21 minute read
Lori Sussman
A Fearless Veteran Educating Future Cybersecurity Experts
Cybersecurity is one of the most critical issues that several organizations deal with today on a global scale. With the ever-growing expansion of digitalization of data, it becomes challenging to protect essential information. Numerous instances of data breaches, ransomware attacks are becoming dangerous threats and heading further into the future, and it will become more critical to build secure cyberspace. However, leaders in Cybersecurity are consistently improving existing technologies, and it is necessary to educate the upcoming generation to utilize their unique take on Cybersecurity.
Advertisement
Lori Sussman, Assistant Professor in the Department of Technology at Cybersecurity at the University of Southern Maine, is one such leader who uses her years of expertise to educate and train future cybersecurity experts. Lori is a veteran who dedicated over two decades of life to the US Army. She now helps organizations build the leadership, technology, and security capability needed for this increasingly global and connected future.
In 2015, Lori was named one of the CRN 2015 Women of the Channel Power 50 Solution Provider by The Channel Company's CRN Magazine for her exemplary record of success accelerating her clients' needs through technology solutions.
A Unique Journey
In a non-traditional path to academia, Lori's career started at West Point as part of the fourth class to allow women into its ranks. Even when dealing with some animosity about women being part of the Corps of Cadets, she learned to "cooperate and graduate." She proudly graduated as a second lieutenant in the Signal Corps, the Information Technology branch within the US Army.
Lori served over 24 years of US Army service with distinction and retired at the rank of Colonel. It was her honor and good fortune to assume various leadership positions culminating in brigade command. She benefitted greatly from the mentorship and the sponsorship of enlightened senior officers and officials.
During her service, Lori pursued and completed four master's degrees, which proved to be an essential factor as she moved from the public to the private sector after her retirement. She explored large corporations, small businesses and also ventured into entrepreneurship. As a result, she got to work for elite high technology companies such as Cisco, Hewlett Packard, and a local South Carolina Fortune 5000 company. Lori managed highly complex, diverse, and active organizations engaged in developing, acquiring, integrating, deploying, and sustaining state-ofthe-art business, technology, and security systems for clients in these roles.
Lori felt her calling when she read about the need to move from success to significance in the book "Half Time." So she enrolled in the University of New England (UNE) doctoral program in transformative educational leadership.
In 2018, the University of Southern Maine hired Lori as part-time faculty, and she became full-time faculty in 2019.
Preparing students today for the world of tomorrow. “
In three short years, she helped create a new program for a Master's in Cybersecurity, started a community service Cybersecurity Ambassador program, and started USM's Cyber Defense team called the Husky Hackers. Lori states that it has been an exceptional experience watching students thrive and grow.
The Mission and Vision of USM
The University of Southern Maine (USM) is a unique institution with a mission to provide students with a highquality, accessible, affordable education. It has comprehensive undergraduate, graduate, and professional programs designed to educate future leaders in the liberal arts and sciences, engineering and technology, health and social services, education, business, law, and public service.
The faculty is committed to fostering a spirit of critical inquiry and civic participation. Both students and faculty enjoy a culture of academic freedom in an environment that advocates diversity in all aspects of campus life and academic work. USM supports sustainable development, environmental stewardship, and community involvement, thus providing resources for the state, the nation, and the world.
Leveraging Technology to Teach
Consistent with the USM mission to be a center for discovery, scholarship, and creativity, Lori emphasizes projects, writing, problem-solving, active student learning, application of theory to practice, and measurable outcomebased learning when teaching technology or cybersecurity courses. She evaluates students using critical thinking papers, written case studies, class presentations, small group work, and applied projects in the university and community.
Lori utilizes engaged learning techniques to ensure that all of her students can bring theory to practice by applying their knowledge, skills, and abilities in contexts beyond the traditional classroom and providing application opportunities in the community, the laboratory, and other venues. This engaged learning challenges students because
it requires sustained and focused application, reflection, and collaboration. In addition, she uses real-world examples to focus on technology and cybersecurity activities to understand the issues better.
Putting her students first, Lori creates programs that graduate students with skills, knowledge, and capabilities for the workforce. She strives to immerse students in the technology but with enough creative space to evolve, learn, and grow.
