsdailywhilemaintainingblazing-fastresponse timesacrossitscloudinfrastructure.
Doyouhaveanypredictionsaboutemergingcyber threatstobusinessinfrastructure?
Identityfrauddoubledfrom2019to2020,withthenumber ofdatabreachesreachinganall-timehighin2021–and thosenumbersarejustgoingtogetworsein2022asmore peoplebrowse,transact,andshareinformationonlinethan everbefore.
Asfraudstershavebecomeincreasinglysophisticatedand strategic,outdatedapproachesandimplementations requiringmonthsofplanningandimplementationnolonger work–increasingly,themosteffectiveanti-fraudtoolsare thosethatsupportagiledeploymentinhoursandthatcanbe adaptedquicklytoaddresstheconstantlychangingthreat landscape.
Itisimperativethatweallbandtogethertoforma collectivedefenseagainstonlineadversaries,andleverage systemsdesignedwithknowledge-shareinmindtodefeat attackersastheyevolve.Deducebelievesthatreal-time, dynamicallynetworkeddata,withthelargestpossible activityconsortium,willprovidemorerobust,longer-lived defensesagainstbadactors.
Inc.
Thewebofcybersecurityhasbecomewidespread globally,butitstillhasitsflaws,makingit vulnerabletonumerousthreats.However, cybersecurityprofessionalsareconsistentlyuppingthe gameandinnovatingnewwaystoeliminatethesethreats whilealsoprovidingtransparencyacrosstheservices.One suchprofessionalwe,atInsightsSuccess,cameacrossis DebraBaker,Sr.TechnicalProgramManagerat RedSeal.
Inherrole,DebrahelpsherclientsuseandadoptRedSeal productsandservicestoimprovetheircybersecurity posturebyprovidingcybervisibility,compliance,andrisk management.Inaddition,shealsomanagesproduct-related governancesuchasFIPS140andCommonCriteriaby coordinatingwiththird-partyvendorsandengineering.She alsoisresponsibleformanagingtheSOC2andFedRAMP certificationsforRedSeal'sCloudSecurityPosture Management(CSPM)productStratus.RedSealStratus enablesorganizationstounderstandandsecuretheircloud andhybridcloudenvironments.
OneofDebra'srolesistomanagelarge-scaleenterprisewideRedSealdeploymentsprovidinginfrastructure visibility,awareness,andsecurityofhybridnetworks, includingon-premises,cloud,andhybridcloud.Sheisalso
thecreatorandleadsaCyberProtectionTeamatRedSeal thatreviewsthelatestthreatsandvulnerabilitiesandwrites threatsolutionbriefsguidinghowtouseRedSealtodefend fromthelatestthreats.
OneofthebiggestchallengesDebrafacesisgettingcrossdepartmentcollaborationatcustomersites,whereshehasto workwithcustomerteamsonintegratingRedSealintothe customer'sbusinessprocesses.Shestatesthattotrulyhave asuccessfulRiskManagementprogram,thenetworking (on-premisesandcloud),security,vulnerability management,andcomplianceteamsmustworktogether Oneneedstohavecollaborationbetweentechnicalteams andleadershiptobecyberresilient.
Debrasays, "Leaders need to be prepared to hear the good and the bad. Having a manager that says you can be yourself, with both the positive ideas you have and the complaints you have, is empowering. Giving this freedom of thought and inclusivity leads to innovation. Now you feel confident in sharing ideas that you may not have in a stifling environment." Thatsaid,shementionsthatleaders namedRameshKazaatRedSeal,AshitVoraatCisco,and KristinaRogersatEntrusthavealwayssupported, challenged,andallowedhertoexpressherideas.
Besides,thebookseriesPrimalLeadershipbyDaniel GolemanhasopenedDebra'seyestotheextenta manager–whethergoodorbad–canhaveonaperson's careerandevenhomelife.Inheropinion,thisbookisa handbookforwhatmakesamanagergoodandbad.Primal Leadershipmakesitclearthat"Leaderswhospreadbad moodsaresimplybadforbusiness—andthosewhopass alonggoodmoodshelpdriveabusiness'ssuccess.”
AccordingtoDebra,thebookFindYourWhybySimon Sinekbringstogetherworkandpassionsrelatingtoone's
job.Her"WHY"isthateveryonedeservestohaveprivacy whileonline.Knowingthatsheworksincybersecurityand helpscompaniessecuretheirnetworksanddatathrough goodcyberhygiene,segmentation,andstrongencryption keepsDebrapassionateaboutherjob.
Debrasays, "It's great to work in a field where I am helping businesses secure their networks. Through the Crypto Done Right non-profit I founded in collaboration with Cisco and Johns Hopkins, I provide cryptographic guidance in easyto-understand language of what encryption algorithms and ciphers are recommended for non-cryptographers.”
Sheadds, "Never let a bad manager bring you down. Learning how not to let detractors negatively affect you is paramount as you navigate your career. There is always something better just around the corner. Take those situations and learn from them and move on."
Debraistotallyinforapositiveworkenvironment.Inher opinion,everyonehastobeauthenticbutwithapositive slant.Sheisaglass-half-fullkindofapersonwhotriesto seethepositiveineverysituationevenwhenshegets boggeddown.Sheensuresthateachpersonhasachanceto expressthemselveswithoutretaliationandinarespectful way
Debrathinksthatemployeesshouldbeabletoopenly expresstheirideasevenwhentheygoagainstthestatus quo.Thereshouldnotbeafearofretaliation.It'sthe"yes" culturethatleadstoconformityandstopsinnovationand newideas.Managementhastobeopentohearingthegood andthebadandnottakingitpersonally,butinsteadtaking thatinformationandlearningfromit.
WhenDebrawasaskedtoco-foundtheLeagueofWomen inCybersecurity,shejumpedatthechancetotrainwomen inCybersecurity.Itwasgreatforherbeingabletogive backandtrainotherwomenfromwhatshehaslearnedin cybersecurity.OnewomanwhowasinspiredbyDebra,got herMaster’sinCybersecurityandgotajobatAWS.It makesDebrahappywhensomeoneshehelpedalongthe wayissosuccessful.LeagueofWomenalsohelpedwomen navigatehowtomoveintothecybersecurityfield.
AtRedSeal,theCEO,BryanBarney,isallaboutpromoting equalrightsforallandrespectingpeopleofdifferent backgrounds.Oneofhisfirstinitiativeswastosetupa DiversityandInclusionCounciltoensureeveryoneat RedSealisheardnomatterwhatposition,gender,race,or sexualorientation.
