Be curious, speak up, continuously learn, be empathetic and be open to feedback.
The cybersecurity industry has become so essential and exciting. What is coming around the corner? What are the concerns we should keep an eye out for? How does one succeed in the cybersecurity industry? As a part of this interview series called “Wisdom From The Women Leading The Cybersecurity Industry”, we had the pleasure of interviewing Veronica Unnikrishnan.
As Chief Operating Officer at 5Q, Veronica is responsible for client acquisition and satisfaction, along with 5Q’s business operations. For the past 25 years, she has focused her career on delivering outstanding, measurable outcomes and providing real solutions to very complex problems for companies ranging from start-ups to Fortune 500 organizations. Veronica is obsessed with delighting customers, is an avid advocate for women in technology, and is a champion of employee engagement through empowerment.
Thank you so much for doing this with us! Before we dig in, our readers would like to get to know you a bit. Can you tell us a bit about your backstory and how you grew up?
I grew up in Mexico, in a loving family that was very supportive of education. High school was a pivotal moment for me, since it is where I discovered computers. I was awarded an excellence scholarship and, as part of the program, I volunteered in the computer lab. That is when I fell in love with technology and its capabilities. It is also when I decided to pursue a STEM path and was one of the first women in my country to graduate with a degree in computer science.
Is there a particular book, film, or podcast that made a significant impact on you? Can you share a story or explain why it resonated with you so much?
Back in the early days, as I was developing my career, there were no podcasts, and the learnings were really more about the experiences I lived through. Therefore, the people that really impacted my professional development were mentors and real leaders who invested their time in helping me become a better individual.
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
I saw first-hand the impacts of cyber security when I was leading a very important project. While there were timelines and plans we were working toward, everything stopped due to a cyber incident. People were impacted, the project was impacted, and the team resolving the issue worked continuously around the clock. It was in that very moment I knew that this was serious, that it was real and that it could happen to anyone, anytime.
Can you share a story about the funniest mistake you made when you were first starting? Can you tell us what lesson you learned from that?
I was the Technology Manager for a financial firm, and I thought I had learned everything I needed in school for me to be successful. While in my office one day, I was asked to start the regular maintenance schedule they were used to. Before reading the procedure, I was thinking to myself “what software do we need to update? what data do we need to clean up, etc?”; but to my surprise, what they meant by regular maintenance for the computer equipment was to physically clean it! So, there I was cleaning printers, changing ink cartridges and using compressed air to clean the keyboards. Back then, no one had ever thought about anything related to the information IN the computer, it was all about the aesthetics and functionality of the machines.
Are you working on any exciting new projects now? How do you think that will help people?
Yes, we are. There are so many technology developments that were accelerated by the pandemic. New cyber security threats have developed, so we are continuously helping keep our clients, their businesses and their people safe. That is why this industry is so challenging yet rewarding at the same time — because there is a need to continuously learn, adapt and innovate to stay ahead of bad actors and develop ways to both reduce the risk and combat threats.
Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry seems so exciting right now. What are the 3 things in particular that most excite you about the industry? Can you explain or give an example?
I think the 3 most exciting things about the industry are Awareness, Preparedness and Resolution. Cyber security is exploding, in a good way, and more and more people are becoming aware of risks involved with not taking adequate measures to protect themselves and their businesses. With recent events that have been very impactful to the general population, more businesses are reaching out for help and support from cyber security experts. This is a specialty that not everyone is equipped with, but there are firms dedicated to protecting against and resolving incidents.
What are the 3 things that concern you about the Cybersecurity industry? Can you explain? What can be done to address those concerns?
There are many concerns around cyber security. Cyber-attacks are a global threat, and with the expansion of the use of social media and mobile apps that collect information, as well as technological advancements that are helping us evolve as society, we need to be aware of the dangers they present. We need to think about how much information are we sharing that could put us at risk of being hacked or becoming victims of ransomware threats.
Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for? Can you explain?
When we think about cyber security for business, usually the first thought that comes to mind is the need to take care of end user computers, the data centers, and training people on how to prevent phishing attacks. However, there is so much more harm that can be done that many people and business owners may be unaware of. For example, are your business policies and procedures covering cyber security prevention, and is the business prepared to react if attacked? Do you know how vulnerable your business is to cyber threats? Knowledge is power and prevention is key! Have you ever considered that an attack can come from one of the smart TVs in the lobby connected to your corporate network? Could bad actors attack your building systems and control your elevators or the AC in your office? There are so many scenarios and situations that could happen, which is why this industry is becoming critical to business operations.
Can you share a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?
Part of cyber security is also protecting the people and the clients that have been impacted by a breach, which is why confidentiality is so important. We have seen recent incidents highlighted in the news and how cyber-attacks impact daily life, which is why the awareness of having a cyber security program is so important for a business.