When meeting with a student, Lori examines their values, personality, culture, likes/dislikes, strengths/challenges, skills, attitudes, and beliefs.
These attributes inform how one can collaboratively navigate their academic career to land that technology job for which they aspire. She spends a great deal of time making sure that her students achieve the objectives of their college experience. They should have a purpose for their present and lifelong learning.
Finally, Lori wants to help her students to appreciate the larger view of themselves, their university, and their community. Students must see a connection between their experiences at USM and the real world.
Heading Into the Future
Lori focuses on creating programs that increase diversity in the technology and cybersecurity workforce. She recently founded the USM Cybersecurity Awareness, Research, and Education Support (CARES) Center, intending to take advantage of being in the state's fastest-growing region.
USM is a multi-campus university with nearly 20,000 students, making it one of the largest institutions in the University System of Maine. The CARES Center's goals are to create various educational pathways that provide access to underrepresented populations. The university is starting to shape programs that include opportunities related to experiential learning, internships, scholarships, curriculum and workshop development, outreach programs, and applied research. It has a collective goal of increasing the cyber talent and workforce capacity to meet Maine's and private industry cyber needs.
A Note to Younger Ones
In her advice to emerging women leaders in the security space, Lori says, "Be fearless. Believe in your intuition, and don't take no for an answer."
Mathieu Gorge:
A Passionate Leader in Data Security, Compliance, and Risk Management
nline data protection has become more critical than Oever in the digital world. Being complacent in protecting online information can be a significant threat, and cybercriminals exploit that. Addressing the evolving threats to the data with evolving and innovative solutions becomes the most critical need of all businesses.
"No one in compliance can afford to stay still," believing in this statement, Mathieu Gorge thinks that innovation must ensure that security solutions address current threats, vulnerabilities, and regulations & standards. As the Founderand CEO of VigiTrust, Mathieu utilizes his knowledge and experience to resolve the cybersecurity industry issues innovatively. Apart from that, Mathieu has also written a book entitled The Cyber Elephant in the Boardroom published by Forbe Books (November 2020), aimed at Board members, C-Suites, and critical decisionmakers facing cyber accountability challenges.
Establishing Authority in Cybersecurity
Mathieu studied languages, marketing, and law but never once learned IT or compliance. However, he was lucky enough to work for companies where leaders were passionate about security; he caught the bug and found his passion in data security, a subset of the security market, growing to risk management and compliance.
Mathieu's areas of expertise include PCI DSS, GDPR, CCPA, HIPAA, VRM, and ISO 27001. He has been involved in payment security for more than 20 years and has worked with many security working groups and associations in the US and EU. Thanks to his international work hand, building on the success of VigiTrust's 5 Pillars of Security Framework™, he is a regular speaker at international security and compliance conferences such as RSA, ENISA & ISACA.
Mathieu was the President of the French Irish Chamber of Commerce in Dublin from 2017-to 2019 - He remained on the Executive council and as chair of the ICT working group. He has also served as the Chairman of InfoSecurity Ireland and was an Official Reviewer for ANSI (US). He is the founder of the PCI DSS European Roadshow, running since 2011.
Mathieu is an established authority and speaker on Cybersecurity, Risk Management & Compliance with more than 20 years of international experience. He is also the Chairman of the VigiTrust Global Advisory Board, an international security and compliance think tank. In 2021, he was awarded the rank of Knight of the National Order of Merit by the French Government (Chevalier de l'Ordre National du Mérite)
The Security is a Journey, not a destination
Mathieu Gorge, Founder and CEO (VigiTrust)
Mathieu Gorge Founder and CEO (VigiTrust)
Mathieu developed a passion for a domain he did not study, cyber security, learning technical skills rapidly surrounded by the right people who shared their knowledge with him. Having no sales or management training, he learned to build, grow and maintain a company, its team, finances, and operations. Without any management training, it was an uphill battle; however, he surrounded himself with competent people who had more experience than him, and they have guided him throughout the process.