Debra'svisionforRedSealistopushforwardthecompany tobecomecloud-centric.RedSealStratusisaCloud SecurityPostureManagementSaaSplatformlaunchedin August2021.Manycompaniesaremovingtheirdata centerstothecloud.Inaddition,RedSeal'sadvanced cybersecurityanalysiscapabilitiesandnamerecognitionis knowninthecommercialspaceaswellasitisinthe Federalspace.RedSealisthebest-keptsecretsecuring well-knowncompanies,aswellasmilitaryandfederal agencies.
DebrarecentlycreatedaCommonCriteriaforDevelopers LearningPathforInfosecInstitute.Ifyouareresponsible foranupcomingCommonCriteriaEvaluation,area developerhavingtomakesoftwareupdatestoensureyour productisCommonCriteriacompliant,orareanew employeeatanevaluationlab,thenthislearningpathisfor you.
SheisalsowritingabooktitledaCISO’sGuidetoCyber Resilience.It’sahandbookforaCISOtoknowwhatsteps totaketosecuretheircompany’snetworkandtorecover fromanattack.
Debrabelievesthateverywoman-ownedbusinesscan applyforgovernmentcontractssincewomenareminorities. Shesays, "There are great women-based networking opportunities at the Grace Hopper Conference, which is the largest women's conference in the world. Every company that you can think of is represented there.”
"For women moving into information technology, Cybersecurity, and programming, Grace Hopper is a great place to find a job. Also, the Women in Cybersecurity annual conference is not only a great place to find women to hire, but also network and advance in the cybersecurity field," concludesDebra.
Aleada'sworkassessesclientcompliancerequirements,and ithelpsthemaligntheircompliancestrategywithbusiness goals.There'salotofplanninginvolvedtobuildsolid personalizedprivacyprogramandasignificantamountof trainingthatkeepsitengagedwithclients.Elenatruly understandsaclient'sbusinessandcanadaptcompany programstomeettheirchangingneedsfast.
Elenastatesthatcomplianceiscomplicated.New regulationsseemtopopuplikemushrooms. Mismanagementcouldresultinfines,ruinedreputations, andworse.Anotherobstacle:Compliancerequirementscan getinthewayofbusinessprogress.Also,whatworksfor oneclientwon'tworkforanotherclient.
Elenaaddsthateveryclienthasasetofstrengthsand weaknessesandtheonlyrealwaytocreateasoliddata privacyprogramistodoadeepdiveintotheirbusiness. Whoaretheircustomers?Whatsortofsystemsarethey using?Wherearethethreatscomingfrom?Cantheirneeds
beaddressedwithnewtechnology,newpersonnel,new procedures,oracombinationofallthree?
Aleada'sbiggestimpactcomesfromwhatsomemightthink isthesmallestofthings–itlistenstoitsclient'sconcerns.It auditstheirsystems,processes,andteamsbeforebuildinga customprivacyandinformationsecurityprogramthat's perfectfortheirbusiness.
Elenaisconvinceditisthecompany'spersonalapproach andherteam'sexperiencethatwinsnewbusiness.Its reputationisoutstandingandgetsnewbusinessfromclient referrals.Elenasays, "You cannot help a client build a strong privacy and security team without showing them you have one too, and Aleada does.”
ElenastatesthatAleadahelpsitsclientswithitscore servicesbybuildingprivacyandinformationsecurityinto theirproducts,services,overallcomplianceprogram,and companyculture.Ithasbeenfocusingoncreatingglobal privacyanddataprotectionprograms,includingdeveloping andimplementingregulatoryframeworks,risk/gap assessments,maturitymodels,long-termroadmaps,and dataprotectionpolicies;designingandemployingdeidentificationandPrivacybyDesigndatahandling processes.Italsoworkswithdevelopmentandbusiness teamstobuildcloud,web,andmobileconsumerand businessproductsacrosstheglobe.
Elenanoticedthatwhenfacedwiththeneedtosetup somethingcomplexquicklyorfaceliabilityrisk,itis commonforcompaniestoturntolawfirmstopickupthe slack.Areasonablereactionoftenresultsina patterned/checklist-drivenapproachindealingwithrisk managementinsteadofbuildingandimplementingits privacyandinformationsecurityprogram;legaland complianceshouldcomehandinhand.Asaresult,a growingpremiumisplacedonprivacyandinformation securityoperationalandstrategicexpertise.Thisiswhat Aleadadoes.
Ithasbecomeanecessaryassetforanycompany,nomatter theindustrysector,itsmaturity,ortargetmarket, specificallyfordisruptivetechnologiesinthefuture.Elena expressesthatAleadamustfocusontheintersectionof technology,datastewardship,andcompliance,asaprivacy andinformationsecurityfirmtostayaheadoftheindustry andsupportbusinessgrowth.
AslongasElenaseesherselfonabeachintheMaldives enjoyingherwaterfronthomeinherfuture,shewantsto createfundamentalchangesbybringingmorediversityto theever-growingprivacyandinformationsecurityindustry asalonggoal.
ElenahopestogrowAleadatohelpanincreasingnumber ofclientswithoutlosingthenotionthatlisteningismore importantthanspeaking.Thecompany'spersonalized approachtodevelopingcustomprivacyandinformation securityprogramsforitscustomerscreatesthemostvalue foritsclientsandcompany,whichgivesElenajoyin everythingshedoes.
Elenaadvisesbuddingwomenentrepreneurstospeakup, partnerup,andknowtheirvalue.Shesays, "Demand value be placed on the job at hand and not your gender. Be bold and ethical. Show competence and leadership. And this isn't just about the privacy and security sector; it's about life," concludesElena.
AquotebyStephaneNappo, "It takes 20 years to build a reputation and few minutes of cyber incident to ruin it," accuratelyemphasizesthe significanceofdatasecurityinthetechnologicalera.
Anorganizationcannotdefenditselfagainstdatabreach operationswithoutacybersecurityprogram,makingitan easytargetforcybercriminals. Thesecriminals’strategies arebecomingmoreadvancedthantraditionalcyber defenses,sobusinessleaderscannolongerrelyonlyon out-of-the-boxcybersecuritysolutionslikeantivirus softwareandfirewalls.
UnderstandingtheimportanceofdataprivacydroveGreg TaylortostartSertaintyCorporation,acompanythatbuilds privacyintelligencedirectlyintodatatomakedataprivacy guaranteed,demonstrable,andmanaged.
SertaintyCorporationoffersadvancedtechnologythat embedsadatafilewiththenecessarysafeguardsand managementmodulestodefendagainstunwantedaccess.
