My advice to any leader is to hire people that you trust implicitly. In security, trust is key. You have to trust the people you hire to handle very sensitive critical information and activities. The other side of the coin is a hot concept in security right now called “zero trust,” in which we trust nothing automatically. So, to be a good leader in security you have to learn to balance tricky trust thresholds. As women, we struggle against gender bias whether overt or subconscious. I was fortunate to grow up in an environment where the strength of women and their ability to accomplish great things was never questioned. People talk about the lack of women in technology and security is no different. Women tend to get bucketed into management or non-technical positions. Each time I walk into a room with technical people, I have to prove my technical knowledge to them. So, my advice would be: know your worth and have confidence.
I had the pleasure of interviewing Shyama Rose, the Chief Information Security Officer at Avant, a high growth financial technology company focused on lowering the barriers and costs of borrowing. Shyama is an accomplished Information Security leader with a 18-year track record for assessing risks and building ground-up security initiatives for Fortune 100 companies. With a unique blend of technical and business acumen, she has strength in building teams, world-class security initiatives, and mitigation controls for enterprise infrastructures and business applications. Shyama has a recognized ability in designing and implementing fully integrated security solutions to reduce corporate liability, enhance decision-making, and improve operational agility. She frequently speaks at and keynotes industry conferences and has been featured in Wired, New York Times, CNN and in Glamour Magazine as a top cybersecurity professional.
Thank you so much for doing this with us! Can you tell us a story about what brought you to this specific career path?
My interest in security was born out of sheer curiosity and wondering what my computer was doing and why. Security and tech professionals can generally be broken down into a couple of categories: breakers and builders. There are people who are great at taking software, networks and hardware apart to learn more about them. They are the kids who tore apart their electronics just to try to put them back together again. Then there are those who are great at architecting and building well-designed systems. I’m naturally a breaker, which is an easy fit for the security industry. Our job is to figure out how systems work and we often do that by making them NOT work. For me it’s much more fun to throw a plate on the floor than sit at a pottery wheel. One is more fun than the other depending on the type of personality you have.
In 2005 when I earned my computer science degree, I didn’t know a career in security was possible. I knew hackers who were doing cool things and I wanted to be one of them but I had no idea what that meant. At the time, I thought my only option was to become a programmer because certainly there weren’t many careers in hacking.
Security wasn’t a top priority for most companies at that time. So, I walked into a field that wasn’t well established and a career that wasn’t easy to navigate. But the flipside to every difficulty is the ability create opportunity. I was able to define my roles as they evolved. I knew that how it played out was up to me and I liked the freedom in that. It also gave me the opportunity to help shape what security should look like in an enterprise.
I ended up working as a security consultant for emerging tech companies in Seattle. It meant that I had the opportunity to be both a penetration and also a security program manager.
What do you think makes your company stand out? Can you share a story?
At Avant, we are carving out a new industry for ourselves and really defining the “fintech” space. Because fintech is emerging, the finance vertical is trying to figure out what it means and how it affects the industry. We’re taking a traditional, long-standing, rigid vertical and turning it into something new and progressive. We also have a team of really intelligent people, which is one of the reasons we’ve been able to be so progressive.
What advice would you give to other female leaders to help their team to thrive?
It’s tough to answer this question in terms of “female” leaders because we are all leaders in some form.My advice to any leader is to hire people that you trust implicitly. In security, trust is key. You have to trust the people you hire to handle very sensitive critical information and activities. The other side of the coin is a hot concept in security right now called “zero trust,” in which we trust nothing automatically. So, to be a good leader in security you have to learn to balance tricky trust thresholds.
As women, we struggle against gender bias whether overt or subconscious. I was fortunate to grow up in an environment where the strength of women and their ability to accomplish great things was never questioned. People talk about the lack of women in technology and security is no different. Women tend to get bucketed into management or non-technical positions. Each time I walk into a room with technical people, I have to prove my technical knowledge to them. So, my advice would be: know your worth and have confidence.
What advice would you give to other female leaders about the best way to manage a large team?
My team juggles a lot. If you trust the people you hire, it’s easy to delegate. It’s also about hiring expertise. The security field is struggling with a lack of expertise. Demand is high and the market is flooded with unqualified people who pad their resumes with qualifications they don’t have. So, we struggle with finding people who have the experience and expertise to perform critical functions.
I try to hire people who are smart. They may not have all of the technical knowledge but have the aptitude to grow.
None of us are able to achieve success without some help along the way. Is there a particular person who you are grateful towards who helped get you to where you are? Can you share a story about that?
Frank Heidt, who was the CEO at Leviathan Security Group, the first security consulting company that worked for after college. I was terrified walking into the room because I wanted the position as a security consultant. I was studying hard and networking as much as possible. Seattle in the mid-2000’s was a hotbed of talented hackers and security professionals. Microsoft and Amazon were progressing security and a lot of consultancies popped up in the Pacific NorthWest to support the growth. Frank interviewed me during at a security meet-up called 2621. Leviathan was only six months old and despite the fact that I was fresh out of college, he decided to take a chance and hire me. In that job, I was mentored by the best-of-the-best in security. I not only learned technical penetration testing but also management skills that were extremely valuable in progressing my career. It was one of those “right place, right time,” moments and I owe it all to Frank.
How have you used your success to bring goodness to the world?
If you look at security, it has two sides. On one is the hacking that scares the daylights out of the general public, but on the other side are the opportunities to protect people and make the world a safer place. There are people like me who work behind the scenes to make people feel a little safer, so I see my role as a protector of both my employees and Avant customers.
What are your “5 Leadership Lessons I Learned From My Experience” and why. (Please share a story or example for each.)
· Never let a good crisis go to waste.
· Do a lot with a little.
· You are in charge of your own career path.
· If you don’t ask for it, you probably won’t get it.
· The more technical you are, the better chances you have to make change.
Can you please give us your favorite “Life Lesson Quote”? Can you share how that was relevant to you in your life?
“If you’re going through hell, keep going.” — Churchill
Some of the biggest names in Business, VC funding, Sports, and Entertainment read this column. Is there a person in the world, or in the US with whom you would love to have a private breakfast or lunch with, and why? He or she might just see this if we tag them 🙂
Madeleine Albright. I saw her speak once and politics aside, she is an incredibly decorated woman who has accomplished remarkable things in her career.