10 Most Influential Business Leaders in Cyber Security April 2022.pdf

CEO
Vigilant Asia
Victor
www.insightssuccess.com
VOL-04 | ISSUE-17 | 2022
Cheah
Building Trust to Protect
YOU from Cyberthreats
Most
Influential
Business
Leaders in
CYBER
Security
2 22
Innova veness
and Competence
Strengthening the
Security of Businesses
Paving the Way
The Liberty in security

Cyberattacks:
Just the Tip of
the Iceberg
Editor’s Desk
magine using a social media site for fun. You share
Iyour private pictures, videos, and other personal things
with your friends and family. You may believe it is safe
to do so because it is solely between you and your pal.
Spoiler alert: you're wrong!
Someone could be accessing your private data, possibly on
the other side of the world, watching the photographs that
only your friend is supposed to see, and you have no idea.
Spine-chilling, isn't it? If your data is stored anywhere
online, even in a private chat room, it is prone to be abused
by cybercriminals.
This reminds me of the famous data breach with the social
media platform Facebook. In 2019, Facebook suﬀered a
massive security breach, exposing the personal information
of over 500 million members. The database was rumored to
have been publicly available on the Dark Web for nearly
two weeks.
Such occurrences highlight the necessity of Cyber Security
since our every move is now captured and stored
someplace, making it critical to protect our sensitive data.
Cybercriminals are becoming more and more inventive in
the types of cyber-attacks they perform against businesses
each year.
Businesses must invest in and focus more on their Cyber
Security frameworks, as a lack of attention to it can be
harmful to your company's assets in various ways.
Economic and regulatory expenses are two of them. Theft
of intellectual property, company information, and the cost
of ﬁxing damaged systems are all factors to consider.
Regardless of size, all businesses must guarantee that their
employees are aware of cybersecurity hazards and know
how to mitigate them. Training regularly and a structure to
work with should be part of this to reduce the chances of
data leaks or breaches.

The cyberattacks we are seeing today, in my opinion,
are only the tip of the iceberg, and there will be more
to come. We, as humans, have no idea how severe
cybercrimes can be or how they can alter our daily
lives. Governments, businesses, educational
institutions, non-profits, and other organizations
require a Cyber Security framework to protect their
information.
As the number of cyberattacks is surging, so does the
appeal of the Cyber Security specialty. To combat
cybercriminals, the world needs more Cyber Security
technologies and updated solutions, as it is hard to
predict their next move.
Featured on the cover of this edition, “10 Most
Influential Business Leaders in Cyber Security,
2022,” is Victor Cheah, the CEO of Vigilant Asia,
a leader who is delivering world-class Cyber
Security solutions to combat the threats of
cybercriminals.
Learn about the contributions of such personalities in
the Cyber Security world by exploring more similar
and exciting stories.
Read our editorial staff's writings and the CxO
perspectives of some of the industry's top executives
to gain insight into the field.
Delve in!
Sonali Dhiwar
sonali.dhiwar@insightssuccess.com
Sonali
Dhiwar

Innovativeness and Competence
Strengthening the Security of Businesses
08
Victor Cheah
Building Trust to
Protect YOU
from Cyberthreats
Contents
30
36 Paving the Way
The Liberty in security
Cover Story
ARTICLES

18 Debra Baker
A Profound Leader Ensuring the
Security of Your Critical Resources
26 Greg Taylor
Bringing a Sustainable
Approach to Data Privacy
22
Elena Elkina
A Trailblazer Focused on
Securing Your Privacy and Data
32
Kavya Pearlman A Cyber Guardian for Extended Reality
40 Lori Sussman
A Fearless Veteran Educating
Future Cybersecurity Experts
Mathieu Gorge
Nitesh Sinha
Nir Ayalon
44
52
48
14
Ari Jacoby Democratizing Cybersecurity
A Passionate Leader in Data Security,
Compliance, and Risk Management
A Rising Phoenix Safeguarding YOU Digitally
Safeguarding SEAS from Cyberthreats

sales@insightssuccess.com
April, 2022
Editor-in-Chief
Senior Sales Manager Business Development Manager
Marketing Manager
Technical Head
Technical Specialist Digital Marketing Manager
Research Analyst
Database Management Technology Consultant
Pooja M Bansal
Managing Editor
Jenny Fernandes
Executive Editor
Sonali Dhiwar
Assistant Editors
Visualizer
David King
Art & Design Director Associate Designer
Kshitij S Peter Collins
John Matthew
Sales Executives
David, Martin
Business Development Executives
Steve, Joe, Saurabh
Jacob Smile
Aditya Marry D'Souza
SME-SMO Executive
Atul Dhoran Frank Adams
Circulation Manager
Robert Brown Stella Andrew David Stokes
Sonia Raizada
Copyright © 2022 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any
form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights Success.
Reprint rights remain solely with Insights Success.
Follow us on : www.facebook.com/insightssuccess/ www.twitter.com/insightssuccess
We are also available on :
Anish Miller
Shyam Sonawane

Brief
Company Name
Deduce is focused on democratizing cybersecurity, risk and
fraud technologies.
Featured Person
Deduce
deduce.com
Ari Jacoby
Founder and CEO
RedSeal through its cloud security solution and professional
services helps government agencies and Global 2000
companies.
RedSeal, Inc
redseal.net
Debra Baker
Director of Information
Security
Aleada is women and minority owned privacy and information
security consulting firm.
Aleada Consulting
aleada.co
Elena Elkina
Partner & Co-founder
Sertainty Corporation is a Nashville based technology
company.
Sertainty
sertainty.com
Greg Taylor
CEO
XR Safety Initiative is a worldwide not-for-profit charitable
organization focused on promoting privacy, security, ethics in
XR domain.
XR Safety Initiative
xrsi.org
Kavya Pearlman
Founder & CEO
University of Southern Maine is a public university with 8,000
undergraduate and graduate students taking courses online and
at campuses in Portland, Gorham and Lewiston-Auburn
University of
Southern Maine
usm.maine.edu
Lori Sussman
Assistant Professor
VigiOne enable organisations to achieve and maintain
compliance with legal, industrial and security standards and
frameworks.
VigiTrust
vigitrust.com
Mathieu Gorge
Founder and CEO
Cydome provides award-winning cybersecurity and protection
to the maritime industry.
Cydome
cydome.io
Nir Ayalon
CEO
Sacumen specializes in working with Security Product
Companies.
Sacumen
sacumen.com
Nitesh Sinha
Founder and CEO
Vigilant Asia is a Managed Security Service Provider offering a
full range of cybersecurity solutions and services.
Vigilant Asia
vigilantasia.com.my
Victor Cheah
CEO
Most
Influential
Business Leaders in
CYBER
Security
2 22

Victor Cheah
Building Trust to Protect YOU from Cyberthreats
Protect YOUR
organization
against the threats
of today and tomorrow.
10 Most Inﬂuential Business Leaders in Cyber Security, 2022