AManwithaMission Earlyinhisentrepreneurialcareer,GregfoundedTaylor Associates,aprofessionalsearchandrecruitingcompany thatrevolutionizeddataprocessing.Thiscompanyinspired himtostartDatamanServices,adataprocessingsystems analysis,softwaredevelopment,andconsultingservices organizationgearedtowardstheveryearlystagesof
cybersecurityanddataprotectionthroughpropersoftware developmentandimplementationoftheappropriate standardsandprocedurescompany-wide.
UponfoundingSertaintyOneCorporation,thepivotof SertaintyCorporation,hebroughttogetherthefounding teamthatnowensuresexceptionaldevelopmentand commercializationofself-governingdata.
Earlyon,Gregandhisteamwereconfrontedwithdoubt abouttheirabilitytodeliverontheirpromises.Herememberscommentslike, "Technology is not that far advanced." Thechallengethenbecametoconvincetheseorganizations toconducttheproperduediligenceandinvestthetimeand resourcestoseethatSertaintytechnologycouldtruly protecttheirinformationbybuildingprivacyintelligence directlyintothedata.Whilethisskepticismledto resourcingconstraintsandchallengesatSertaintyfora period,theyovercamethesehurdlesbypatentingtheir
customizablesolutionintheUS,Japan,andKoreaand buildingvaluablepartnershipsthatfurthervalidatedtheir approach.
Havingdealtwithincredulityanddoubt,Gregnowadvises youngentrepreneurstohavefaithinthemselves.After workingininvestmentbankingforover14years,Greghas observedthateveryoneunderestimatesthevalueof financial,family,andcommunitysupport.Tobea successfulentrepreneur,youmustbewillingtotakerisks.
Gregshares, "You must have a special kind of grit to survive, much less succeed. You will get told no 300 times, but it takes one yes to begin down a path that could change your life."
Everybusinesshasitsownsetofvaluesthatinfluencehow itoperates.ThemissionatSertaintyrevolvesaroundthe Zero-TrustPrinciple;nevertrustandalwaysverify This principlemeansnodeviceoruserwilleverbetrusted,anda verificationprocessisalwaysrequired.
Asdeep-techcyber-innovators,theSertaintyteam’smission istoofferbreakthroughself-protecting-datatechnology.Its cutting-edgeDevSecOpsteamscandeployaproactiveand self-mitigatingdata-centricstrategythatassuresthesafety andsustainabilityoftheconvergingOTandIT environments.
AtSertainty,theypackageanddistributetheirmainproduct inaSoftwareDevelopmentKit(SDK).TheirSDKincludes alltheApplicationProgrammingInterfaces(APIs)needed tobuildasecureSelf-ProtectedDatafile.
Inshort,thisSDKwillhelpcustomersbuildhighlysecure applicationsforprotectingdata.
WithSertainty,clientsandpartnerscancreateacompetitive differentiatorwithcustomersandregulatorswhowantmore thandataprivacypromises.Establishingandretaining customertrustandtakingasustainableapproachtodata privacyregulationsareoftheutmostimportancefor businessesworldwide.
VerifiedbyindustryleaderVeracode,Sertaintyhas discoveredandpatentedawaytoembeditsprogramming languageandexecutablecodesothat"onesandzeros”are indistinguishablebythebesthackers.
Whentested,theSertaintypatentedDataPrivacyPlatform receivedthehighestscorepossible:VL5,100%inStatic ApplicationSecurityTesting(SAST)andManual PenetrationTesting(MPT).
Technologyiscriticaltothegrowthofpracticallyevery industry,progressivelyplayingamoresignificantpartin oursociety,fromcybersecuritytoagricultureandfarming.
Sertaintyrecentlyreceivedpatentsforitsintelligentcipher transferobject(ICTO)inJapan,Korea,andtheUnited States.OneofitsdataprivacyplatformpartnersisTexas StateUniversity'sCIEDARprogram.Theprogram developssmartcitiesintegratedwithsolarfarms, autonomousvehicles,andsmarthomes.Whileprogressing towardhumanadvancement,Sertaintyensurestheirdata andprocessesaresafewithself-governingdataonthe backend.
Technologyisever-changing,andonemustkeepupwithit tostayrelevantinthetechindustry.Manybusinessesin dataassurancearen'tbeholdentoanindustry-standard insteadoffocusingonmarketingtogainnewcustomers. Thereneedstobeabetter-structuredstandardofoperation fordataassurance.Whenthereisabreach,thesebusinesses facenorepercussionsandgivenoclearroadmaptoclients onhowtoensurethatadatabreachwon'thappenagain.
Sertaintybelievesthebestwaytoprotectvaluabledataisto haveitsplatformstestedandgradedbyindustryexpertslike VeracodeandkeepitsB2Bclientsuptodateonthelatestin dataadvancementsandpractices.Educatingyourclients enablesthemtomakeinformeddecisionsregardingtheir valuabledata.
Gregadds, "When they know your business has been judged according to an industry-standard, it increases their confidence in your ability. It's time for businesses to stop keeping their clients in the dark and work together to shine
a light on how they can make better, actionable decisions around data protection."
AtSertainty,whentheylookintothefuture,theyare lookingsixmonthstothreeyearsfromnow.Inthe cybersecurityworld,threeyearsisalongtime.The companyisworkingtowardsapublicofferingand evaluatingfuturepartnershipswithrenownedWallStreet firmsthatcouldrepresentSertaintyinaprospectiveM&A transaction.
Also,Gregpredicts, "Over the next 18 to 24 months, we will have tremendous pressure on us to sell the company. I say this because of the increased interest we have already seen in Sertainty, and I believe that will only grow. We are getting traction in these areas, and the company is becoming more valuable."
Concerningitsinternalgrowth,thecompanywillcontinue toadvancethecapabilitiesofself-governingandselfprotectingdata.Manyorganizationsarelookingtoadopt theZero-Trustmodeltosolvedatasecurityneeds. However,theyforgetthatitisn'tacookie-cuttersecurity model.Instead,it'samethodologythatneedstoevolve consistently Theabilitytoaccommodatethosefast adaptationsmakesSertaintystandoutintheZero-Trust cybersecurityindustry
"The advice I would give to any entrepreneur is this; if you've got a vision and you believe that you are called to that vision — and I do mean called, something that's burning inside of you and you cannot say no — and you're willing to risk everything you've got, then go for it!"