Security is a Journey
Being at the Forefront
VigiTrust is award-winning Integrated Risk management (IRM) solution provider (PCI, GDPR, CCPA, HIPAA, VRM) founded in 2003. It is based in Dublin, Ireland, and has support offices in New York and Paris. It is present in 120 countries. VigiOne, VigiTrust's flagship solution, enables organizations to achieve and maintain compliance with legal, industrial, and security standards and frameworks, including data protection, data transfer and retention, Protected Health Information (PHI), and Payment Card Industry Data Security Standard (PCI DSS), ISO 27001 compliance programs, and corporate governance. VigiTrust helps global Fortune 500 customers comply with US Federal regulations, State regulations, and European directives. VigiTrust has clients in the retail, hospitality, banking, PSP, and assessors' industries (to name but a few) in 120+ countries. Thanks to the VigiTrust Global Advisory Board, a non-commercial thinktank bringing together a group of experts, researchers, security and compliance professionals, regulators, law enforcement, and other industry and domain experts, VigiTrust is always at the forefront of cyber-security innovation.
The VigiTrust Advisory Board allows members and guests to discuss and explore new trends, research and innovation, and the latest threat vectors in terms of cybersecurity and regulatory compliance. These events, now gone virtual, are organized in a confidential, noncommercial, and non-profit setting under Chatham House Rules. They feature international speakers renowned for their knowledge in a specific field regarding security & compliance.
If you look at the roots of the business, you'll see that data protection was always the center stone of all things VigiTrust. It still is, so GDPR is right up the pouring alley. Providing a solution like VigiOne allows clients and partners to prepare for, validate, and maintain compliance with GDPR and link that to over 100 interrelated data protection standards and laws makes total sense.
In Mathieu's view, GDPR sets the right tone for data protection minimum levels, enforcement, and continuous security. Mathieu always says that security is a journey and not a destination. GDPR is well aligned with this because you must continually update your data ecosystem and perform privacy impact assessments when a new data flow comes into play.
Simplifying Implementation of Security Solutions
VigiTrust has eighteen years of experience in the information security services sector into one single SaaS solution, enabling complex and disparate organizations to simplify implementing and managing security and privacy regulations. Its solution, VigiOne, utilizes
VigiTrust's 5 Pillars of Security Framework™ and it enables to achieve and maintain compliance with legal, industrial, and security standards and frameworks. VigiTrust continually innovates and creates new features. It has a roadmap that it follows with precision to ensure that VigiOne is always adapted to any organization like QSAs, ASVs, hotels, acquiring banks, large retail companies, and other end-users worldwide!
VigiTrust continues to innovate and relies on topics discussed at the Global Advisory Board and its community of 700+ members to help it drive innovation in the right direction!
Addressing Ever-Evolving Issues
VigiTrust will continue to innovate and address the everevolving legal and industry standards landscape regarding data protection and compliance.
The Advisory Board will continue to monitor the security and compliance environment.
VigiOne has a very busy roadmap for this new year and is now venturing into Machine learning and AI innovation, so watch this space in 2022 for some major announcements!
Prioritizing Right Association
Mathieu advises aspiring entrepreneurs in the compliance sector, "Just do it! It's a fascinating, ever-evolving domain! Surround yourself with the right people who know more than you in their respective domains, build a great company culture for your team, work super hard, and make fun!"
Digitalization's widespread has disrupted several industries bringing waves of transformative shifts elevating and streamlining the workflow. However, it also comes with several challenges in the forms of cyberattacks and threats. Since the past two years, cyberthreats have targeted vulnerable targets compromising compliance, data, and privacy concerns. The leaders in the cybersecurity niche are working fingers to the bone to tackle this solution to protect and safeguard businesses worldwide.
In the chaos of cyber threats, NirAyalon took it upon himself to protect the maritime industry from cyber-attacks, working with professionals with deep knowledge and experience. Today, Nir leads as CEO and Co-Founder of Cydome, an award-winning maritime cybersecurity firm. He also serves as an ISO committee member for Marine & Ship technology and Cybersecurity.
The Rise
Nir's professional life began developing and researching data protection and disaster recovery solutions for enterprises, developing into several technical and commercial roles at IBM. He has been involved with several successful start-ups developing technology for the business sector. While developing advanced R&D initiatives focused on cyber defense and protection, he saw the value and opportunity to create a highly specialized business in the maritime industry. Thus, Nir Co-founded Cydome, a maritime cybersecurity company with an excellent team having extensive experience in maritime ecosystem and Cybersecurity.
