This article was originally written by David Leichner and published in Authority Magazine. Read the original article here.
The cybersecurity industry has become so essential and exciting. What is coming around the corner? What are the concerns we should keep an eye out for? How does one succeed in the cybersecurity industry? As a part of this interview series we had the pleasure of interviewing Jade Catalano.
Jade Catalano is the Security Strategist and Head of Product Marketing at Anvilogic, a Palo Alto-based cybersecurity startup founded by industry veterans from the likes of Splunk, Proofpoint, Symantec, etc. The flagship product is a collaborative, no-code intelligent platform that automates the detection engineering workflow by helping SOC teams assess their environment and quickly build/deploy attack-pattern detection code resulting in highly accurate & enriched alerts for automated triage & response.
Thank you so much for doing this with us! Before we dig in, our readers would like to get to know you a bit. Can you tell us a bit about your backstory and how you grew up?
I grew up in a single parent household in the Bay Area. As a result, I had to be resourceful and learned the value of hard work from a young age. From taking apart computers and other technology to try to fix them to starting a lawn mowing business, I was always learning and was very resilient.
Before college at Cal Polytech, I took a gap year in New Zealand and then went on to pursue my passions — engineering and technology. I worked for Splunk for a decade and wrote my first API while I was there. My passion was taking technical concepts and making them digestible. From here, I started learning about security. My love for startups and coming together with teams to translate and solve big problems led me to my current role as Security Strategist and Head of Product at Anvilogic.
The common thread across my education and now career paths was being a woman in male dominated industries. I may have taken a different path to get here, but I made it.
Is there a particular book, film, or podcast that made a significant impact on you? Can you share a story or explain why it resonated with you so much?
A book that had a significant impact on me was Untamed. It resonated because the core concept of the story is that at any point in your life you can push forward and learn/grow yourself and anything you put your mind to. The book talks a lot about “Following your knowing.” As a highly logical person, I find this reminder to compare my instinct against my gut when things don’t feel right.
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
It is not so much a single story, but the culmination of many individual stories that led me to pursue a career in cybersecurity. Many conversations don’t even consider the security side of things, and gathering like-minded folks is not going to be what finds and fixes problems. I enjoy finding the foundational principles that actually help organizations, like getting the data needed to create real change. The invisible side of security is helping people to do their job better.
Are you working on any exciting new projects now? How do you think that will help people?
At Anvilogic my work centers on helping people detect breaches sooner so that the response and remediation can be done faster. We use AI to build detections. We understand data environments and are able to correlate them. This is the game changer for our customer. It helps them do their jobs better (through early detection) and keeps the “bad guys” out sooner.
This helps junior-level security staff learn security and upskill, and it gives a better work/life balance to practitioners who used to have to be more “on call” to handle issues that arose on nights, weekends and more.
Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry seems so exciting right now. What are the 3 things in particular that most excite you about the industry? Can you explain or give an example?
Three things that excite me most about the industry are:
- It’s a tipping point for security. For so long we needed more data, and now we arguably have too much. Now we need to optimize that data for our environments.
- We have the ability to use automation and AI to sift through the clutter and get the highest fidelity alerts. We all get too many emails and notifications. Now, we are able to apply different principles to figure out what is a fire and what’s smoke.
- We have the triangle: APIs, automation and AI needed to deliver the next level optimization and operationalization of security.
What are the 3 things that concern you about the Cybersecurity industry? Can you explain? What can be done to address those concerns?
- The first concern is that folks are running really fast and will be tempted to jump on the “next shiny thing” like detection as code, as one example. The industry is filled with buzzwords and new solutions. It is important to innovate and move forward to have better detections, but don't jump on the next new thing without understanding what is best for your security posture. Always have a north star: stopping the bad guys.
- The second thing that concerns me is the lack of diversity and churn in the industry. Lots of leaders want diverse teams, but they are moving so fast they aren’t able to properly achieve this goal or properly support the diverse talent that is in place. This is not a pipeline problem, it’s a process problem.
- Lastly, jargon concerns me. On the customer side, it is hard to trust (and fully understand) what people are saying when you are looking to buy products. The different vernaculars being used also makes it difficult to stand out in a crowded space.
