Can you share a little bit about what it is that you do and what a typical day for you is like?
For the past two and a half years, I have been driving Nozomi Networks’ EMEA marketing strategy and execution. Recently, I moved to a Global Partner Marketing Director role where I now develop and promote strategies to enhance our overall go-to-market engine via partners worldwide.

A typical day starts with a coffee or two, and between an email and another, I build and execute plans with our partners to enhance our go-to-market engine. If I had to assign a word to my job, I think “alignment” would be the first one to come to my mind: aligning internal stakeholders, partners, and vendors toward the same goal.

On the way, I don’t forget to have some good fun with the people around me.

Did you always know that working in the industry you represent was what you wanted to do? How did you decide on it?
I wanted to be so many things, including a vet, but I never dreamt of a career in marketing – I remember disliking the marketing modules in college. I found them very theoretical at the time and B2B marketing was still overlooked.

I then happened to move to the UK for personal reasons, without a job and no knowledge of English. But I managed to secure a small internship in Xenomorph, a data management solution for financial companies. I started working on their CRM, helping with cleaning data, when the CMO spotted my dedication and willingness to help (I believe) and took me under his wing. He started involving me in their marketing, PR, and sales and this is how I started my career. I am very grateful to Xenomorph’s founders for giving me that opportunity.

What first got you interested in the industry you work in?
I moved to Paris, where I was called for an interview by Palo Alto Networks. I had no knowledge of the security space and went to the interview thinking it was “just a company” I had never heard of. I fell in love with the passion of the hiring manager, Karen Beaune. We connected immediately and then realized what was presented in front of me was a huge opportunity for a leading cybersecurity company.

While in college I couldn’t connect what marketing was for. Working in cybersecurity, I started seeing the mission behind my job, the importance of protecting critical infrastructures, hospitals, smart cities, manufacturing, and more. It has a real impact on our lives and I started feeling part of a bigger picture.

It is also nice to see how my kids are interested in what I do and intrigued by this world that they started facing way earlier than I did.

Do you have a role model?
That would certainly be Karen Beaune, my hiring manager at Palo Alto Networks.

What obstacles did you have to overcome?
I consider myself lucky as I had the chance to be surrounded by great professionals and supportive managers. I would say organization can prove tricky; the workload is often high in this industry. We are confronted with many initiatives, several projects at the same time, long hours sometimes, and trips. Marketing is interconnected with sales, so the pressure on targets is perceived and shared. Planning helps with not feeling overwhelmed.

What advice would you give to a woman considering a career in the industry you represent? What do you wish you had known?
Join the space and stay in it! It’s amazing how this industry is continuously innovating and flourishing. Every day is different and the opportunities in the market keep growing. Don’t be shy, ask to be involved in projects out of your scope, it’s a learning opportunity. Had I known earlier what I would have done in my life, I would have spent more time deep diving into the technology aspect.

What do you do to unwind after work?
My friends would say “a good glass of Prosecco”, but on top of that: I am a big fan of Pilates and Gyrotonic, I like travelling with my family, taking the dogs out, and a good book on the couch.

Maya Horowitz, VP Research at Check Point Software Technologies, says that organisations should carry out women mentoring programs

Tell us about yourself and your current job role.
I’m the VP of Research in Check Point Software Technologies. Check Point Research (cp<r>) is in charge of analyzing the cyber threat landscape, making sure our customers are protected from the state of the art of cyber-attacks, as well as identifying new malware, campaigns and vulnerabilities and publishing them for the benefit of the entire security community.

Tell us about your journey into the security industry. Was the security industry your first choice?
I got into the cyber industry through my 10-year-service in the Israeli Defense Forces. It wasn’t my first choice, which is why my studies were unrelated to cyber or high-tech at all; I studied psychology and business management, and my thesis was related to cancer research. After completing my master’s degree, I joined Check Point Software based on my background from IDF, and I’ve been here for the last 7 years.