Nir states that he faced unique challenges that had a huge impact. The global shipping industry is the backbone or foundation layer of the world's supply chain and historically has several security weaknesses. He understands that the cybersecurity threat in the maritime sector is relatively new - and it is the result of increasing digitalization and an improvement of satellite communication technology.
The Secure Approach
Since Cydome's initiation, Nir knew he had to develop a different approach to Cybersecurity. He expresses that the maritime cybersecurity sector suffers from the major legacy providers putting a "maritime" label on their product and thinking their product development job is done. The reality is that the IT and OT infrastructures within a ship present a significantly more complex set of vulnerabilities both to and from the ship. Cydome started with a clean design sheet. Cydome's mission is to protect the entire supply chain by protecting the maritime industry. This industry is the backbone of the world's supply chain and economy; therefore, cyber leaders need to act as a global protector for shipping.
Nir states that cyber defense must always be on and defending, and it must protect all points of accessing all of the time. Cydome has approached the problems with innovative solutions and then constantly reviewed, evaluated, and improved. It committed a significant percentage of its income back into its R&D development, resulting in award-winning solutions.
Cydome envisions innovating and being a step ahead of the industry's problems to help the entire supply chain. It has already implemented steps by partnering with one of the leading maritime universities to create a central database for cyber-attacks, with the vision of leading transparency and innovation in the sector.
“Safety, Visibility, Compliance. Complete Cyber Security solution for the maritime ecosystem.
“
Cydome has made a dent in the universe with its solutions. Nir says, "Where there is an industry with big problems, there is an opportunity to build a big business providing the solutions." The global shipping industry is massive and at-risk; figures for 2019 show that 11 billion tons of cargo worth $11
trillion were moved by 98,000 ships. Such big numbers attract unwanted attention, and Cydome detects and prevents thousands of attacks each day on clients' vessels.
Unique Approach
Cydome's strategy has always been to invest in research and development to create original, innovative, and proactive solutions. Nir mentions that the early days of cyber defense were limited to detection and reporting; proactive defense and protection, combined with an always-on approach to monitoring, is the way forward.
Cydome is developing and implementing several methods to support the challenges of the maritime industry, such as Machine Learning (ML), which uses Big Data to provide effective detection and defense against attacks. It focuses on developing automated tools to bring a new level of ease-ofuse in the event of cyber incidents that happen in real-time. Nir asserts, "As automation is the future, we have also brought it into our compliance tool, which is specifically aimed at regulations for maritime cybersecurity, including IMO 2021.”
Prepared Mindset
The cybersecurity world is dynamic and changes constantly. Attackers exploit vulnerabilities, and defenders detect and protect the protected assets. Technology, in general, is also advancing very rapidly - creating opportunities for more zero-day exploits.
Machine learning is a powerful tool that will take this catmouse scenario to an entirely new level when attackers use ML to launch new complex, difficult-to-detect types of attacks.
Cydome is already developing and using AI to monitor and search for signs of anomalies that suggest a complex attack.
What Comes Next?
Currently, Nir is focused on building Cydome into the leading cybersecurity provider in the maritime sector. To do so, the approach of the company will continue to focus on the security of the entire supply chain, which involves protecting fleets, ports and offshore facilities. Without these parts having proper, ongoing defence against cybercriminals the entire maritime ecosystem is at risk. Cydome will continue championing this integral proposition for the benefit of the entire supply chain and economy.
Words of Experience
Nir advises budding entrepreneurs aspiring to venture into the cybersecurity niche to research extensively. He says, "Understand and validate the problem and know your users. And the most important thing - build a diverse and creative team that will complete each other. Plan to build a solution to a real and significant problem and develop a strategy to be the best provider of that service."
Nitesh Sinha Founder, and CEO Sacumen
Nitesh Sinha Nitesh Sinha
A Rising Phoenix Safeguarding YOU Digitally
he Cyber security space is transforming the ways Tbusiness operates, spreading its roots deep enough to increase accessibility and detect and protect data from potential threats. The leaders in the niche are mapping a framework that can help businesses develop innovative security products. Providing a trusted array of services to help companies stay ahead of the curve, NiteshSinha founded Sacumen.