Can you share how you are helping to reshape the cybersecurity industry?
I am in a position to talk about security and help promote other people in the industry . I help women in this industry to amplify their voices, whether that’s a customer or a contact I meet at a conference. I encourage people to share their knowledge and talents, whether that means speaking at conferences, or spotlighting the success of their projects.
As products, devices and vehicles become connected, this is creating a new and emerging threat vector. How do you think manufacturers and their customers should prepare to be as safe as they can be?
Manufacturers and customers should prepare for emerging threat vectors by:
- Implementing continuous monitoring and threat detection using machine learning and AI-driven tools to detect any malicious activity on the devices.
- Regularly updating devices with the latest security patches and configure them securely, and be vigilant for any suspicious behavior, such as unauthorized access or data exfiltration.
- Manufacturers should provide clear and concise security guidelines and best practices to their customers to help them secure their devices and stay protected against emerging threats.
- Manufacturers should also implement a Secure Development Lifecycle (SDL) and conduct regular vulnerability assessments and penetration testing to identify and remediate potential security flaws in their products.
Can you share a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?
I’ve worked closely with internal teams at organizations to train employees on cybersecurity best practices, put materials on proactive threat mitigation in place and build response plans. Having a response plan can minimize the impact of a breach and help to more quickly restore normal operations. Response plans need to continually be assessed as organizations and new roles/people join the team to avoid delayed response times, unnecessary mistakes and confusion. The plan should include steps for isolating the breach, identifying affected systems and data, and notifying relevant parties in order to minimize legal or reputational consequences.
As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a layperson can see or look for that might indicate that something might be amiss?
Most organizations should have systems in place to monitor and help detect suspicious activity or unauthorized access attempts, such as IDS, IPS and SIEM. Breaches or hacks still occur even for those who are best prepared, and it can take some time for them to become aware of it. However, there are some signs that a layperson can look for to indicate that something might be amiss. A couple signs to look out for:
- Unusual Account Activity: If you notice any unusual activity, such as login attempts from unknown locations or changes to your account details that you did not make, it could be a sign of a breach. Be sure to check your account activity regularly.
- Pop-Ups or Suspicious Emails: Receiving pop-ups or emails that seem suspicious or are asking for personal information or login credentials could be a phishing attempt. These are often used to gain access to your accounts or install malware on your computer. Be wary of any unexpected emails or pop-ups and avoid clicking on links or downloading attachments unless you’re sure they’re safe.
After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?
A company should first contain the breach and assess the damage to determine the scope of the incident. They should then notify affected customers, enhance security measures, review and update policies, provide support to affected customers, and conduct a post-mortem analysis to learn from the experience and improve their response plan.
What are the most common data security and cybersecurity mistakes you have seen companies make? What are the essential steps that companies should take to avoid or correct those errors?
The two most common data security and cybersecurity mistakes that companies make are:
- The number one and biggest mistake is not investing in cybersecurity. Failure to invest in cybersecurity can result in devastating consequences, including financial losses, legal liabilities, and damage to brand reputation.
Ways to correct or avoid these mistakes:
- Start to understand security risks for your organization, along with the security vernacular and ways to incorporate security throughout the business.
- Ensure that someone who knows security has a seat at the table and can clearly provide guidance on what needs to be implemented.
- Allocate appropriate resources, such as budget and personnel, to implement effective cybersecurity measures.
- Conduct regular risk assessments, implement best practices, and stay up to date with the latest threats and trends in the cybersecurity landscape.
- The second common mistake, which is often a consequence of the first, is a lack of visibility or knowledge of data and environment, which can lead to security blind spots. This makes it difficult to detect and respond to threats. It’s important for organizations to have a comprehensive understanding of their data and where it resides, so they can effectively implement security measures to protect it.
Ways to correct or avoid these mistakes:
- Having continuous measurement and understanding of your detections and coverage across your logging platforms, data lakes and tools.
- Take insights from the metrics and measurement to frequently assess and prioritize against your greatest threats and risks to the business.
- To correct these mistakes you can start to implement threat detection and hunting practices along with making sure your tools like SIEM, XDR, etc. are being provided with the right detection and data and you have a solution that can provide centralized visibility and analysis of security-related data across your organization’s systems. This can help you to better detect and respond to security incidents in near real-time.