Aprofessional journey that began in 1992 that shone
over the decades achieving several milestones;
serving every business with one essential aspect:
trust, Victor Cheah has made his mark on the business
world. Today as the CEO of Vigilant Asia, Victor is keen
on delivering world-class security services tailored to
protect your organization against the threats of today and
tomorrow.
Insights Success caught up with Victor to find the most
influential business leaders in the cybersecurity niche. We
interviewed him to know about his remarkable journey that
has now curved towards securing people's future from cyber
threats.
Unveil his three decades climb up the ladder!
Oncoming Strides
Victor dabbled in several industries going through various
challenges to found Efficient E- Solutions, which initially
was a mail insertion business. However, when the
opportunity struck during the Asian financial crisis, the
company tapped into document management. After the
financial crisis, the regulators in Malaysia started to allow
financial institutions to outsource their non-core activities,
non-decision-making activities, managing sensitive
documents (printing), which gave Victor a leading start. He
states, "The sensitivity part about it is that the data
confidentiality becomes paramount in all things. So, the
bank has to trust you, right, for them to pass on - while it's
a non-decision-making, but I think it was a critical enough
mission within their system that they needed to make sure
that the partner they choose."
Victor's path to success spanned over the next 20 years,
expanding one customer at a time until 2016, when he
decided to sell the business that grew, covering 80% of the
market share in the financial services sector in Malaysia.
The Next Chapter
Victor believes that success comes to the people committed
to the cause. This value was carried with his team,
supporting Victor in his cybersecurity drive with Vigilant
Asia. He maintains the consistency and integrity with
everything that Vigilant Asia offers, resembling its slogan
"Name you can trust," becoming one of the critical success
factors for its success. Vigilant Asia is committed to its
client 24/7/365, operating at the highest level keeping its
team on their toenails to deliver streamlined solutions.
Victor's farsighted vision of a digital world and its potential
problem and solution birthed Vigilant Asia. When the
pandemic hit the world, it accelerated the demise of
paperless, giving rise to remote work culture and several
security threats. Vigilant Asia could have tapped into an
array of stuff. However, the technology changes rapidly;
thus, with his team, decided their next step to prevent these
threats with innovative solutions that identified and
resonated with the company's DNA of trust.
Victor notes, "We're not here for the overnight success;
we're here for the long haul." He wants to build a strong
practice, simultaneously making a name for Vigilant Asia.
He found that 95% of the market talking about digital
transformation lacked one crucial ingredient; they did not
understand security enough. He intends to be a
cybersecurity partner inside a large organization. They offer
visibility compared to substantial vendors, service
providers,or the MDR space, having expensive setups
lacking visibility towards micro-enterprises requiring
resilience. Victor aims to achieve this goal, ensuring to
educate the space enough to move forward to creating
service packages that are best at a reasonable price.
Making the Mark
Despite being a relatively young company in the space of
cybersecurity as compared to other peers in the niche,
Vigilant Asia has imprinted its name and volume by
building the stack around best practices, reaching out to
global certification bodies like CREST, going beyond the
standard requirements of traditional cybersecurity
practitioners. Since its inception, the Vigilant Asia team
realized that much bigger branded CIOs research people's
reports. So, it started engaging with Gartner, receiving
feedback from the analysts following the global guidelines,
focusing on the deals creating more vital branding.
Vigilant Asia has associated with Microsoft in Malaysia as
managed partners, constantly improving to deliver unique
solutions focused on security stack., increasing its
capability to get essential deals with Microsoft.
Additionally, Vigilant Asia is partnering with large
organizations and has onboarded two telcos in Malaysia to
push its mobile-security solution.

We are an award-winning Managed
Security Service Provider and the
only CREST accredited and exter
nally validated SOC in Malaysia.

He
notes,
"We believe
in the Partner
Channel's
relationship because a
lot of these partners, they have
their relationship with their customers, in which we may
need time to build. I think working through partners is
always going to be important your net can be cast a lot
wider."
Planning Ahead
Vigilant Asia is the only company in Malaysia that provides
mobile threat defense support, covering the whole spectrum
of the digital journey, moving from blue teaming to red
teaming solutions as a service. It strives to be a top service
provider worldwide, aspiring to be on the
upward trajectory keeping up with the latest
trends and expanding its brick-and-mortar
as a homegrown cybersecurity company
that will reach out beyond the shores.
Focused Approach
Victor advises aspiring
entrepreneurs to stay focused
on the objective. He says, "It's
not only in cybersecurity but
also across any other industry.
People try to be focusing on
too many things. But every
time we do that, we need to
remember to pull ourselves
back to the center. It's always
easier to see things from the
center than to be too left or
right. It's always good from
the center."
Victor continues, "You get a
better overall view of where
you are today. And staying
focused is one of those key
aspects of success for any
business. It's evident in the
space in the West, as far as
cybersecurity companies are
concerned, all the recent big
guys who have gone listing,
they have stayed focused on
one area. Obviously, no one
cybersecurity company in the
world can tell you they have
solutions for every problem."
"That's where we come in and say, No, you don't need to
have the product, you can buy the services, and someone
like us will be able to put it together and provide you with
the whole nine yards," concludes Victor.

n our endeavor to find “Most Influential Business
ILeaders in Cyber Security, 2022”, we crossed our
paths with Ari Jacoby, the Founder and CEO of
Deduce. We got into conversation with Ari to learn
more about how he and his team at Deduce are
protecting businesses and their consumers from identity
fraud threats while simultaneously creating more secure,
frictionless experiences.
Below are the highlights of the interview:
How do ATO attacks work?
Account takeover (ATO) attacks take place when fraudsters
gain access to a victim's account and leverage that access in
order to steal funds, information, rewards/perks, make
purchases, or leverage application functionality for other
forms of intended gain.
It is an unfortunate condition that a plethora of static
identity data has already been breached due to massive
historical attacks, and the availability of such data on the
dark web continues to flourish. This static identity data
extends beyond credentials, often linking static credentials
with digital fingerprints.
These readily available attributes enable an adversary to
extend techniques beyond credential validation attacks,
leveraging fracture points such as account recovery
processes or access to an individual’s email account to
successfully complete their attacks.
As more complete data attributes about an individual
become available and linked over time, this results in
decreased complexity and cost required to successfully
execute ATO and makes this form of fraud more attractive
to bad actors.
Modern techniques by attackers undermine the intended
goals of friction. If identity and authentication controls
predominantly rely on static data to prevent ATO, an
organization is at a longer-term disadvantage.
How does the Deduce solution address this ATO risk?
Deduce has created the Deduce Identity Network, a
consortium of over 150,000+ participating websites and
apps with the objective of sourcing the maximum amount
of real-time activity data for a given user as they traverse
the internet. Its intent is to specifically rival the visibility
and scale only previously seen at internet giants and to
commercialize an offering for risk teams.
Ari Jacoby
Democratizing Cybersecurity
“We build developer-
friendly tools that
empower businesses
to do their part to
keep their users and
communities safe.”
|
April 2022
www.insightssuccess.com 15

With over 450M unique identity profiles and collectively
generating in excess of 1.4B daily interactions, Deduce sees
the majority of the U.S. population transact in real-time,
several times a week — based on four principal threat
vectors: device, network, geography, and activity.
Built on top of the Deduce Identity Network, Deduce offers
two solutions to combat ATO fraud:
1. Identity Insights — Risk & Trust signal data to empower
risk teams with a dev-ops friendly approach to managing
identity/authentication risk.
The data includes telemetry from real-time activity
information packaged into risk signals (Impossible Travel,
Device Downgrade, Unfamiliar Device, Previously Unseen
Email, etc.), trust signals (Familiar Network, Familiar
Device, Familiar City, Familiar Activity, etc.), or scores for
simple ingestion into a risk engine.
The Deduce Identity Insights solution is intended to be used
as a high fidelity approach to identifying suspicious activity
while decreasing unnecessary friction.
Deployed as an API, Insights is consumable in any risk
engine, CIAM, or application stack. Deduce is typically
consumed at registration, authentication, checkout, and risk
moments such as change of primary contact (email, phone).
2. Customer Alerts — Deduce sends an Alert — typically a
first-party branded email, asynchronously, on behalf of the
Deduce customer — to their end-users on suspicious logins
to enable a proactive stance against ATO. Customers are
prompted to confirm or deny the activity. A negative
selection will cause all active sessions to be terminated and
proactively enable a user to reset their credentials.
How does your team keep track of aggregate historical
data to support your solution?
Deduce’s system is designed to correlate event-level
telemetry data, augmentative data sources, and first-party
feedback data, to create hundreds of data features on a data-
driven platform. We derive these insights by deploying code
directly to user touchpoints across the web while
aggregating information in a secure, encrypted, and
privacy-compliant environment.
Historical features used in our model provide predictive
analytics on user behavior based on access patterns —
devices users leverage, geographies they sign in from,
networks they frequent, security preferences (privacy-
conscious individuals typically leveraging VPN, for
instance), and activity across the web. This visibility
facilitates dynamic, real-time responses to human behavior
while stopping fraudsters and bad actors in their tracks.
For instance:
Ø If a user is seen successfully authenticating at dozens
of websites from a new city in the last day, it can be
inferred that the user is traveling. Deduce’s system
reference against successful ATO (from its first-party
Alerts and from network behavior) before providing
this insight to the enterprise.
| April 2022 www.insightssuccess.com
16