Finally,Gregalsoaddsthatoneshouldneverburnabridge asyouneverknowwhenthatrelationshipwillcomeback andbebeneficialtoyouandyourcompany.Theteamis critical.Youcanhavethebesttechnologyontheplanetand millionsofdollarsinvestedinit,butifyoudonothavea 100%committedteamthatsharesyourvisionandpassion, youwillfail.
hatsetsgreatleadersdifferentfromtherestis
Wtheirsheerabilitytothriveevenamidstgreat challenges.Theyarenotafraidofchallenges.In fact,theyliketobepartofsolutionstothechallenges. Greatleadersaredifferentfromordinarypeople.Theydon’t thinklikeordinarypeople.Theyhaveout-of-the-box thinking.Theythinkinnovativelyandplanstrategicallyto executetheirideasandworkpassionatelytodeliver gloriousbusinessresults.Theyfigureouttheproblems,and theiraimistodeliverthebestsolutionsandensuretheir clients'problemsareresolved.
Greatleadersbecomegreatbecauseoftheirgreatattitude. Theirexceptionalattitudehelpsthembeascleverasthey canfordeliveringsolutionsthatareofhighqualityandare moreappreciatedbytheclients.Thatmakesthemthemost eminentleadersintheindustry.Theyearncredibilityinthe industrybytheirexceptionalabilitytodeliversolutionsto thechallengesinamoreprofoundwaythatmeetsthe expectationsoftheirclientsintheindustry.Theyleadwith thegloriousreputationtheyhaveearned,andtheytrytheir levelbestorbeyondthattosustaintheirreputation.
Thecybersecurityindustryhaswitnessedsuchcontributions fromvariousingeniousminds.Andamongthoseleaders, womenleadersareplayingthemostprofoundroleby deliveringthebestsolutionstothebusinessesandthe clientsforensuringthesafetyandutmostprotectionoftheir data.Theystrengthentheprivacyandsecurityofthemost valuabledataoftheirbusinessesandclients.Theymake surethattheirsolutionsplayanimportantroleinpreserving thesafetyofdata.
Dataisthenewbuzzwordtoday.Thedataused appropriatelyfordeliveringstreamlinedandorganized solutionsisbeneficialtotheclientsandbusinesses.But ensuringtheprotectionofthisvaluableassetcalleddatais challengingformanybusinesses.Theeminentwomen leadersinsecuritymakeapointtodeliverthe
technologicallyadvancedsolutionsthatplayanessential roleinensuringthebusinesses'cybersecurity.Theydon’t makeanyexcusesinleavinganyroomforthetheftor exploitationofthevaluabledataofthebusinesses.They don’tleaveanychanceforhackers,stealers,and cybercriminalstoaccessthedatabydeliveringhighly evolvedsecuritysolutionstotheimportantinformationof theorganizations.
Innovativenessisthemostintrinsicqualityofeminent womenleadersinsecurity.Innovativenessisliterallyin theirgenes,andtheynurturethatinnovativenessmuchby constantlybeingcreativeandthinkingbeyondnormal thinking.Theyknowthattosustaintheircompetencyinthe market,thereisnootheroptionforthemotherthanbeing innovativeanddeliveringsomethingofvalueand credibilitytotheindustry.Theirapproachisclear,andthey comeupwithinnovativeideasandimplementthemto improvethequalityofthesolutionstotheeverincreasing challengesinthesecurityindustry.Competenceand presenceofmindarethehallmarksofeminentwomen leadersinsecurity Theyarecompetenttodeliver innovativesolutionstoaddresssecuritychallengesinthe industry
Eminentleaders'competitiveapproachhelpsthemavail edgeoverothersindeliveringthemostaccurateandtimely solutionstotheexistingproblems.Moreover,thepresence ofmindisessentialtobesuccessfulinanyfieldorany industry Theeminentleaderspossessthisqualityof presenceofmindinabundance,andthisqualityhelpsthem comeupwiththemostpragmaticsolutionstothe unforeseenchallengesevenatthespurofthemoment.This isoneofthebestqualitiesofeminentleadersinthesecurity industry.Theyadoptbestpracticestostrengthenthe securityofthebusinesses.Innovativeness,Competence, andPresenceofmindarevitalattributesthathelpwomen leadersinsecuritytobemoreeminentintheindustry
oday,therearehugeopportunitiesinthe
Tcybersecurityindustrybutamassiveshortageof cybersecurityprofessionals.Anddiversityinthe workforcecanfillthisspace.
Theproblemreallyisnottheindustrybeingoccupiedby morenumberofmen;nothavingenoughwomenisthereal problem.
Ifwelookatthefigures,indeed,thenumberofwomenhas grownfromthepastyears,buttherearestillmany opportunitiestobeseizedincybersecuritycareers.
Womenhavealwaysprovedtheirmettleinalmostevery industry.Theyhavedisplayedwhattheycanbringtothe table.Beitbuildingground-breakingsolutionsorguiding buddingwomentomakeacareerintheindustry,women havecontributedineverypossiblewaytothedevelopment oftheindustry.
Buildingacareerinafieldlikecybersecurityneedsnotjust knowledgebutexperience,andtheconstantfocusto improvehelpsbusinesswomengothedistance.Adaptingto newtechnologiesisgood,butitalsomeansyouaremore pronetocyber-attacks.Today’sbusinesswomenrealizethe impactoftechnologyandunderstandtheextentofrisksthat technologybringsalong.Theyevaluaterisksandprovide solutionsaccordinglyinatimelyandcost-effectivemanner
Beyondthat,thejourneyisfullofchallenges,like–promotingethics,diversity,andintegrityintheorganization
andofcoursetokeeptheclientsandthecompanyaway fromanycompliance.Theyunderstandthatitisnotaneasy task,astheyhavetobereadywiththeoptionsforanysuch challenges.
Youcannotjustraiseyourvoicewhenthingsgowild;only bettercommunicationandunderstandingofthesituation willgetthejobdone.Thisiswhatwomenleaders exemplify.Sharingknowledge,attendingseminars, interactingwithindustryexpertsclearstheirunderstanding ofthecomplexandchallengingfieldslikecybersecurity
Womenincybersecurityhavechangedthedogmaofthe industry,beitcybersecurity,IT,healthcare,oranyother fieldforthatmatter.Theirproactiveleadershipandbuilding secureapplicationskeepthemstayaheadoftheemerging competitivemarket.
Thekeytotheirsuccessisthepromotionofinclusivityand diversityintheirteam,makingthecybersecurityfieldmaledominated-free.Yes,itwillbearealitysoon;therewillbe nolongeraneedfortheterm‘male-dominated’ifonly everyoneisgivenequalopportunitytolead,ofcourse.