During your tenure in the security industry have you experienced major changes the industry has gone through?
The most overwhelming change in the cybersecurity industry is the growing number of start-up companies and point solutions. It’s almost as if every new cyber-attack is grounds for a new company, which means that to be protected against all attacks – organizations allegedly need to work with an infinite number of security providers. Check Point Software, aims at providing a more holistic solution, and I believe this is the future of the industry – moving back to consolidation, to avoid having to chaise numerous products.

Are there any challenges you face on a day-to-day basis working in this industry?
As a woman in the industry, and especially as a senior manager, I often find myself to be the only woman in the room, which can get a bit lonely. On the other hand, it also means that I am different, and this can actually mean that my voice is different and it’s easier to be heard and remembered.

I also think that while there is no glass ceiling, the way to the top is certainly harder for women. As men’s behavior is more the manager stereotype (based on decades of male leadership), we have to work against the stereotype and prove that we are worthy managers, usually to our male managers who appreciate the stereotype.

And interestingly, the stereotype doesn’t only apply to the managers, but also to the candidates. Too often I find myself trying to convince a female employee or mentee that she is more than capable of a managerial or professional promotion. I consistently see insecurities and exaggerated perfectionism in super-qualified women, and I wish we would take these leaps of faith in ourselves as easily as men do.

What sort of future do you foresee for the security industry as a whole?
The cybersecurity industry will keep doing the cat and mouse game with the hackers – with new attack tricks, new protections will emerge, and vice versa. Like in a physical war, this will keep happening until a real tie-breaker is invented – the nuclear power of technology which will be a game-changer. What will it be? Quantum computing? New implementation for blockchain? Time will tell.

What more needs to be done to welcome more and more women into the security industry?
From a very young age, essentially from the moment we are born, girls are less exposed to technology – while our brothers get to play in robots, we would typically get a barbie doll for the present. We are later less keen to join the “boyish” majors in schools like computers, physics, and mathematics, and the same later in university.

And so, unfortunately, by the time we get to the age where we start our career, it can be too late to divert our path to technology. I was lucky enough to be “forced” into technology as part of my military service, which made me understand that this is where I belong, but I could have easily missed this opportunity otherwise.

In other words, the burden of welcoming women into the security/technology industry actually falls on parents, as well as kindergarten and elementary school teachers, to not limit girls’ toys, hobbies, and perspectives. Still, the industry can do at least a few things to encourage women to join – while I don’t believe in affirmative action, managers should proactively seek to employ amazing women as part of their organizations, and give equal chance.

Some examples are emphasis on using gender-neutral phrasing in job descriptions, advertising in women tech forums, and even making sure the candidate is exposed to female peers/managers in the hiring process. And eventually, to avoid drop-outs of women who look around and don’t see their likes, it is also important for organizations to carry out women mentoring programs.

Carolyn Crandall, the Chief Security Advocate at Attivo Networks, is of the opinion that companies should set up mentorship programs where women in power educate the next generation of security executives

Tell us about yourself and your current job role.
My name is Carolyn Crandall, and I am the chief security advocate and CMO at Attivo Networks. I have over 30 years of experience building new markets and successful enterprises infrastructure companies such as Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate.
Taking companies from pre-IPO to multi-billion-dollar sales has earned me recognition as a global thought leader in technology trends.

I have specialized in developing strategies and solutions for my clients in operations, digitalization, and security. I am highly passionate about educating my customers about shifting to an active security defense that prevents and derails cyberattacks, thus mitigating the risk of a breach.

As the chief security advocate, I’ve focused on raising awareness on the importance of – and inherent market need for – a modern security defense that addresses an ever-evolving environmental and threat landscape. I consistently advocate for proactive vs. reactive cyber defenses and have become a major advocate for an identity-first security posture.