Ø If a given IP that has been shown (and
confirmed by third-party sources) to be a
benign residential IP node suddenly sees
a spike in high-authentication failure
rate paired with many new attempted
usernames, it can be inferred that there
is malicious activity (typically indicative
of compromised node).
Deduce recognizes that risk data is
continuously evolving and maintains a rich
solution that provides user metadata, trust
and risk signals, and scoring, providing
never-seen-before data and explainability to
security/fraud forensics teams.
Powering a long list of use cases, Deduce’s customers use
this technology to solve an array of cybersecurity problems,
such as: verifying that the user behind the screen is really
who they claim to be, optimizing user experiences by
removing authentication friction, or stopping fraudsters at
authentication.
Tell us more about how intelligence is used to power
your processing algorithms?
Deduce’s greatest strength is the ability to correlate device,
network and geographical information against a particular
account to build predictive telemetry about the expected
behavior of an individual. Using a combination of
statistical, unsupervised, and supervised machine learning
models, this allows us to understand the specific
characteristics of specific actors and imposters over
hundreds of data features in the digital world.
For example:
Ø Statistical data features establish baseline behaviors
across the dimensions of activity, network, geography,
and device, in the context of individual activity. This
creates a basic understanding of a particular user’s
behavior.
Ø Unsupervised machine learning models observe user
activity in real-time, continuously determining trust
and risk factors to facilitate immediate cybersecurity
responses to quickly evolving threats.
Ø Supervised machine learning models augment
Deduce’s understanding of particular fraud profiles,
blending fraud feedback data with observances across
the network, to surface specific threat actors.
Using a fully horizontally and vertically scalable
deployment model, Deduce is able to process billions of
transactions daily while maintaining blazing-fast response
times across its cloud infrastructure.
Do you have any predictions about emerging cyber
threats to business infrastructure?
Identity fraud doubled from 2019 to 2020, with the number
of data breaches reaching an all-time high in 2021 – and
those numbers are just going to get worse in 2022 as more
people browse, transact, and share information online than
ever before.
As fraudsters have become increasingly sophisticated and
strategic, outdated approaches and implementations
requiring months of planning and implementation no longer
work – increasingly, the most effective anti-fraud tools are
those that support agile deployment in hours and that can be
adapted quickly to address the constantly changing threat
landscape.
It is imperative that we all band together to form a
collective defense against online adversaries, and leverage
systems designed with knowledge-share in mind to defeat
attackers as they evolve. Deduce believes that real-time,
dynamically networked data, with the largest possible
activity consortium, will provide more robust, longer-lived
defenses against bad actors.
|
April 2022

Debra Baker
Sr. Technical
Program Manager
RedSeal, Inc.
18

Debra Baker
A Profound Leader Ensuring the Security
of Your Critical Resources
The web of cybersecurity has become widespread
globally, but it still has its flaws, making it
vulnerable to numerous threats. However,
cybersecurity professionals are consistently upping the
game and innovating new ways to eliminate these threats
while also providing transparency across the services. One
such professional we, at Insights Success, came across is
Debra Baker, Sr. Technical Program Manager at
RedSeal.
Playing a Significant Role
In her role, Debra helps her clients use and adopt RedSeal
products and services to improve their cybersecurity
posture by providing cyber visibility, compliance, and risk
management. In addition, she also manages product-related
governance such as FIPS 140 and Common Criteria by
coordinating with third-party vendors and engineering. She
also is responsible for managing the SOC2 and FedRAMP
certifications for RedSeal's Cloud Security Posture
Management (CSPM) product Stratus. RedSeal Stratus
enables organizations to understand and secure their cloud
and hybrid cloud environments.
One of Debra's roles is to manage large-scale enterprise-
wide RedSeal deployments providing infrastructure
visibility, awareness, and security of hybrid networks,
including on-premises, cloud, and hybrid cloud. She is also
the creator and leads a Cyber Protection Team at RedSeal
that reviews the latest threats and vulnerabilities and writes
threat solution briefs guiding how to use RedSeal to defend
from the latest threats.
Tackling the Problems
One of the biggest challenges Debra faces is getting cross-
department collaboration at customer sites, where she has to
work with customer teams on integrating RedSeal into the
customer's business processes. She states that to truly have
a successful Risk Management program, the networking
(on-premises and cloud), security, vulnerability
management, and compliance teams must work together.
One needs to have collaboration between technical teams
and leadership to be cyber resilient.
Impactful Influence
Debra says, "Leaders need to be prepared to hear the good
and the bad. Having a manager that says you can be
yourself, with both the positive ideas you have and the
complaints you have, is empowering. Giving this freedom of
thought and inclusivity leads to innovation. Now you feel
confident in sharing ideas that you may not have in a
stifling environment." That said, she mentions that leaders
named Ramesh Kaza at RedSeal, Ashit Vora at Cisco, and
Kristina Rogers at Entrust have always supported,
challenged, and allowed her to express her ideas.
Besides, the book series Primal Leadership by Daniel
Goleman has opened Debra's eyes to the extent a
manager–whether good or bad–can have on a person's
career and even home life. In her opinion, this book is a
handbook for what makes a manager good and bad. Primal
Leadership makes it clear that "Leaders who spread bad
moods are simply bad for business—and those who pass
along good moods help drive a business's success.”
According to Debra, the book Find Your Why by Simon
Sinek brings together work and passions relating to one's
Those who
run
the world,
Run RedSeal
“
“
|
April 2022

job. Her "WHY" is that everyone deserves to have privacy
while online. Knowing that she works in cybersecurity and
helps companies secure their networks and data through
good cyber hygiene, segmentation, and strong encryption
keeps Debra passionate about her job.
Debra says, "It's great to work in a field where I am helping
businesses secure their networks. Through the Crypto Done
Right non-profit I founded in collaboration with Cisco and
Johns Hopkins, I provide cryptographic guidance in easy-
to-understand language of what encryption algorithms and
ciphers are recommended for non-cryptographers.”
She adds, "Never let a bad manager bring you down.
Learning how not to let detractors negatively affect you is
paramount as you navigate your career. There is always
something better just around the corner. Take those
situations and learn from them and move on."
Impact of Positive Work Culture
Debra is totally in for a positive work environment. In her
opinion, everyone has to be authentic but with a positive
slant. She is a glass-half-full kind of a person who tries to
see the positive in every situation even when she gets
bogged down. She ensures that each person has a chance to
express themselves without retaliation and in a respectful
way.
Debra thinks that employees should be able to openly
express their ideas even when they go against the status
quo. There should not be a fear of retaliation. It's the "yes"
culture that leads to conformity and stops innovation and
new ideas. Management has to be open to hearing the good
and the bad and not taking it personally, but instead taking
that information and learning from it.
Offering to the Community
When Debra was asked to co-found the League of Women
in Cybersecurity, she jumped at the chance to train women
in Cybersecurity. It was great for her being able to give
back and train other women from what she has learned in
cybersecurity. One woman who was inspired by Debra, got
her Master’s in Cybersecurity and got a job at AWS. It
makes Debra happy when someone she helped along the
way is so successful. League of Women also helped women
navigate how to move into the cybersecurity field.
At RedSeal, the CEO, Bryan Barney, is all about promoting
equal rights for all and respecting people of different
backgrounds. One of his first initiatives was to set up a
Diversity and Inclusion Council to ensure everyone at
RedSeal is heard no matter what position, gender, race, or
sexual orientation.
20