Businesswomenhaveremainedtrueintheirmission,helped otherwomenentrepreneurs,gatheredandsharedeverything theyhave.Ultimately,thequalitywhichstandsoutinthem isnevergivingup;theyalwaysthinkofalternativesfor everyproblem.
Buildingaglobalworkforceofwomennotjustin cybersecuritybutineveryindustryshouldbeourgoalasa society.Thatistheonlywaywecanshapethefutureof womenintheindustries,includingcybersecurity
Lori Sussman
Cybersecurityisoneofthemostcriticalissuesthat severalorganizationsdealwithtodayonaglobal scale.Withtheever-growingexpansionof digitalizationofdata,itbecomeschallengingtoprotect essentialinformation.Numerousinstancesofdatabreaches, ransomwareattacksarebecomingdangerousthreatsand headingfurtherintothefuture,anditwillbecomemore criticaltobuildsecurecyberspace.However,leadersin Cybersecurityareconsistentlyimprovingexisting technologies,anditisnecessarytoeducatetheupcoming generationtoutilizetheiruniquetakeonCybersecurity
LoriSussman,AssistantProfessorintheDepartmentof TechnologyatCybersecurityattheUniversityofSouthern Maine,isonesuchleaderwhousesheryearsofexpertise toeducateandtrainfuturecybersecurityexperts.Loriisa veteranwhodedicatedovertwodecadesoflifetotheUS Army.Shenowhelpsorganizationsbuildtheleadership, technology,andsecuritycapabilityneededforthis increasinglyglobalandconnectedfuture.
In2015,LoriwasnamedoneoftheCRN2015Womenof theChannelPower50SolutionProviderbyTheChannel Company'sCRNMagazineforherexemplaryrecordof successacceleratingherclients'needsthroughtechnology solutions.
Inanon-traditionalpathtoacademia,Lori'scareerstartedat WestPointaspartofthefourthclasstoallowwomeninto itsranks.Evenwhendealingwithsomeanimosityabout
womenbeingpartoftheCorpsofCadets,shelearnedto "cooperateandgraduate."Sheproudlygraduatedasa secondlieutenantintheSignalCorps,theInformation TechnologybranchwithintheUSArmy
Loriservedover24yearsofUSArmyservicewith distinctionandretiredattherankofColonel.Itwasher honorandgoodfortunetoassumevariousleadership positionsculminatinginbrigadecommand.Shebenefitted greatlyfromthementorshipandthesponsorshipof enlightenedseniorofficersandofficials.
Duringherservice,Loripursuedandcompletedfour master'sdegrees,whichprovedtobeanessentialfactoras shemovedfromthepublictotheprivatesectorafterher retirement.Sheexploredlargecorporations,small businessesandalsoventuredintoentrepreneurship.Asa result,shegottoworkforelitehightechnologycompanies suchasCisco,HewlettPackard,andalocalSouthCarolina Fortune5000company.Lorimanagedhighlycomplex, diverse,andactiveorganizationsengagedindeveloping, acquiring,integrating,deploying,andsustainingstate-ofthe-artbusiness,technology,andsecuritysystemsfor clientsintheseroles.
Lorifelthercallingwhenshereadabouttheneedtomove fromsuccesstosignificanceinthebook"HalfTime."So sheenrolledintheUniversityofNewEngland(UNE) doctoralprogramintransformativeeducationalleadership.
In2018,theUniversityofSouthernMainehiredLorias part-timefaculty,andshebecamefull-timefacultyin2019.
Inthreeshortyears,shehelpedcreateanewprogramfora Master'sinCybersecurity,startedacommunityservice CybersecurityAmbassadorprogram,andstartedUSM's CyberDefenseteamcalledtheHuskyHackers.Loristates thatithasbeenanexceptionalexperiencewatchingstudents thriveandgrow.
TheUniversityofSouthernMaine(USM)isaunique institutionwithamissiontoprovidestudentswithahighquality,accessible,affordableeducation.Ithas comprehensiveundergraduate,graduate,andprofessional programsdesignedtoeducatefutureleadersintheliberal artsandsciences,engineeringandtechnology,healthand socialservices,education,business,law,andpublicservice.
Thefacultyiscommittedtofosteringaspiritofcritical inquiryandcivicparticipation.Bothstudentsandfaculty enjoyacultureofacademicfreedominanenvironmentthat advocatesdiversityinallaspectsofcampuslifeand academicwork.USMsupportssustainabledevelopment,
environmentalstewardship,andcommunityinvolvement, thusprovidingresourcesforthestate,thenation,andthe world.
ConsistentwiththeUSMmissiontobeacenterfor discovery,scholarship,andcreativity,Loriemphasizes projects,writing,problem-solving,activestudentlearning, applicationoftheorytopractice,andmeasurableoutcomebasedlearningwhenteachingtechnologyorcybersecurity courses.Sheevaluatesstudentsusingcriticalthinking papers,writtencasestudies,classpresentations,small groupwork,andappliedprojectsintheuniversityand community.
Loriutilizesengagedlearningtechniquestoensurethatall ofherstudentscanbringtheorytopracticebyapplying theirknowledge,skills,andabilitiesincontextsbeyondthe traditionalclassroomandprovidingapplication opportunitiesinthecommunity,thelaboratory,andother venues.Thisengagedlearningchallengesstudentsbecause
itrequiressustainedandfocusedapplication,reflection,and collaboration.Inaddition,sheusesreal-worldexamplesto focusontechnologyandcybersecurityactivitiesto understandtheissuesbetter
Puttingherstudentsfirst,Loricreatesprogramsthat graduatestudentswithskills,knowledge,andcapabilities fortheworkforce.Shestrivestoimmersestudentsinthe technologybutwithenoughcreativespacetoevolve,learn, andgrow.
Whenmeetingwithastudent,Loriexaminestheirvalues, personality,culture,likes/dislikes,strengths/challenges, skills,attitudes,andbeliefs.
Theseattributesinformhowonecancollaboratively navigatetheiracademiccareertolandthattechnologyjob forwhichtheyaspire.Shespendsagreatdealoftime makingsurethatherstudentsachievetheobjectivesoftheir collegeexperience.Theyshouldhaveapurposefortheir presentandlifelonglearning.
Finally,Loriwantstohelpherstudentstoappreciatethe largerviewofthemselves,theiruniversity,andtheir community.Studentsmustseeaconnectionbetweentheir experiencesatUSMandtherealworld.
Lorifocusesoncreatingprogramsthatincreasediversityin thetechnologyandcybersecurityworkforce.Sherecently foundedtheUSMCybersecurityAwareness,Research,and EducationSupport(CARES)Center,intendingtotake advantageofbeinginthestate'sfastest-growingregion.