I’m able to use my platform at Attivo to educate enterprises about the need for new cybersecurity measures and what new innovations can be deployed to address them. With the concept of perimeter defenses dissolving, the focus now shifts to identity-based innovations that accelerate detection and response to advanced, credential, ransomware, and insider cyberattacks and for better protection of emerging attack surfaces including cloud, the internet of things (IoT), medical IoT and interconnected operational technology (OT) environments.

Additionally, I serve as an Advisory Board Member for the Santa Clara University Executive MBA program and co-authored the e-book Deception-based Threat Detection, Shifting Power to the Defenders.

Tell us about your journey into the security industry. Was the security industry your first choice?
I have always been interested in technology and studied Electrical Engineering and Computer science at Santa Clara University. My studies in college sparked my interest in pioneering technologies, and I made sure to keep hot technology companies on my radar and follow their news to stay informed.

My security journey has been filled with many wonderful opportunities, teams, products, and solutions. Almost six years ago, I joined Attivo Networks. Since then, I have made it my mission to spread awareness of good cybersecurity practices across organizations alongside Attivo Networks.

During your tenure in the security industry, have you experienced significant changes the industry has gone through?
Since I started with Attivo Networks, there has been a drastic rise in credential attacks. As the business landscape has changed significantly since 2015 due to the further adoption of digital transformation rapidly so in the past two years, this has exposed security vulnerabilities and has given threat attackers a playing field that is ridden with possibilities for cybercriminals to target organizations.

This has ultimately resulted in significant global financial losses as they exploit companies in exchange for the safekeeping of the stolen data. As more news of ransomware due to credential attacks arises regularly, the security industry draws the need for advances. Attivo Networks has recently introduced a new cybersecurity category called Identity Detection and Response (IDR). This category addresses the need for better protection against credential-related threats.

Are there any challenges you face on a day-to-day basis working in this industry?
Debunking the misconceptions in cybersecurity is one of the biggest challenges we face. Proving ROI is also a constant challenge for any security control. With Attivo’s solutions, the value comes in early detection, being informed when existing security controls fail, and in the operational management of an alert. Efficiency savings are fairly easy to calculate but assigning a savings amount to early detection or breach avoidance can be a harder dollar figure to define.

What sort of future do you foresee for the security industry as a whole?
As organizations have both accepted and embraced the digitalization of most services, this means that cyber threats will continue to evolve no matter the defenses put in place. There will be an additional need for better in-network detection to disrupt and derail attackers before they can cause damage.

As time goes on, companies will begin adopting a prevention posture instead of dealing with the consequences of a successful attack. As defenders, we need to keep up with the TTPs of the sophisticated actors and update our systems and technologies to keep up with them. With identity-based attacks on the rise, today’s businesses require the ability to detect when attackers exploit, misuse, or steal enterprise identities.

This need is particularly true as organizations race to adopt the public cloud, and both human and non-human identities continue to increase exponentially. Given the penchant for attackers to use credentials and leverage Active Directory (AD), it’s becoming more critical to detect identity-based activity.

What more needs to be done to welcome more and more women into the security industry?
The technology field has been saturated with mostly men, as very few high-level opportunities were available or pursued by women. Top executives need to start the conversation and empower women to pursue this career path to make the security industry a more inclusive space for them. This can be done by setting up mentorship programs where women in power educate the next generation of security executives.

Creating women-oriented programs and initiatives that include workshops on the security industry can generate interest in the participants. When larger organizations set up this type of program, it is often beneficial to provide internship or job opportunities to those who demonstrate a genuine commitment to the inclusion of women into the field, ultimately benefiting from talented resources.

Suzanne Al Najjar, the Channel Manager for the Middle East at A10 Networks, says that there’s nothing in the world that is free of challenges

Tell us about yourself and your current job role.
I have always been very passionate about the technology industry which leads me to choose a career in this field. Currently, I lead the regional channel business for A10 Networks in the Middle East. The role involves developing and implementing a channel strategy and strengthening relationships with our partners.