What Comes Next?
Debra's vision for RedSeal is to push forward the company
to become cloud-centric. RedSeal Stratus is a Cloud
Security Posture Management SaaS platform launched in
August 2021. Many companies are moving their data
centers to the cloud. In addition, RedSeal's advanced
cybersecurity analysis capabilities and name recognition is
known in the commercial space as well as it is in the
Federal space. RedSeal is the best-kept secret securing
well-known companies, as well as military and federal
agencies.
Debra recently created a Common Criteria for Developers
Learning Path for Infosec Institute. If you are responsible
for an upcoming Common Criteria Evaluation, are a
developer having to make software updates to ensure your
product is Common Criteria compliant, or are a new
employee at an evaluation lab, then this learning path is for
you.
She is also writing a book titled a CISO’s Guide to Cyber
Resilience. It’s a handbook for a CISO to know what steps
to take to secure their company’s network and to recover
from an attack.
Bequeathing Aspiring Entrepreneurs
Debra believes that every woman-owned business can
apply for government contracts since women are minorities.
She says, "There are great women-based networking
opportunities at the Grace Hopper Conference, which is the
largest women's conference in the world. Every company
that you can think of is represented there.”
"For women moving into information technology,
Cybersecurity, and programming, Grace Hopper is a great
place to find a job. Also, the Women in Cybersecurity
annual conference is not only a great place to find women
to hire, but also network and advance in the cybersecurity
field," concludes Debra.
|
April 2022

|
April 2022
A Trailblazer Focused on Securing
Your Privacy and Data

Privacy
and
security at
the speed
of
business.
“
“
Aleada's work assesses client compliance requirements, and
it helps them align their compliance strategy with business
goals. There's a lot of planning involved to build solid
personalized privacy program and a significant amount of
training that keeps it engaged with clients. Elena truly
understands a client's business and can adapt company
programs to meet their changing needs fast.
Influencing Expertise
Elena states that compliance is complicated. New
regulations seem to pop up like mushrooms.
Mismanagement could result in fines, ruined reputations,
and worse. Another obstacle: Compliance requirements can
get in the way of business progress. Also, what works for
one client won't work for another client.
Elena adds that every client has a set of strengths and
weaknesses and the only real way to create a solid data
privacy program is to do a deep dive into their business.
Who are their customers? What sort of systems are they
using? Where are the threats coming from? Can their needs
24

be addressed with new technology, new personnel, new
procedures, or a combination of all three?
Aleada's biggest impact comes from what some might think
is the smallest of things – it listens to its client's concerns. It
audits their systems, processes, and teams before building a
custom privacy and information security program that's
perfect for their business.
Elena is convinced it is the company's personal approach
and her team's experience that wins new business. Its
reputation is outstanding and gets new business from client
referrals. Elena says, "You cannot help a client build a
strong privacy and security team without showing them you
have one too, and Aleada does.”
Securing Client's Data Through Technology
Elena states that Aleada helps its clients with its core
services by building privacy and information security into
their products, services, overall compliance program, and
company culture. It has been focusing on creating global
privacy and data protection programs, including developing
and implementing regulatory frameworks, risk/gap
assessments, maturity models, long-term roadmaps, and
data protection policies; designing and employing de-
identification and Privacy by Design data handling
processes. It also works with development and business
teams to build cloud, web, and mobile consumer and
business products across the globe.
Elena noticed that when faced with the need to set up
something complex quickly or face liability risk, it is
common for companies to turn to law firms to pick up the
slack. A reasonable reaction often results in a
patterned/checklist-driven approach in dealing with risk
management instead of building and implementing its
privacy and information security program; legal and
compliance should come hand in hand. As a result, a
growing premium is placed on privacy and information
security operational and strategic expertise. This is what
Aleada does.
It has become a necessary asset for any company, no matter
the industry sector, its maturity, or target market,
specifically for disruptive technologies in the future. Elena
expresses that Aleada must focus on the intersection of
technology, data stewardship, and compliance, as a privacy
and information security firm to stay ahead of the industry
and support business growth.
The Long Run
As long as Elena sees herself on a beach in the Maldives
enjoying her waterfront home in her future, she wants to
create fundamental changes by bringing more diversity to
the ever-growing privacy and information security industry
as a long goal.
Elena hopes to grow Aleada to help an increasing number
of clients without losing the notion that listening is more
important than speaking. The company's personalized
approach to developing custom privacy and information
security programs for its customers creates the most value
for its clients and company, which gives Elena joy in
everything she does.
Valuable Guidance
Elena advises budding women entrepreneurs to speak up,
partner up, and know their value. She says, "Demand value
be placed on the job at hand and not your gender. Be bold
and ethical. Show competence and leadership. And this isn't
just about the privacy and security sector; it's about life,"
concludes Elena.
|
April 2022

Aquote by Stephane Nappo, "It takes 20 years to
build a reputation and few minutes of cyber-
incident to ruin it," accurately emphasizes the
significance of data security in the technological era.
An organization cannot defend itself against data breach
operations without a cybersecurity program, making it an
easy target for cybercriminals. These criminals’ strategies
are becoming more advanced than traditional cyber
defenses, so business leaders can no longer rely only on
out-of-the-box cybersecurity solutions like antivirus
software and firewalls.
Understanding the importance of data privacy drove Greg
Taylor to start Sertainty Corporation, a company that builds
privacy intelligence directly into data to make data privacy
guaranteed, demonstrable, and managed.
Sertainty Corporation offers advanced technology that
embeds a data file with the necessary safeguards and
management modules to defend against unwanted access.
A Man with a Mission
Early in his entrepreneurial career, Greg founded Taylor
Associates, a professional search and recruiting company
that revolutionized data processing. This company inspired
him to start Dataman Services, a data processing systems
analysis, software development, and consulting services
organization geared towards the very early stages of
Greg Taylor:
Bringing a Sustainable Approach to Data Privacy
26

Greg Taylor
CEO
Sertainty
Corporation
|
April 2022

cybersecurity and data protection through proper software
development and implementation of the appropriate
standards and procedures company-wide.
Upon founding SertaintyOne Corporation, the pivot of
Sertainty Corporation, he brought together the founding
team that now ensures exceptional development and
commercialization of self-governing data.
Early on, Greg and his team were confronted with doubt
about their ability to deliver on their promises. He remem-
bers comments like, "Technology is not that far advanced."
The challenge then became to convince these organizations
to conduct the proper due diligence and invest the time and
resources to see that Sertainty technology could truly
protect their information by building privacy intelligence
directly into the data. While this skepticism led to
resourcing constraints and challenges at Sertainty for a
period, they overcame these hurdles by patenting their
customizable solution in the US, Japan, and Korea and
building valuable partnerships that further validated their
approach.
Having dealt with incredulity and doubt, Greg now advises
young entrepreneurs to have faith in themselves. After
working in investment banking for over 14 years, Greg has
observed that everyone underestimates the value of
financial, family, and community support. To be a
successful entrepreneur, you must be willing to take risks.
Greg shares, "You must have a special kind of grit to
survive, much less succeed. You will get told no 300 times,
but it takes one yes to begin down a path that could change
your life."
Guiding Principles, Shaping Work Culture
Every business has its own set of values that influence how
it operates. The mission at Sertainty revolves around the
Zero-Trust Principle; never trust and always verify. This
principle means no device or user will ever be trusted, and a
verification process is always required.
As deep-tech cyber-innovators, the Sertainty team’s mission
is to offer breakthrough self-protecting-data technology. Its
cutting-edge DevSecOps teams can deploy a proactive and
self-mitigating data-centric strategy that assures the safety
and sustainability of the converging OT and IT
environments.
At Sertainty, they package and distribute their main product
in a Software Development Kit (SDK). Their SDK includes
all the Application Programming Interfaces (APIs) needed
to build a secure Self-Protected Data file.
In short, this SDK will help customers build highly secure
applications for protecting data.
Leaving a Mark in the Information Security Niche
With Sertainty, clients and partners can create a competitive
differentiator with customers and regulators who want more
than data privacy promises. Establishing and retaining
customer trust and taking a sustainable approach to data
privacy regulations are of the utmost importance for
businesses worldwide.
28