What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers can you briefly explain what they do?
Of course, our first line of defense is our people. Regularly using KnowBe4, or another security awareness tool, is very effective in creating a culture of cyber security. These tools help simulate phishing attacks and allow users to understand what a real attack could look like. We also use Anti-virus and MFA (Multi-Factor Authentication), along with more advanced tools like SIEM and SOAR for monitoring, log analytics and behavioral analysis.
Having a cyber security program is the recommended way for a business to have a cyber security roadmap in place that covers all levels of the organization, technology and measurable outcomes that will support and provide business value.
As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a layperson can see or look for that might indicate that something might be amiss?
There are many indicators that everyone should know about, but a few common items include:
- Not clicking on links or opening attachments without first hovering over and confirming it came from a legitimate source.
- Do not share personal information to strangers or call bots.
- Be careful where you store your passwords and don’t make them too simple or predictable to hackers.
- Beware where you plug in your smart phones to charge, as the device where you plug into may actually have access your data.
- And finally, take a close look at the email address of a sender. It may be off by just a single character or two. When it sounds odd, pick up phone and call the sender to verify its authenticity.
After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?
Communication that the incident occurred to their customers it is very important, since they also need to take actions to further protect themselves, such as changing passwords. Also, companies should establish a continuous and active cyber security program that is comprehensive and provides an adequate sense of priority to prevent and reduce further risk. Identify members of a response team and ensure they know and understand their roles. Practicing this a couple of times a year helps tremendously reduce the chaos caused by an incident.
What are the most common data security and cybersecurity mistakes you have seen companies make? What are the essential steps that companies should take to avoid or correct those errors?
A common misconception is a non-technology business believing they cannot be exposed to a cyber-crime. No matter what industry a business is in, technology is part of everyone’s life, and creating a culture that is looking out for the safety of the business, employees and clients is important. Not worrying about it until it happens is a big mistake. Work toward creating a culture of cyber security within the organization by talking about it frequently, providing training, and conveying how these controls can be applied to personal protection as well.
Let’s zoom out a bit and talk in broader terms. Are you currently satisfied with the status quo regarding women in STEM? If not, what specific changes do you think are needed to change the status quo?
I am not satisfied, and we can do more. It requires involvement and intent to create and develop opportunities for women in the workforce, especially advocating for those individuals making the effort to be part of the technology industry and giving them a chance to succeed. It is not only about women supporting women, but also about men becoming allies and making changes in business policies that help balance equality in the workplace.
What are the “myths” that you would like to dispel about working in the cybersecurity industry? Can you explain what you mean?
A myth I talk about with my mentees is that they believe you need to graduate or be involved in cyber security from the beginning of your career to be part of this industry. However, that is not the case. There are many aspects of cyber security, and bringing knowledge from other industries, technologies or skills can be helpful in the cyber security arena and can lead you to be part of this fascinating industry.
Thank you for all of this. Here is the main question of our discussion. What are your “5 Leadership Lessons I Learned From My Experience as a Woman in Tech” and why? (Please share a story or example for each.)
Be curious, speak up, continuously learn, be empathetic and be open to feedback.
Curiosity opened opportunities for me. While working for a telecom company, I stumbled upon terminology I had not heard before, so I made myself familiar with it. That led me to learn the business and ultimately resulted in the progression of my career.
It is important to make your voice heard. When I was younger with less experience, it was hard for me to share my ideas in meetings because I thought I didn’t have enough knowledge to share an opinion. One day, while I was in an innovation meeting where we were discussing different products, an idea came to mind and I took an opportunity to share it out loud. To my surprise, that idea became a unique product and business enabler that positioned the company ahead of the competition. I even was awarded a patent!
I started as a computer engineer and while working on different projects, I learned firsthand how to provide excellent service, which helped me dive deeper into project management and develop new skills and knowledge that has stayed with me.
When you are a leader, it is important that your team understands you are willing to support and help them achieve their own goals and professional aspirations. Ask them what they want to accomplish in their careers and provide them with opportunities that will help them do so. The work then becomes a positive challenge and provides them with purpose.
Search for feedback and embrace the input you receive. The advice and words that you hear will help you further shape your career and become a better individual. It certainly has worked for me at all levels, and feedback has helped me become a better leader, mother and wife.
We are very blessed that very prominent leaders read this column. Is there a person in the world, or in the US with whom you would like to have a private breakfast or lunch, and why? He or she might just see this if we tag them 🙂
I would love to have lunch with Oprah Winfrey. Her life and career are fascinating to me, and I’d love to hear her advice firsthand on the latest topic she has brought to light, which is mental health. With so many stressful situations that happen in our lives, how does an individual like her mentally prepare every day to manage decisions and unexpected situations as they arise.
Thank you so much for these excellent stories and insights. We wish you continued success in your great work!