As a company, we focus a lot on education and training and I oversee our partner enablement program. What I love most about my job is networking and face-to-face interactions with partners, but with the current pandemic, this has been a big challenge over the past year and a half.

Tell us about your journey into the security industry. Was the security industry your first choice?
I wouldn’t say that security was my first choice, but the progression through my career in the technology field led me to where I am today – in the highly fascinating world of IT security. I started working in the IT field in 2014 with a distributor for network and network security products.

I then joined a system integrator as a territory sales manager, tasked with the role of expanding their market coverage. Following that, I joined Micro Focus to support the company in growing its business in Saudi Arabia. I then landed a Channel Account Manager role at A10 Networks in March of last year – a position that I currently hold and am perfectly suited to.

During your tenure in the security industry have you experienced major changes the industry has gone through?
I believe that there are at least three major things that have changed:

• The rapid advancement of the Internet of Things (IoT) has had a huge impact on the security industry over the past decade. Millions of connected devices are creating new entry points to the network and therefore posing increasing security and privacy risk.
• The current pandemic has accelerated the digital transformation plans for a majority of regional enterprises and as they embrace technologies like the cloud to enable the hybrid workplace, there is an increased sense of urgency to implement the latest technologies and practices to secure the organizational network.
• In my experience women have had to work very hard to prove themselves. Especially in male-dominated industries like technology, for instance, this has historically been a challenging task. But this is changing and today, women are embracing major roles across all fields, including IT security.

Are there any challenges you face on a day-to-day basis working in this industry?
Actually, there’s nothing in the world that is free of challenges, but I am a positive and competitive person and the thought of overcoming a difficult task greatly motivates me. I see challenges as a stepping stone in my journey to becoming stronger and more successful.

What sort of future do you foresee for the security industry as a whole?
No doubt, cyberattacks will increase in frequency and sophistication in the future. One of the major innovations driven by 5G is the implementation of multi-access edge computing (MEC). Building intelligence into the edge will boost the availability and efficiency of 5G networks. However, keeping the global cybersecurity trends in mind, we can see that the intelligent edge might be hijacked by attackers for launching different kinds of attacks.

2020 was the year of understanding what the Zero Trust model is in a practical sense. We believe that the concept of Zero Trust has reached a level of maturity and clarity where it will be effectively adopted and implemented by many organizations in 2021 and beyond and that it will become the go-to security model for all types and sizes of organizations.

Since 2020 forced most of the workforce to work remotely, attackers have been experimenting with new ways of exploiting security loopholes or shortcomings exposed by these rapid changes. This accelerated and will continue to accelerate the development and adoption of Secure Access Service Edge (SASE) solutions.

What more needs to be done to welcome more and more women into the security industry?
As mentioned earlier, the age-old mindset of technology being a male-dominated field is breaking down. Women today in most developed countries across the globe are given equal opportunities when it comes to education and careers. We as women have to change our mindsets and believe that we can be dominant in any field that we choose, including IT security, if only we are well educated, innovative in our outlook, and persistent in our desire to reach the top!

Unnita Sonake, the Practice Lead for Data Analytics, at SpireData, says that the stereotype that STEM is better suited to men seems to still persist in many countries

Tell us about yourself and your current job role.
I lead the Practice for Big Data and Data Analytics at SpireData, where we work on Cybersecurity Analytics, Risk Analytics, and Security Data Lake projects.

Tell us about your journey into the security industry. Was the security industry your first choice?
Analytics is my first choice but analytics has many applications within the cybersecurity landscape. So I deal with Cybersecurity Analytics and primarily Security Data Lake projects. A security data lake (SDL) is a security-focused data management tool that provides the ability to ingest data from many diverse security tools and then utilise this data for cybersecurity analytics.

During your tenure in the security industry have you experienced major changes the industry has gone through?
Yes, of course! The industry is getting mature and has undergone changes from reactive action to proactive action to predictive attacks to now developing data Lake to identify, prevent security threats, and analyse attacks.