Verified by industry leader Veracode, Sertainty has
discovered and patented a way to embed its programming
language and executable code so that "ones and zeros” are
indistinguishable by the best hackers.
When tested, the Sertainty patented Data Privacy Platform
received the highest score possible: VL5, 100% in Static
Application Security Testing (SAST) and Manual
Penetration Testing (MPT).
Developing Versatile Solutions
Technology is critical to the growth of practically every
industry, progressively playing a more significant part in
our society, from cybersecurity to agriculture and farming.
Sertainty recently received patents for its intelligent cipher
transfer object (ICTO) in Japan, Korea, and the United
States. One of its data privacy platform partners is Texas
State University's CIEDAR program. The program
develops smart cities integrated with solar farms,
autonomous vehicles, and smart homes. While progressing
toward human advancement, Sertainty ensures their data
and processes are safe with self-governing data on the
backend.
A Change for the Better
Technology is ever-changing, and one must keep up with it
to stay relevant in the tech industry. Many businesses in
data assurance aren't beholden to an industry-standard
instead of focusing on marketing to gain new customers.
There needs to be a better-structured standard of operation
for data assurance. When there is a breach, these businesses
face no repercussions and give no clear roadmap to clients
on how to ensure that a data breach won't happen again.
Sertainty believes the best way to protect valuable data is to
have its platforms tested and graded by industry experts like
Veracode and keep its B2B clients up to date on the latest in
data advancements and practices. Educating your clients
enables them to make informed decisions regarding their
valuable data.
Greg adds, "When they know your business has been judged
according to an industry-standard, it increases their
confidence in your ability. It's time for businesses to stop
keeping their clients in the dark and work together to shine
a light on how they can make better, actionable decisions
around data protection."
Going Above and Beyond
At Sertainty, when they look into the future, they are
looking six months to three years from now. In the
cybersecurity world, three years is a long time. The
company is working towards a public offering and
evaluating future partnerships with renowned Wall Street
firms that could represent Sertainty in a prospective M&A
transaction.
Also, Greg predicts, "Over the next 18 to 24 months, we
will have tremendous pressure on us to sell the company. I
say this because of the increased interest we have already
seen in Sertainty, and I believe that will only grow. We are
getting traction in these areas, and the company is
becoming more valuable."
Concerning its internal growth, the company will continue
to advance the capabilities of self-governing and self-
protecting data. Many organizations are looking to adopt
the Zero-Trust model to solve data security needs.
However, they forget that it isn't a cookie-cutter security
model. Instead, it's a methodology that needs to evolve
consistently. The ability to accommodate those fast
adaptations makes Sertainty stand out in the Zero-Trust
cybersecurity industry.
To Budding Entrepreneurs – Get a Foothold
"The advice I would give to any entrepreneur is this; if
you've got a vision and you believe that you are called to
that vision — and I do mean called, something that's
burning inside of you and you cannot say no — and you're
willing to risk everything you've got, then go for it!"
Finally, Greg also adds that one should never burn a bridge
as you never know when that relationship will come back
and be beneficial to you and your company. The team is
critical. You can have the best technology on the planet and
millions of dollars invested in it, but if you do not have a
100% committed team that shares your vision and passion,
you will fail.
|
April 2022

Strengthening the
Security of Businesses
hat sets great leaders different from the rest is
Wtheir sheer ability to thrive even amidst great
challenges. They are not afraid of challenges. In
fact, they like to be part of solutions to the challenges.
Great leaders are different from ordinary people. They don’t
think like ordinary people. They have out-of-the-box
thinking. They think innovatively and plan strategically to
execute their ideas and work passionately to deliver
glorious business results. They figure out the problems, and
their aim is to deliver the best solutions and ensure their
clients' problems are resolved.
Great leaders become great because of their great attitude.
Their exceptional attitude helps them be as clever as they
can for delivering solutions that are of high quality and are
more appreciated by the clients. That makes them the most
eminent leaders in the industry. They earn credibility in the
industry by their exceptional ability to deliver solutions to
the challenges in a more profound way that meets the
expectations of their clients in the industry. They lead with
the glorious reputation they have earned, and they try their
level best or beyond that to sustain their reputation.
The cybersecurity industry has witnessed such contributions
from various ingenious minds. And among those leaders,
women leaders are playing the most profound role by
delivering the best solutions to the businesses and the
clients for ensuring the safety and utmost protection of their
data. They strengthen the privacy and security of the most
valuable data of their businesses and clients. They make
sure that their solutions play an important role in preserving
the safety of data.
Data is the new buzzword today. The data used
appropriately for delivering streamlined and organized
solutions is beneficial to the clients and businesses. But
ensuring the protection of this valuable asset called data is
challenging for many businesses. The eminent women
leaders in security make a point to deliver the
technologically advanced solutions that play an essential
role in ensuring the businesses' cyber security. They don’t
make any excuses in leaving any room for the theft or
exploitation of the valuable data of the businesses. They
don’t leave any chance for hackers, stealers, and
cybercriminals to access the data by delivering highly
evolved security solutions to the important information of
the organizations.
Innovativeness is the most intrinsic quality of eminent
women leaders in security. Innovativeness is literally in
their genes, and they nurture that innovativeness much by
constantly being creative and thinking beyond normal
thinking. They know that to sustain their competency in the
market, there is no other option for them other than being
innovative and delivering something of value and
credibility to the industry. Their approach is clear, and they
come up with innovative ideas and implement them to
improve the quality of the solutions to the ever increasing
challenges in the security industry. Competence and
presence of mind are the hallmarks of eminent women
leaders in security. They are competent to deliver
innovative solutions to address security challenges in the
industry.
Eminent leaders' competitive approach helps them avail
edge over others in delivering the most accurate and timely
solutions to the existing problems. Moreover, the presence
of mind is essential to be successful in any field or any
industry. The eminent leaders possess this quality of
presence of mind in abundance, and this quality helps them
come up with the most pragmatic solutions to the
unforeseen challenges even at the spur of the moment. This
is one of the best qualities of eminent leaders in the security
industry. They adopt best practices to strengthen the
security of the businesses. Innovativeness, Competence,
and Presence of mind are vital attributes that help women
leaders in security to be more eminent in the industry.
Innovativeness and Competence
30

|
April 2022

Paving the Way
www.insightssuccess.com

The Liberty in
Security
oday, there are huge opportunities in the
Tcybersecurity industry but a massive shortage of
cybersecurity professionals. And diversity in the
workforce can fill this space.
The problem really is not the industry being occupied by
more number of men; not having enough women is the real
problem.
If we look at the figures, indeed, the number of women has
grown from the past years, but there are still many
opportunities to be seized in cybersecurity careers.
Women have always proved their mettle in almost every
industry. They have displayed what they can bring to the
table. Be it building ground-breaking solutions or guiding
budding women to make a career in the industry, women
have contributed in every possible way to the development
of the industry.
The Real Deal
Building a career in a field like cybersecurity needs not just
knowledge but experience, and the constant focus to
improve helps businesswomen go the distance. Adapting to
new technologies is good, but it also means you are more
prone to cyber-attacks. Today’s businesswomen realize the
impact of technology and understand the extent of risks that
technology brings along. They evaluate risks and provide
solutions accordingly in a timely and cost-effective manner.
Beyond that, the journey is full of challenges, like –
promoting ethics, diversity, and integrity in the organization
and of course to keep the clients and the company away
from any compliance. They understand that it is not an easy
task, as they have to be ready with the options for any such
challenges.
You cannot just raise your voice when things go wild; only
better communication and understanding of the situation
will get the job done. This is what women leaders
exemplify. Sharing knowledge, attending seminars,
interacting with industry experts clears their understanding
of the complex and challenging fields like cybersecurity.
The Perfect Fit
Women in cybersecurity have changed the dogma of the
industry, be it cybersecurity, IT, healthcare, or any other
field for that matter. Their proactive leadership and building
secure applications keep them stay ahead of the emerging
competitive market.
The key to their success is the promotion of inclusivity and
diversity in their team, making the cybersecurity field male-
dominated-free. Yes, it will be a reality soon; there will be
no longer a need for the term ‘male-dominated’ if only
everyone is given equal opportunity to lead, of course.
The End Thought
Businesswomen have remained true in their mission, helped
other women entrepreneurs, gathered and shared everything
they have. Ultimately, the quality which stands out in them
is never giving up; they always think of alternatives for
every problem.
Building a global workforce of women not just in
cybersecurity but in every industry should be our goal as a
society. That is the only way we can shape the future of
women in the industries, including cybersecurity.
|
April 2022