USMisamulti-campusuniversitywithnearly20,000 students,makingitoneofthelargestinstitutionsinthe UniversitySystemofMaine.TheCARESCenter'sgoals aretocreatevariouseducationalpathwaysthatprovide accesstounderrepresentedpopulations.
Theuniversityisstartingtoshapeprogramsthatinclude opportunitiesrelatedtoexperientiallearning,internships, scholarships,curriculumandworkshopdevelopment, outreachprograms,andappliedresearch.Ithasacollective goalofincreasingthecybertalentandworkforcecapacity tomeetMaine'sandprivateindustrycyberneeds.
Inheradvicetoemergingwomenleadersinthesecurity space,Lorisays, "Be fearless. Believe in your intuition, and don't take no for an answer."
Oeverinthedigitalworld.Beingcomplacentin protectingonlineinformationcanbeasignificant threat,andcybercriminalsexploitthat.Addressingthe evolvingthreatstothedatawithevolvingandinnovative solutionsbecomesthemostcriticalneedofallbusinesses.
nlinedataprotectionhasbecomemorecriticalthan
internationalsecurityandcomplianceconferencessuchas RSA,ENISA&ISACA.
"No one in compliance can afford to stay still," believingin thisstatement,MathieuGorgethinksthatinnovationmust ensurethatsecuritysolutionsaddresscurrentthreats, vulnerabilities,andregulations&standards.Asthe FounderandCEOofVigiTrust,Mathieuutilizeshis knowledgeandexperiencetoresolvethecybersecurity industryissuesinnovatively.Apartfromthat,Mathieuhas alsowrittenabookentitledTheCyberElephantinthe BoardroompublishedbyForbeBooks(November2020), aimedatBoardmembers,C-Suites,andcriticaldecisionmakersfacingcyberaccountabilitychallenges.
Mathieustudiedlanguages,marketing,andlawbutnever oncelearnedITorcompliance.However,hewaslucky enoughtoworkforcompanieswhereleaderswere passionateaboutsecurity;hecaughtthebugandfoundhis passionindatasecurity,asubsetofthesecuritymarket, growingtoriskmanagementandcompliance.
Mathieu'sareasofexpertiseincludePCIDSS,GDPR, CCPA,HIPAA,VRM,andISO27001.Hehasbeen involvedinpaymentsecurityformorethan20yearsand hasworkedwithmanysecurityworkinggroupsand associationsintheUSandEU.Thankstohisinternational workhand,buildingonthesuccessofVigiTrust's5Pillars ofSecurityFramework™,heisaregularspeakerat
MathieuwasthePresidentoftheFrenchIrishChamberof CommerceinDublinfrom2017-to2019-Heremainedon theExecutivecouncilandaschairoftheICTworking group.HehasalsoservedastheChairmanofInfoSecurity IrelandandwasanOfficialReviewerforANSI(US).Heis thefounderofthePCIDSSEuropeanRoadshow,running since2011.
Mathieuisanestablishedauthorityandspeakeron Cybersecurity,RiskManagement&Compliancewithmore than20yearsofinternationalexperience.Heisalsothe ChairmanoftheVigiTrustGlobalAdvisoryBoard,an internationalsecurityandcompliancethinktank.In2021, hewasawardedtherankofKnightoftheNationalOrderof MeritbytheFrenchGovernment(Chevalierdel'Ordre NationalduMérite)
Mathieudevelopedapassionforadomainhedidnotstudy, cybersecurity,learningtechnicalskillsrapidlysurrounded bytherightpeoplewhosharedtheirknowledgewithhim. Havingnosalesormanagementtraining,helearnedto build,growandmaintainacompany,itsteam,finances,and operations.Withoutanymanagementtraining,itwasan uphillbattle;however,hesurroundedhimselfwith competentpeoplewhohadmoreexperiencethanhim,and theyhaveguidedhimthroughouttheprocess.
VigiTrustisaward-winningIntegratedRiskmanagement (IRM)solutionprovider(PCI,GDPR,CCPA,HIPAA, VRM)foundedin2003.ItisbasedinDublin,Ireland,and hassupportofficesinNewYorkandParis.Itispresentin
120countries.VigiOne,VigiTrust's flagshipsolution,enables organizationstoachieveand maintaincompliancewithlegal, industrial,andsecuritystandardsand frameworks,includingdata protection,datatransferand retention,ProtectedHealth Information(PHI),andPayment CardIndustryDataSecurityStandard (PCIDSS),ISO27001compliance programs,andcorporategovernance.
VigiTrusthelpsglobalFortune500 customerscomplywithUSFederal regulations,Stateregulations,and Europeandirectives.
VigiTrusthasclientsintheretail, hospitality,banking,PSP,and assessors'industries(tonamebuta few)in120+countries.Thankstothe VigiTrustGlobalAdvisoryBoard,a non-commercialthinktankbringing togetheragroupofexperts, researchers,securityandcompliance professionals,regulators,law enforcement,andotherindustryand domainexperts,VigiTrustisalways attheforefrontofcyber-security innovation.
TheVigiTrustAdvisoryBoardallows membersandgueststodiscussand explorenewtrends,researchand innovation,andthelatestthreat vectorsintermsofcybersecurityand regulatorycompliance.Theseevents, nowgonevirtual,areorganizedinaconfidential,noncommercial,andnon-profitsettingunderChathamHouse Rules.Theyfeatureinternationalspeakersrenownedfor theirknowledgeinaspecificfieldregardingsecurity& compliance.
Ifyoulookattherootsofthebusiness,you'llseethatdata protectionwasalwaysthecenterstoneofallthings VigiTrust.Itstillis,soGDPRisrightupthepouringalley. ProvidingasolutionlikeVigiOneallowsclientsand partnerstopreparefor,validate,andmaintaincompliance withGDPRandlinkthattoover100interrelateddata protectionstandardsandlawsmakestotalsense.
InMathieu'sview,GDPRsetstherighttonefordata protectionminimumlevels,enforcement,andcontinuous security.Mathieualwayssaysthatsecurityisajourneyand notadestination.GDPRiswellalignedwiththisbecause youmustcontinuallyupdateyourdataecosystemand performprivacyimpactassessmentswhenanewdataflow comesintoplay
VigiTrusthaseighteenyearsofexperienceinthe informationsecurityservicessectorintoonesingleSaaS solution,enablingcomplexanddisparateorganizationsto simplifyimplementingandmanagingsecurityandprivacy regulations.Itssolution,VigiOne,utilizes
VigiTrust's5PillarsofSecurityFramework™ andit enablestoachieveandmaintaincompliancewithlegal, industrial,andsecuritystandardsandframeworks.