Thank you for all of this. Here is the main question of our discussion. What are your “Five Things You Need To Create A Highly Successful Career In The Cybersecurity Industry?
1. Engage with the cybersecurity community: Security is a tight knit community that learns and helps from each other. Companies and individuals can benefit from engaging with the cybersecurity community to stay up to date with the latest trends, share best practices, and build relationships with industry experts. This can help them stay ahead of emerging threats and build a stronger cybersecurity program.
- Example: Attending industry events, meeting people to work on a joint project or even present findings at a conference, joining professional associations, and participating in online forums can all help you build your network. One of the reasons I got into cybersecurity and stayed was because of the community around me being able to ‘nerd-out’ and learn from past, present and future experts.
2. Gaining practical hands-on experience in cybersecurity is one of the best things anyone can do no matter what their role in cybersecurity. Understanding the importance and the basics of security can go a long way in creating a foundation for a career in cybersecurity.
- Example: There’s internships, classes from industry experts like SANs, entry-level positions, or volunteer work can help you gain valuable experience and learn from experienced professionals in the field.
3. Continuously learn and stay up to date: The cybersecurity landscape is constantly evolving, so it’s important to stay up to date with the latest threats, trends, and technologies.
- Example: Every six months there seems to be a new threat or new threat vector. Being able to continuously learn and upskill through training programs, partnering with peers, attending conferences, and participating in industry events can help you stay ahead of the curve and build a successful career in cybersecurity.
4. Developing soft skills are also essential for success. Strong communication skills, problem-solving abilities, and teamwork skills can all help you effectively collaborate with others, explain complex concepts to non-technical audiences, and navigate complex security challenges. Developing and refining these soft skills can help you become a well-rounded cybersecurity professional and advance in your career.
- Example: You can start showcasing your knowledge and participate in the industry knowledge share and internal to your organization. Sharing is caring and is a two-way street. This also allows you to build the soft skills and get noticed by people who can help you continue to be successful. Success is a group skill.
5. Developing a specialization since cybersecurity is a broad field with many specializations.
- Example: Developing a specialization can help you stand out from the competition and become an expert in a particular area. This can involve pursuing specific certifications, gaining experience in a particular area, or focusing your education and training on a specific specialization. I’ve taken part in SANs courses/certifications, as well as, have a deeper understanding of security operations, data analytics, foundational security, threat detection, and fraud. The deeper understanding of these areas has allowed me to work cross functionally with teams and customers with specific challenges around these areas.
We are very blessed that very prominent leaders read this column. Is there a person in the world, or in the US with whom you would like to have a private breakfast or lunch, and why? He or she might just see this if we tag them :-)
Sheryl Sandberg, and here’s a few of the reasons why and what I would love to chat with her about:
- She has extensive leadership experience managing teams and navigating complex organizational structures — and getting direct insights into specific areas could help provide effective ways to grow/ foster/apply leadership strategies.
- She’s a prominent figure in the tech industry and an advocate for increasing the number of women in tech. Talking about how to overcome gender-based barriers in the industry and how to foster an inclusive work environment with her would be awesome.
- Also known for her book “Lean In,” she discusses the challenges women face in balancing their personal and professional lives. Talking through ways to achieve work-life balance and prioritize personal well-being while still pursuing a successful career.
- I’m sure we’d laugh over some stories from the trenches and I’d love to hear stories from before she was ‘known’ to get some tips and tricks for life and work.
Thank you so much for these excellent stories and insights. We wish you continued success in your great work!
About The Interviewer: David Leichner is a veteran of the Israeli high-tech industry with significant experience in the areas of cyber and security, enterprise software and communications. At Cybellum, a leading provider of Product Security Lifecycle Management, David is responsible for creating and executing the
marketing strategy and managing the global marketing team that forms the foundation for Cybellum’s product and market penetration. Prior to Cybellum, David was CMO at SQream and VP Sales and Marketing at endpoint protection vendor, Cynet. David is a member of the Board of Trustees of the Jerusalem Technology College. He holds a BA in Information Systems Management and an MBA in International Business from the City University of New York.