Lori Sussman
Assistant Professor
University of Southern Maine
40

Lori Sussman
A Fearless Veteran Educating Future Cybersecurity Experts
C
ybersecurity is one of the most critical issues that
several organizations deal with today on a global
scale. With the ever-growing expansion of
digitalization of data, it becomes challenging to protect
essential information. Numerous instances of data breaches,
ransomware attacks are becoming dangerous threats and
heading further into the future, and it will become more
critical to build secure cyberspace. However, leaders in
Cybersecurity are consistently improving existing
technologies, and it is necessary to educate the upcoming
generation to utilize their unique take on Cybersecurity.
Lori Sussman, Assistant Professor in the Department of
Technology at Cybersecurity at the University of Southern
Maine, is one such leader who uses her years of expertise
to educate and train future cybersecurity experts. Lori is a
veteran who dedicated over two decades of life to the US
Army. She now helps organizations build the leadership,
technology, and security capability needed for this
increasingly global and connected future.
In 2015, Lori was named one of the CRN 2015 Women of
the Channel Power 50 Solution Provider by The Channel
Company's CRN Magazine for her exemplary record of
success accelerating her clients' needs through technology
solutions.
A Unique Journey
In a non-traditional path to academia, Lori's career started at
West Point as part of the fourth class to allow women into
its ranks. Even when dealing with some animosity about
women being part of the Corps of Cadets, she learned to
"cooperate and graduate." She proudly graduated as a
second lieutenant in the Signal Corps, the Information
Technology branch within the US Army.
Lori served over 24 years of US Army service with
distinction and retired at the rank of Colonel. It was her
honor and good fortune to assume various leadership
positions culminating in brigade command. She benefitted
greatly from the mentorship and the sponsorship of
enlightened senior officers and officials.
During her service, Lori pursued and completed four
master's degrees, which proved to be an essential factor as
she moved from the public to the private sector after her
retirement. She explored large corporations, small
businesses and also ventured into entrepreneurship. As a
result, she got to work for elite high technology companies
such as Cisco, Hewlett Packard, and a local South Carolina
Fortune 5000 company. Lori managed highly complex,
diverse, and active organizations engaged in developing,
acquiring, integrating, deploying, and sustaining state-of-
the-art business, technology, and security systems for
clients in these roles.
Lori felt her calling when she read about the need to move
from success to significance in the book "Half Time." So
she enrolled in the University of New England (UNE)
doctoral program in transformative educational leadership.
In 2018, the University of Southern Maine hired Lori as
part-time faculty, and she became full-time faculty in 2019.
|
April 2022

In three short years, she helped create a new program for a
Master's in Cybersecurity, started a community service
Cybersecurity Ambassador program, and started USM's
Cyber Defense team called the Husky Hackers. Lori states
that it has been an exceptional experience watching students
thrive and grow.
The Mission and Vision of USM
The University of Southern Maine (USM) is a unique
institution with a mission to provide students with a high-
quality, accessible, aﬀordable education. It has
comprehensive undergraduate, graduate, and professional
programs designed to educate future leaders in the liberal
arts and sciences, engineering and technology, health and
social services, education, business, law, and public service.
The faculty is committed to fostering a spirit of critical
inquiry and civic participation. Both students and faculty
enjoy a culture of academic freedom in an environment that
advocates diversity in all aspects of campus life and
academic work. USM supports sustainable development,
environmental stewardship, and community involvement,
thus providing resources for the state, the nation, and the
world.
Leveraging Technology to Teach
Consistent with the USM mission to be a center for
discovery, scholarship, and creativity, Lori emphasizes
projects, writing, problem-solving, active student learning,
application of theory to practice, and measurable outcome-
based learning when teaching technology or cybersecurity
courses. She evaluates students using critical thinking
papers, written case studies, class presentations, small
group work, and applied projects in the university and
community.
Lori utilizes engaged learning techniques to ensure that all
of her students can bring theory to practice by applying
their knowledge, skills, and abilities in contexts beyond the
traditional classroom and providing application
opportunities in the community, the laboratory, and other
venues. This engaged learning challenges students because
Preparing
students
today for the
world of
tomorrow.
“
“
42

it requires sustained and focused application, reﬂection, and
collaboration. In addition, she uses real-world examples to
focus on technology and cybersecurity activities to
understand the issues better.
Putting her students ﬁrst, Lori creates programs that
graduate students with skills, knowledge, and capabilities
for the workforce. She strives to immerse students in the
technology but with enough creative space to evolve, learn,
and grow.
When meeting with a student, Lori examines their values,
personality, culture, likes/dislikes, strengths/challenges,
skills, attitudes, and beliefs.
These attributes inform how one can collaboratively
navigate their academic career to land that technology job
for which they aspire. She spends a great deal of time
making sure that her students achieve the objectives of their
college experience. They should have a purpose for their
present and lifelong learning.
Finally, Lori wants to help her students to appreciate the
larger view of themselves, their university, and their
community. Students must see a connection between their
experiences at USM and the real world.
Heading Into the Future
Lori focuses on creating programs that increase diversity in
the technology and cybersecurity workforce. She recently
founded the USM Cybersecurity Awareness, Research, and
Education Support (CARES) Center, intending to take
advantage of being in the state's fastest-growing region.
USM is a multi-campus university with nearly 20,000
students, making it one of the largest institutions in the
University System of Maine. The CARES Center's goals
are to create various educational pathways that provide
access to underrepresented populations.
The university is starting to shape programs that include
opportunities related to experiential learning, internships,
scholarships, curriculum and workshop development,
outreach programs, and applied research. It has a collective
goal of increasing the cyber talent and workforce capacity
to meet Maine's and private industry cyber needs.
A Note to Younger Ones
In her advice to emerging women leaders in the security
space, Lori says, "Be fearless. Believe in your intuition, and
don't take no for an answer."
|
April 2022

nline data protection has become more critical than
Oever in the digital world. Being complacent in
protecting online information can be a significant
threat, and cybercriminals exploit that. Addressing the
evolving threats to the data with evolving and innovative
solutions becomes the most critical need of all businesses.
"No one in compliance can afford to stay still," believing in
this statement, Mathieu Gorge thinks that innovation must
ensure that security solutions address current threats,
vulnerabilities, and regulations & standards. As the
Founder and CEO of VigiTrust, Mathieu utilizes his
knowledge and experience to resolve the cybersecurity
industry issues innovatively. Apart from that, Mathieu has
also written a book entitled The Cyber Elephant in the
Boardroom published by Forbe Books (November 2020),
aimed at Board members, C-Suites, and critical decision-
makers facing cyber accountability challenges.
Establishing Authority in Cybersecurity
Mathieu studied languages, marketing, and law but never
once learned IT or compliance. However, he was lucky
enough to work for companies where leaders were
passionate about security; he caught the bug and found his
passion in data security, a subset of the security market,
growing to risk management and compliance.
Mathieu's areas of expertise include PCI DSS, GDPR,
CCPA, HIPAA, VRM, and ISO 27001. He has been
involved in payment security for more than 20 years and
has worked with many security working groups and
associations in the US and EU. Thanks to his international
work hand, building on the success of VigiTrust's 5 Pillars
of Security Framework™, he is a regular speaker at
international security and compliance conferences such as
RSA, ENISA & ISACA.
Mathieu was the President of the French Irish Chamber of
Commerce in Dublin from 2017-to 2019 - He remained on
the Executive council and as chair of the ICT working
group. He has also served as the Chairman of InfoSecurity
Ireland and was an Official Reviewer for ANSI (US). He is
the founder of the PCI DSS European Roadshow, running
since 2011.
Mathieu is an established authority and speaker on
Cybersecurity, Risk Management & Compliance with more
than 20 years of international experience. He is also the
Chairman of the VigiTrust Global Advisory Board, an
international security and compliance think tank. In 2021,
he was awarded the rank of Knight of the National Order of
Merit by the French Government (Chevalier de l'Ordre
National du Mérite)
Mathieu Gorge:
A Passionate Leader in Data Security,
Compliance, and Risk Management
The Security is a
Journey, not a
destination
Mathieu Gorge, Founder
and CEO (VigiTrust)
44