VigiTrustcontinuallyinnovatesandcreatesnewfeatures.It hasaroadmapthatitfollowswithprecisiontoensurethat VigiOneisalwaysadaptedtoanyorganizationlikeQSAs, ASVs,hotels,acquiringbanks,largeretailcompanies,and otherend-usersworldwide!
VigiTrustcontinuestoinnovateandreliesontopics discussedattheGlobalAdvisoryBoardanditscommunity
of700+memberstohelpitdriveinnovationintheright direction!
VigiTrustwillcontinuetoinnovateandaddresstheever evolvinglegalandindustrystandardslandscaperegarding dataprotectionandcompliance.
TheAdvisoryBoardwillcontinuetomonitorthesecurity andcomplianceenvironment.
VigiOnehasaverybusyroadmapforthisnewyearandis nowventuringintoMachinelearningandAIinnovation,so watchthisspacein2022forsomemajorannouncements!
Mathieuadvisesaspiringentrepreneursinthecompliance sector, "Just do it! It's a fascinating, ever-evolving domain! Surround yourself with the right people who know more than you in their respective domains, build a great company culture for your team, work super hard, and make fun!"
igitalization'swidespreadhasdisruptedseveral
Dindustriesbringingwavesoftransformativeshifts elevatingandstreamliningtheworkflow.However, italsocomeswithseveralchallengesintheformsofcyber attacksandthreats.Sincethepasttwoyears,cyberthreats havetargetedvulnerabletargetscompromisingcompliance, data,andprivacyconcerns.Theleadersinthecybersecurity nicheareworkingfingerstothebonetotacklethissolution toprotectandsafeguardbusinessesworldwide.
Inthechaosofcyberthreats,NirAyalontookitupon himselftoprotectthemaritimeindustryfromcyber-attacks, workingwithprofessionalswithdeepknowledgeand experience.Today,NirleadsasCEOandCo Founderof Cydome,anaward-winningmaritimecybersecurityfirm. HealsoservesasanISOcommitteememberforMarine& ShiptechnologyandCybersecurity.
Nir'sprofessionallifebegandevelopingandresearching dataprotectionanddisasterrecoverysolutionsfor enterprises,developingintoseveraltechnicaland commercialrolesatIBM.Hehasbeeninvolvedwith severalsuccessfulstart-upsdevelopingtechnologyforthe businesssector.WhiledevelopingadvancedR&D initiativesfocusedoncyberdefenseandprotection,hesaw thevalueandopportunitytocreateahighlyspecialized businessinthemaritimeindustry Thus,NirCo-founded Cydome,amaritimecybersecuritycompanywithan excellentteamhavingextensiveexperienceinmaritime ecosystemandCybersecurity.
Nirstatesthathefaceduniquechallengesthathadahuge impact.Theglobalshippingindustryisthebackboneor foundationlayeroftheworld'ssupplychainandhistorically hasseveralsecurityweaknesses.Heunderstandsthatthe cybersecuritythreatinthemaritimesectorisrelativelynew -anditistheresultofincreasingdigitalizationandan improvementofsatellitecommunicationtechnology.
SinceCydome'sinitiation,Nirknewhehadtodevelopa differentapproachtoCybersecurity.Heexpressesthatthe maritimecybersecuritysectorsuffersfromthemajorlegacy providersputtinga"maritime"labelontheirproductand thinkingtheirproductdevelopmentjobisdone.Thereality isthattheITandOTinfrastructureswithinashippresenta significantlymorecomplexsetofvulnerabilitiesbothtoand fromtheship.Cydomestartedwithacleandesignsheet.
Cydome'smissionistoprotecttheentiresupplychainby protectingthemaritimeindustry.Thisindustryisthe backboneoftheworld'ssupplychainandeconomy; therefore,cyberleadersneedtoactasaglobalprotectorfor shipping.
Nirstatesthatcyberdefensemustalwaysbeonand defending,anditmustprotectallpointsofaccessingallof thetime.Cydomehasapproachedtheproblemswith innovativesolutionsandthenconstantlyreviewed, evaluated,andimproved.Itcommittedasignificant percentageofitsincomebackintoitsR&Ddevelopment, resultinginaward-winningsolutions.
Cydomeenvisionsinnovatingandbeingastepahead oftheindustry'sproblemstohelptheentiresupply chain.Ithasalreadyimplementedstepsbypartnering withoneoftheleadingmaritimeuniversitiesto createacentraldatabaseforcyber-attacks,withthe visionofleadingtransparencyandinnovationinthe sector
Cydomehasmadeadentintheuniversewithits solutions.Nirsays, "Where there is an industry with big problems, there is an opportunity to build a big business providing the solutions." Theglobal shippingindustryismassiveandat-risk;figuresfor 2019showthat11billiontonsofcargoworth$11
“
“ Safety, Visibility, Compliance. Complete Cyber Security solution for the maritime ecosystem.
trillionweremovedby98,000ships.Suchbignumbers attractunwantedattention,andCydomedetectsand preventsthousandsofattackseachdayonclients'vessels.
Cydome'sstrategyhasalwaysbeentoinvestinresearchand developmenttocreateoriginal,innovative,andproactive solutions.Nirmentionsthattheearlydaysofcyberdefense werelimitedtodetectionandreporting;proactivedefense andprotection,combinedwithanalways-onapproachto monitoring,isthewayforward.
Cydomeisdevelopingandimplementingseveralmethods tosupportthechallengesofthemaritimeindustry,suchas MachineLearning(ML),whichusesBigDatatoprovide effectivedetectionanddefenseagainstattacks.Itfocuseson developingautomatedtoolstobringanewlevelofease-ofuseintheeventofcyberincidentsthathappeninreal-time. Nirasserts, "As automation is the future, we have also brought it into our compliance tool, which is specifically aimed at regulations for maritime cybersecurity, including IMO 2021.”
Thecybersecurityworldisdynamicandchangesconstantly Attackersexploitvulnerabilities,anddefendersdetectand protecttheprotectedassets.Technology,ingeneral,isalso advancingveryrapidly-creatingopportunitiesformore zero-dayexploits.
Machinelearningisapowerfultoolthatwilltakethiscatmousescenariotoanentirelynewlevelwhenattackersuse MLtolaunchnewcomplex,difficult-to-detecttypesof attacks.
CydomeisalreadydevelopingandusingAItomonitorand searchforsignsofanomaliesthatsuggestacomplexattack.