Are there any challenges you face on a day-to-day basis working in this industry?
The major challenges are real-time analytics and data infrastructure required to implement the real-time analytics, fast and easy implementation, and end-point monitoring.

What sort of future do you foresee for the security industry as a whole?
The cybersecurity market was valued at $156.24 billion in 2020, and it is expected to reach $352.25 billion by 2026, registering a CAGR of 14.5% during 2021-2026 with increasing investments going into AI, Machine Learning, and IoT application in the security industry.

What more needs to be done to welcome more and more women into the security industry?
It’s not just for the security industry but the stereotype that STEM is better suited to men seems to still persist in many countries. Women being underpaid compared to men and the lack of enlightened generation of hiring managers and C-Suite officers is needed to welcome more and more women.

Layale Hachem, the Solutions Engineer at BeyondTrust, says that while technology was her first choice, cybersecurity was a great discovery along the way

Tell us about yourself and your current job role.
I was born and raised in Lebanon, and throughout my childhood, I was always curious about technology in general and electronics in particular. I spent my early days breaking and fixing any electronic device I could find (and was allowed to break).

This interest led me to pursue a degree in engineering, so I majored in telecommunications and networks engineering. Right after my graduation, I was offered an opportunity to work with a technology distributor operating in the Middle East and North Africa (MENA) region.

This role introduced me to different cybersecurity technologies, from endpoint security to backup, network, and cloud protection. It also gave me the chance to gain pre-sales experience in different markets across the region.

In my current role, I handle the pre-sales activities for BeyondTrust, the leader in Privileged Access Management solutions, across Qatar, Kuwait, Oman, Bahrain, Egypt, and North Africa. The part I enjoy most about my job is discussing with our clients their security strategies and helping them meet part of their security and compliance requirements.

Tell us about your journey into the security industry. Was the security industry your first choice?
Technology was my first choice, but cybersecurity was a great discovery along the way. Back when I was in college, I was blind to the opportunities that are presented to individuals in this field, and I am lucky that my path led to where I am today.

During your tenure in the security industry have you experienced major changes the industry has gone through?
What’s great about this industry is that it always adapts itself to new technologies and new threat actors/vectors. Changes in the technology world are rapid and very frequent, and cybersecurity technology providers need to keep up. One good example of a major change is the move to the cloud that we have witnessed over the last few years.

This transition brings a lot of benefits to organizations, but it also comes with new attack opportunities. This new type of infrastructure forced all security companies to adopt cloud-specific security solutions and accompany their customers in their journey to the cloud.

Other major changes include the rise of attacks in IoT and OT environments, changes in the market defence strategy such as the application of the zero-trust model, adoption of multi-cloud protection solutions, the identification of new vulnerable attack targets such as remote workers, and much more.

Are there any challenges you face on a day-to-day basis working in this industry?
Possibly the greatest challenge is to stay up to date with all the new trends and innovations in the market. Cybersecurity is an exciting, but equally challenging, career path and constant technology learning is a big part of it. The challenge becomes finding the right balance between satisfying the business need and focusing on personal development and growth.

What sort of future do you foresee for the security industry as a whole?
This industry is only going to get bigger, and it will keep creating a lot of work opportunities for individuals. Statistics show that cybercrime is expected to cost the world $10.5 trillion by 2025 while the cybersecurity skills gap will remain an issue.

As a result, machine learning, data analytics, and artificial intelligence have started to and will continue to contribute to cyber defence strategies by providing the needed threat identification that can be acted upon by cybersecurity professionals. Meanwhile, cybersecurity vendors will keep releasing solutions to the market that take into consideration the security challenges associated with modern dynamics such as hybrid architectures, distributed data, cloud applications, and remote workforce.

What more needs to be done to welcome more and more women into the security industry?
I think the world is ready for more women in cybersecurity. In fact, we have done a good job of earning our places in the field and proving that women can excel in a male-dominated industry. I truly believe we are starting to witness a change and the proof is that we hear about a lot of female success stories in the field.