Mathieu Gorge
Founder and CEO
(VigiTrust)

Mathieu developed a passion for a domain he did not study,
cyber security, learning technical skills rapidly surrounded
by the right people who shared their knowledge with him.
Having no sales or management training, he learned to
build, grow and maintain a company, its team, finances, and
operations. Without any management training, it was an
uphill battle; however, he surrounded himself with
competent people who had more experience than him, and
they have guided him throughout the process.
Being at the Forefront
VigiTrust is award-winning Integrated Risk management
(IRM) solution provider (PCI, GDPR, CCPA, HIPAA,
VRM) founded in 2003. It is based in Dublin, Ireland, and
has support offices in New York and Paris. It is present in
120 countries. VigiOne, VigiTrust's
flagship solution, enables
organizations to achieve and
maintain compliance with legal,
industrial, and security standards and
frameworks, including data
protection, data transfer and
retention, Protected Health
Information (PHI), and Payment
Card Industry Data Security Standard
(PCI DSS), ISO 27001 compliance
programs, and corporate governance.
VigiTrust helps global Fortune 500
customers comply with US Federal
regulations, State regulations, and
European directives.
VigiTrust has clients in the retail,
hospitality, banking, PSP, and
assessors' industries (to name but a
few) in 120+ countries. Thanks to the
VigiTrust Global Advisory Board, a
non-commercial thinktank bringing
together a group of experts,
researchers, security and compliance
professionals, regulators, law
enforcement, and other industry and
domain experts, VigiTrust is always
at the forefront of cyber-security
innovation.
The VigiTrust Advisory Board allows
members and guests to discuss and
explore new trends, research and
innovation, and the latest threat
vectors in terms of cybersecurity and
regulatory compliance. These events,
now gone virtual, are organized in a confidential, non-
commercial, and non-profit setting under Chatham House
Rules. They feature international speakers renowned for
their knowledge in a specific field regarding security &
compliance.
Security is a Journey
If you look at the roots of the business, you'll see that data
protection was always the center stone of all things
VigiTrust. It still is, so GDPR is right up the pouring alley.
Providing a solution like VigiOne allows clients and
partners to prepare for, validate, and maintain compliance
with GDPR and link that to over 100 interrelated data
protection standards and laws makes total sense.
46

In Mathieu's view, GDPR sets the right tone for data
protection minimum levels, enforcement, and continuous
security. Mathieu always says that security is a journey and
not a destination. GDPR is well aligned with this because
you must continually update your data ecosystem and
perform privacy impact assessments when a new data ﬂow
comes into play.
Simplifying Implementation of Security Solutions
VigiTrust has eighteen years of experience in the
information security services sector into one single SaaS
solution, enabling complex and disparate organizations to
simplify implementing and managing security and privacy
regulations. Its solution, VigiOne, utilizes
VigiTrust's 5 Pillars of Security Framework™ and it
enables to achieve and maintain compliance with legal,
industrial, and security standards and frameworks.
VigiTrust continually innovates and creates new features. It
has a roadmap that it follows with precision to ensure that
VigiOne is always adapted to any organization like QSAs,
ASVs, hotels, acquiring banks, large retail companies, and
other end-users worldwide!
VigiTrust continues to innovate and relies on topics
discussed at the Global Advisory Board and its community
of 700+ members to help it drive innovation in the right
direction!
Addressing Ever-Evolving Issues
VigiTrust will continue to innovate and address the ever-
evolving legal and industry standards landscape regarding
data protection and compliance.
The Advisory Board will continue to monitor the security
and compliance environment.
VigiOne has a very busy roadmap for this new year and is
now venturing into Machine learning and AI innovation, so
watch this space in 2022 for some major announcements!
Prioritizing Right Association
Mathieu advises aspiring entrepreneurs in the compliance
sector, "Just do it! It's a fascinating, ever-evolving domain!
Surround yourself with the right people who know more
than you in their respective domains, build a great company
culture for your team, work super hard, and make fun!"
|
April 2022

igitalization's widespread has disrupted several
Dindustries bringing waves of transformative shifts
elevating and streamlining the workflow. However,
it also comes with several challenges in the forms of cyber-
attacks and threats. Since the past two years, cyberthreats
have targeted vulnerable targets compromising compliance,
data, and privacy concerns. The leaders in the cybersecurity
niche are working fingers to the bone to tackle this solution
to protect and safeguard businesses worldwide.
In the chaos of cyber threats, Nir Ayalon took it upon
himself to protect the maritime industry from cyber-attacks,
working with professionals with deep knowledge and
experience. Today, Nir leads as CEO and Co-Founder of
Cydome, an award-winning maritime cybersecurity firm.
He also serves as an ISO committee member for Marine &
Ship technology and Cybersecurity.
The Rise
Nir's professional life began developing and researching
data protection and disaster recovery solutions for
enterprises, developing into several technical and
commercial roles at IBM. He has been involved with
several successful start-ups developing technology for the
business sector. While developing advanced R&D
initiatives focused on cyber defense and protection, he saw
the value and opportunity to create a highly specialized
business in the maritime industry. Thus, Nir Co-founded
Cydome, a maritime cybersecurity company with an
excellent team having extensive experience in maritime
ecosystem and Cybersecurity.
Nir states that he faced unique challenges that had a huge
impact. The global shipping industry is the backbone or
foundation layer of the world's supply chain and historically
has several security weaknesses. He understands that the
cybersecurity threat in the maritime sector is relatively new
- and it is the result of increasing digitalization and an
improvement of satellite communication technology.
The Secure Approach
Since Cydome's initiation, Nir knew he had to develop a
different approach to Cybersecurity. He expresses that the
maritime cybersecurity sector suffers from the major legacy
providers putting a "maritime" label on their product and
thinking their product development job is done. The reality
is that the IT and OT infrastructures within a ship present a
significantly more complex set of vulnerabilities both to and
from the ship. Cydome started with a clean design sheet.
Cydome's mission is to protect the entire supply chain by
protecting the maritime industry. This industry is the
backbone of the world's supply chain and economy;
therefore, cyber leaders need to act as a global protector for
shipping.
Nir states that cyber defense must always be on and
defending, and it must protect all points of accessing all of
the time. Cydome has approached the problems with
innovative solutions and then constantly reviewed,
evaluated, and improved. It committed a significant
percentage of its income back into its R&D development,
resulting in award-winning solutions.
Cydome envisions innovating and being a step ahead
of the industry's problems to help the entire supply
chain. It has already implemented steps by partnering
with one of the leading maritime universities to
create a central database for cyber-attacks, with the
vision of leading transparency and innovation in the
sector.
Cydome has made a dent in the universe with its
solutions. Nir says, "Where there is an industry with
big problems, there is an opportunity to build a big
business providing the solutions." The global
shipping industry is massive and at-risk; figures for
2019 show that 11 billion tons of cargo worth $11
“
“
Safety, Visibility,
Compliance.
Complete Cyber
Security solution
for the maritime
ecosystem.
48