Currently,NirisfocusedonbuildingCydomeintothe leadingcybersecurityproviderinthemaritimesector Todo so,theapproachofthecompanywillcontinuetofocuson thesecurityoftheentiresupplychain,whichinvolves protectingfleets,portsandoffshorefacilities.Withoutthese partshavingproper,ongoingdefenceagainst cybercriminalstheentiremaritimeecosystemisatrisk. Cydomewillcontinuechampioningthisintegral
propositionforthebenefitoftheentiresupplychainand economy
Niradvisesbuddingentrepreneursaspiringtoventureinto thecybersecuritynichetoresearchextensively.Hesays, "Understand and validate the problem and know your users. And the most important thing - build a diverse and creative team that will complete each other. Plan to build a solution to a real and significant problem and develop a strategy to be the best provider of that service."
heCybersecurityspaceistransformingtheways
Tbusinessoperates,spreadingitsrootsdeepenough toincreaseaccessibilityanddetectandprotectdata frompotentialthreats.Theleadersinthenichearemapping aframeworkthatcanhelpbusinessesdevelopinnovative securityproducts.Providingatrustedarrayofservicesto helpcompaniesstayaheadofthecurve,NiteshSinha foundedSacumen.
AstheCEO,Niteshispassionatelytransformingthe perspectiveofthesecurityindustrybybecomingthetrusted enableranddifferentiator.HeworkswithSecurityProduct Companiestoassisttheminfacingever-evolvingsecurity challenges,competitivemarket,andever-changingbusiness dynamics.
SacumenaimstobetheleadingGlobalSecurityProduct EngineeringandServicescompanybyhelpingitsclient stayaheadofthecurvebecauseoftheever-evolving securitychallengesbyprovidinginnovativesecurity solutions,generatingmoreexcellentvalueforitscustomers.
Followingatraditionalprofessionaljourney,Niteshwent throughthestrugglesthatmostpeopledo,buthishumble yetconstantrisethroughtheranksmakeshis entrepreneurialjourneydistinctive.However,hewantedto dosomethingmoretocontributehisexpertiseinthe cybersecurityspace.Whenthestarsaligned,hecameacross ClarionVenturePartners,whoreachedouttoNiteshto buildacompanyspecializinginsecurityservices;thus, Sacumencameintoexistence.
Niteshhasalwaysbeen arisk-taker,andbytheSacumen wasborn,hehadgarneredenrichingexperienceofrunning businesslearningfromhispreviousjobs.Comingfroma developerbackground,hedevelopedsecurityproductsand solutions.Though,histechnicalexpertisecameinhandyto shapeSacumentobethecompanythatcanpivotfaster, withadiverseskillset.
TheCOVID-19Pandemiccamewithwavesof unprecedenteddisruptionthatwipedoutmuchbusiness. Although,italsowasablessingindisguiseformany companies,andSacumenwasoneofthem.Theentire businesscultureshiftedtoworkingremotely,becominga boonforNitesh.Itwaspreciselythesetofthethings Sacumenofferedsolutionsforvalidatingtheirbusiness offerings.Sacumenhasworkedwithcybersecurity companiestobecomespecialistsinbuildingconnectors, pairingwithintegrationsofsecurityproductcompaniesand non-securityproductcompaniesfromdayone.
Sacumen'sofferingsbecamethedifferentiatorinthecyber securitynichethathelpeditsurvivethePandemicand continuetorisewith100%year-on-yeargrowth.Nitesh asserts, "I think the key thing is to be much focused there and be that master in terms of doing what we are offering to our customer. Be that specialist where customers can trust us blindly to the things, we are building it for them, it needs focus and commitment, and we have all of it exhibited at Sacumen.”
Today,Nitesh'sleadershiphaspositionedSacumeninits fieldwithstrengthenedrootsbecomingatruedifferentiator initsofferingforcybersecurityproductcompanies.
Inthepursuitofbeingthebestofbest,Sacumenisleaving adentintheuniversewithconnectors,third-party integration,anddevelopingproductsforsecuritycompanies tounderstandtheirusecases.Sacumenhasanextensive partnersystem,whereitcanfigureoutpartnerships,access
We're here to put a dent in the Cybersecurity Universe. Otherwise, why else even be here
theacquiredproduct,andlicensetodeliverarobust deliveryprocessintermsofhowitoperates.UnderNitesh's leadership,Sacumenhascementeditselftoprovidefastpacedsolutionswithhigh-qualityandreducedcosts.
Niteshisdedicatedtocompletingtheprojectwith unmatchedeffortsandmovingontothenextonetobeona continuouslearningcurve.Hehasimplementedaculture whereeveryonetakescompleteownershipoftheirworkat athresholdleveltothetopone.Niteshbelievestaking ownershipchallengeseveryemployeetokeepinnovating andmoveforward.
Niteshvaluesfairnessveryimmenselyapartfrom teamworkanddelightingcustomers.However,heisvery particularaboutthecommitmentandstickstobeing transparenttotakethebusinesstonewerfeats.
Theworldismovingtowardsautomation,andSacumen willplayanessentialroleinconnectingvarioussystems withitssecurityproductsandservices.Theabilitytosortof haveareal-timedetectionofthesecuritythreatorattack andbringabletorespondwithminimalmanualintegration willcreateamassivewaveoftransformationtothis ecosystem.NiteshstatesthatSacumenisheadedtothat potentialfuturetobethecompanythatprovidesallthe digitalsecuritysolutionsunderoneroof.
Inthelonghaul,NiteshenvisionsSacumenas50% services-basedand50%product-based.Sacumenssolvesa specificproblemofintegrationsforitscustomersandaims
tocontinuedoingso.Niteshasserts, "We are very clear that we would want to be so far the powerhouse of connectors for our customers. Once the trust is built up, you start to do more on the other set of product engineering work, exciting things on machine learning. It just a matter of continued focus to achieve that more year-on-year growth to be the player where any time you talk about security, Sacumen will be a synonym to security when people talk about it.”
Niteshadvisesupcomingentrepreneursaspiringtoventure intothecybersecurityspacetobepreparedforchangesasit istheindustry'snorm.Inhisconcludingthoughts,Nitesh says, "If you want to be a successful entrepreneur, your ability to say no is much more important than the ability to say yes to things. Because there'll be many opportunities where it will just distract from your focus to what you are trying to solve, so as long as you are clear with your vision of it and what problem you are trying to solve with it, you would be successful."
EmpoweringYouth to GreatnessThrough Education, Mentoring, and Networking