As the CEO, Nitesh is passionately transforming the perspective of the security industry by becoming the trusted enabler and differentiator. He works with Security Product Companies to assist them in facing ever-evolving security challenges, competitive market, and ever-changing business dynamics.
Sacumen aims to be the leading Global Security Product Engineering and Services company by helping its client stay ahead of the curve because of the ever-evolving security challenges by providing innovative security solutions, generating more excellent value for its customers.
Sowing Start
Following a traditional professional journey, Nitesh went through the struggles that most people do, but his humble yet constant rise through the ranks makes his entrepreneurial journey distinctive. However, he wanted to do something more to contribute his expertise in the cybersecurity space. When the stars aligned, he came across Clarion Venture Partners, who reached out to Nitesh to build a company specializing in security services; thus, Sacumen came into existence.
Nitesh has always been a risk-taker, and by the Sacumen was born, he had garnered enriching experience of running business learning from his previous jobs. Coming from a developer background, he developed security products and solutions. Though, his technical expertise came in handy to shape Sacumen to be the company that can pivot faster, with a diverse skillset.
Sprouting Roots in the Desert
The COVID-19 Pandemic came with waves of unprecedented disruption that wiped out much business. Although, it also was a blessing in disguise for many companies, and Sacumen was one of them. The entire business culture shifted to working remotely, becoming a boon for Nitesh. It was precisely the set of the things Sacumen offered solutions for validating their business offerings. Sacumen has worked with cyber security companies to become specialists in building connectors, pairing with integrations of security product companies and non-security product companies from day one.
“ “ We're here to put a dent in the Cybersecurity Universe. Otherwise, why else even be here.
Sacumen's offerings became the differentiator in the cyber security niche that helped it survive the Pandemic and continue to rise with 100% year-on-year growth. Nitesh asserts, "I think the key thing is to be much focused there and be that master in terms of doing what we are offering to our customer. Be that specialist where customers can trust us blindly to the things, we are building it for them, it needs focus and commitment, and we have all of it exhibited at Sacumen.”
Today, Nitesh's leadership has positioned Sacumen in its field with strengthened roots becoming a true differentiator in its offering for cybersecurity product companies.
ATrustful Impact
In the pursuit of being the best of best, Sacumen is leaving a dent in the universe with connectors, third-party integration, and developing products for security companies to understand their use cases. Sacumen has an extensive partner system, where it can figure out partnerships, access
the acquired product, and license to deliver a robust delivery process in terms of how it operates. Under Nitesh's leadership, Sacumen has cemented itself to provide fastpaced solutions with high-quality and reduced costs.
Nitesh is dedicated to completing the project with unmatched efforts and moving on to the next one to be on a continuous learning curve. He has implemented a culture where everyone takes complete ownership of their work at a threshold level to the top one. Nitesh believes taking ownership challenges every employee to keep innovating and move forward.
Nitesh values fairness very immensely apart from teamwork and delighting customers. However, he is very particular about the commitment and sticks to being transparent to take the business to newer feats.
Automation: The Next Significant Change
The world is moving towards automation, and Sacumen will play an essential role in connecting various systems with its security products and services. The ability to sort of have a real-time detection of the security threat or attack and bring able to respond with minimal manual integration will create a massive wave of transformation to this ecosystem. Nitesh states that Sacumen is headed to that potential future to be the company that provides all the digital security solutions under one roof.
Over the Horizon
In the long haul, Nitesh envisions Sacumen as 50% services-based and 50% product-based. Sacumens solves a specific problem of integrations for its customers and aims to continue doing so. Nitesh asserts, "We are very clear that we would want to be so far the powerhouse of connectors for our customers. Once the trust is built up, you start to do more on the other set of product engineering work, exciting things on machine learning. It just a matter of continued focus to achieve that more year-on-year growth to be the player where any time you talk about security, Sacumen will be a synonym to security when people talk about it.”
A Learner's Advice
Nitesh advises upcoming entrepreneurs aspiring to venture into the cybersecurity space to be prepared for changes as it is the industry's norm. In his concluding thoughts, Nitesh says, "If you want to be a successful entrepreneur, your ability to say no is much more important than the ability to say yes to things. Because there'll be many opportunities where it will just distract from your focus to what you are trying to solve, so as long as you are clear with your vision of it and what problem you are trying to solve with it, you would be successful."