NirAyalon
NirAyalon
NirAyalon
Safeguarding SEAS
from Cyberthreats
Nir Ayalon
CEO
Cydome

trillion were moved by 98,000 ships. Such big numbers
attract unwanted attention, and Cydome detects and
prevents thousands of attacks each day on clients' vessels.
Unique Approach
Cydome's strategy has always been to invest in research and
development to create original, innovative, and proactive
solutions. Nir mentions that the early days of cyber defense
were limited to detection and reporting; proactive defense
and protection, combined with an always-on approach to
monitoring, is the way forward.
Cydome is developing and implementing several methods
to support the challenges of the maritime industry, such as
Machine Learning (ML), which uses Big Data to provide
effective detection and defense against attacks. It focuses on
developing automated tools to bring a new level of ease-of-
use in the event of cyber incidents that happen in real-time.
Nir asserts, As automation is the future, we have also
brought it into our compliance tool, which is specifically
aimed at regulations for maritime cybersecurity, including
IMO 2021.”
Prepared Mindset
The cybersecurity world is dynamic and changes constantly.
Attackers exploit vulnerabilities, and defenders detect and
protect the protected assets. Technology, in general, is also
advancing very rapidly - creating opportunities for more
zero-day exploits.
Machine learning is a powerful tool that will take this cat-
mouse scenario to an entirely new level when attackers use
ML to launch new complex, difficult-to-detect types of
attacks.
Cydome is already developing and using AI to monitor and
search for signs of anomalies that suggest a complex attack.
What Comes Next?
Currently, Nir is focused on building Cydome into the
leading cybersecurity provider in the maritime sector. To do
so, the approach of the company will continue to focus on
the security of the entire supply chain, which involves
protecting fleets, ports and offshore facilities. Without these
parts having proper, ongoing defence against
cybercriminals the entire maritime ecosystem is at risk.
Cydome will continue championing this integral
proposition for the benefit of the entire supply chain and
economy.
Words of Experience
Nir advises budding entrepreneurs aspiring to venture into
the cybersecurity niche to research extensively. He says,
Understand and validate the problem and know your
users. And the most important thing - build a diverse and
creative team that will complete each other. Plan to build a
solution to a real and significant problem and develop a
strategy to be the best provider of that service.
50

Nitesh Sinha
Founder, and CEO
Sacumen

Nitesh Sinha
Nitesh Sinha
A Rising Phoenix Safeguarding YOU Digitally
he Cyber security space is transforming the ways
Tbusiness operates, spreading its roots deep enough
to increase accessibility and detect and protect data
from potential threats. The leaders in the niche are mapping
a framework that can help businesses develop innovative
security products. Providing a trusted array of services to
help companies stay ahead of the curve, Nitesh Sinha
founded Sacumen.
As the CEO, Nitesh is passionately transforming the
perspective of the security industry by becoming the trusted
enabler and differentiator. He works with Security Product
Companies to assist them in facing ever-evolving security
challenges, competitive market, and ever-changing business
dynamics.
Sacumen aims to be the leading Global Security Product
Engineering and Services company by helping its client
stay ahead of the curve because of the ever-evolving
security challenges by providing innovative security
solutions, generating more excellent value for its customers.
Sowing Start
Following a traditional professional journey, Nitesh went
through the struggles that most people do, but his humble
yet constant rise through the ranks makes his
entrepreneurial journey distinctive. However, he wanted to
do something more to contribute his expertise in the
cybersecurity space. When the stars aligned, he came across
Clarion Venture Partners, who reached out to Nitesh to
build a company specializing in security services; thus,
Sacumen came into existence.
Nitesh has always been a risk-taker, and by the Sacumen
was born, he had garnered enriching experience of running
business learning from his previous jobs. Coming from a
developer background, he developed security products and
solutions. Though, his technical expertise came in handy to
shape Sacumen to be the company that can pivot faster,
with a diverse skillset.
Sprouting Roots in the Desert
The COVID-19 Pandemic came with waves of
unprecedented disruption that wiped out much business.
Although, it also was a blessing in disguise for many
companies, and Sacumen was one of them. The entire
business culture shifted to working remotely, becoming a
boon for Nitesh. It was precisely the set of the things
Sacumen offered solutions for validating their business
offerings. Sacumen has worked with cyber security
companies to become specialists in building connectors,
pairing with integrations of security product companies and
non-security product companies from day one.
Sacumen's offerings became the differentiator in the cyber
security niche that helped it survive the Pandemic and
continue to rise with 100% year-on-year growth. Nitesh
asserts, I think the key thing is to be much focused there
and be that master in terms of doing what we are offering to
our customer. Be that specialist where customers can trust
us blindly to the things, we are building it for them, it needs
focus and commitment, and we have all of it exhibited at
Sacumen.”
Today, Nitesh's leadership has positioned Sacumen in its
field with strengthened roots becoming a true differentiator
in its offering for cybersecurity product companies.
A Trustful Impact
In the pursuit of being the best of best, Sacumen is leaving
a dent in the universe with connectors, third-party
integration, and developing products for security companies
to understand their use cases. Sacumen has an extensive
partner system, where it can figure out partnerships, access
“
“
We're here to put a dent
in the Cybersecurity Universe.
Otherwise, why else even be here.
|
April 2022

the acquired product, and license to deliver a robust
delivery process in terms of how it operates. Under Nitesh's
leadership, Sacumen has cemented itself to provide fast-
paced solutions with high-quality and reduced costs.
Nitesh is dedicated to completing the project with
unmatched efforts and moving on to the next one to be on a
continuous learning curve. He has implemented a culture
where everyone takes complete ownership of their work at
a threshold level to the top one. Nitesh believes taking
ownership challenges every employee to keep innovating
and move forward.
Nitesh values fairness very immensely apart from
teamwork and delighting customers. However, he is very
particular about the commitment and sticks to being
transparent to take the business to newer feats.
Automation: The Next Significant Change
The world is moving towards automation, and Sacumen
will play an essential role in connecting various systems
with its security products and services. The ability to sort of
have a real-time detection of the security threat or attack
and bring able to respond with minimal manual integration
will create a massive wave of transformation to this
ecosystem. Nitesh states that Sacumen is headed to that
potential future to be the company that provides all the
digital security solutions under one roof.
Over the Horizon
In the long haul, Nitesh envisions Sacumen as 50%
services-based and 50% product-based. Sacumens solves a
specific problem of integrations for its customers and aims
to continue doing so. Nitesh asserts, We are very clear that
we would want to be so far the powerhouse of connectors
for our customers. Once the trust is built up, you start to do
more on the other set of product engineering work, exciting
things on machine learning. It just a matter of continued
focus to achieve that more year-on-year growth to be the
player where any time you talk about security, Sacumen will
be a synonym to security when people talk about it.”
A Learner's Advice
Nitesh advises upcoming entrepreneurs aspiring to venture
into the cybersecurity space to be prepared for changes as it
is the industry's norm. In his concluding thoughts, Nitesh
says, If you want to be a successful entrepreneur, your
ability to say no is much more important than the ability to
say yes to things. Because there'll be many opportunities
where it will just distract from your focus to what you are
trying to solve, so as long as you are clear with your vision
of it and what problem you are trying to solve with it, you
would be successful.
54

Empowering Youth to Greatness Through Education, Mentoring, and Networking

10 Most Influential Business Leaders in Cyber Security April 2022.pdf

10 Most Influential Business Leaders in Cyber Security April 2022.pdf

Recommended

Recommended

More Related Content

Similar to 10 Most Influential Business Leaders in Cyber Security April 2022.pdf

Similar to 10 Most Influential Business Leaders in Cyber Security April 2022.pdf (20)

More from insightssuccess2

More from insightssuccess2 (20)

Recently uploaded

Recently uploaded (20)

10 Most Influential Business Leaders in Cyber Security April 2022.pdf