Companies are doing a great job promoting gender equality, but we also need to reach out to the younger generation in schools and universities. This can be achieved by extending cybersecurity community memberships to young girls, promoting cybersecurity events such as educational camps and coding marathons, and most importantly sharing with them success stories about accomplished women in the field.

Kate Wotherspoon, the Marketing Manager at Authlogics, advises not to perceive the cybersecurity world to be extremely technical, as there is a multitude of varying roles within which women can adopt and embrace

Tell us about yourself and your current job role.
Media, motor trade, construction… I have had the opportunity to apply my marketing skills within a range of heavily male-influenced verticals, but the cybersecurity industry proves to be the most interesting, fast-paced, friendliest, and continues to provide the challenge I seek!

As a woman in cybersecurity, you are outnumbered with there still only being 20% representation globally (with the UK having one of the lowest at 8%). I began my career within IT by chance and have returned as the ‘technical translator’ for Authlogics who provides the most dynamic password security and multi-factor authentication to enterprises everywhere.

Tell us about your journey into the security industry. Was the security industry your first choice?
Having initially worked within the IT sector at the BBC, we focused on the development of the programming and scheduling of programmes broadcast through all television and radio channels. It was at a time that embraced the millennium (Y2K) milestone and oversaw the beginning of the digital broadcasting era which secured my passion for technology.

I was the only female within the department then and remain in the minority in the present day. With a lack of female role models, women do not actively seek out cybersecurity roles and as I have personally experienced, people’s perception of being involved in the sector is met with surprise! Women should be encouraged to become more involved in this industry as it offers a diverse spectrum of opportunities.

During your tenure in the security industry have you experienced major changes the industry has gone through?
The impact of COVID saw the world having to adapt almost instantly to new ways of working, selling, and surviving by adopting new digital strategies within virtual and remote environments. At the same time, cyberattacks rose rapidly impacting the healthcare sector in particular when they were most vulnerable and under pressure.

Therefore, the digital world changed almost overnight and while other industries suffered, the cybersecurity world grew substantially. Infosec companies, in the last 18 months, have seen the demand for securing businesses, their staff, and customers in a remote environment. At Authlogics, we have been able to assist with ensuring that companies adopt secure log-in procedures that ensure productivity remains stable and minimize the risk of data breaches and other related cyberattack scenarios.

Are there any challenges you face on a day-to-day basis working in this industry?
With cyberattacks on the rise, both individuals and organisations are at risk of becoming victims and the recovery can be costly and damaging. One of my favourites and most shocking statistics “over 80% of data breaches are associated with weak, stolen or reused passwords” does hit home when educating the end-user of the risks of poor password management.

At Authlogics, we have the ability to monitor, advise and remediate those with compromised credentials as our extensive password breach database holds over 4 billion records including 1.2 billion clear text passwords. Being able to offer customers peace of mind by simplifying and securing their digital identities is part of the daily duties we undertake, and I never cease to be surprised by the innovative ways of our technical team.

What sort of future do you foresee for the security industry as a whole?
When you reflect on how far technology has advanced within the last 30 years, it is so exciting to think as to where we will be in the future, there are so many innovative products and technologies out there that demonstrate the ability to evolve digitally but we do have to remember that what comes with new ways, we must protect ourselves at all times as no-one is ever safe.

What more needs to be done to welcome more and more women into the security industry?
As much as women perceive the cybersecurity world to be extremely technical, there are a multitude of varying roles within that women can adopt and embrace. I would encourage women to explore the possibilities of becoming involved and not to be deterred by the technical jargon that comes awash with it, as once you’ve deciphered and translated it, you’ll want to know more.

Working with Authlogics distributors, partners, and customers around the world, we have found it is important to embrace not only gender diversity but people’s culture and environmental background as our lives become more cyber-cosmopolitan.