Dr. Christine Izuakor is the CEO of Cyber Pop-up, securing businesses through an on-demand cybersecurity platform powered by vetted and highly skilled cyber experts. Christine was interviewed by Andrew Daniels, Co-Founder and President at CrashBay and Founder and Managing Director at InsurTech Ohio.
Christine, you have spent your entire career in the cybersecurity space. How have those experiences shaped your view of the market?
“When it comes to cybersecurity, I’ve done everything under the sun, so I have a pretty broad view of the cybersecurity space. To give some background, I started in academics by earning a Ph.D. in security engineering and becoming a professor. Having that experience of learning and digging deep into the industry as a student and then teaching allowed me to approach the cybersecurity space from a very thoughtful and programmatic standpoint. Often, it’s said that you don’t truly become an expert at something until you can teach it.
Simultaneously, I became a Fortune 100 cybersecurity leader looking at the global view of attackers coming from every corner of the earth targeting large companies. Cybersecurity is an area that can impact the economy as well as people because of the magnitude of what can happen when companies large and small get hit by a cyber breach. Millions of people are impacted, and there’s a lot of money involved.
At Cyber Pop-up, our mission is to help secure small businesses. I see a lot of companies that don’t have the resources to protect themselves and are struggling in that same threat landscape. With all of the different views, I’m able to acknowledge that this is a very complicated industry. It takes a lot to untangle, but it also gives a certain level of empathy for all the different players that make up this ecosystem because everybody can be impacted by cybersecurity. It doesn’t matter if you’re a large corporation, nonprofit, startup or an 80-year-old grandma somewhere. Every single person can be impacted by this. It takes participation from everybody to stop that from happening.”
What’s top of mind for you in this industry?
“I noticed cyber attackers early in my career, and that got under my skin. We’re seeing attacks on nonprofits who are out there trying to do good in the world and are losing their donations and resources because attackers know they don’t have the same security controls in place as larger public companies.
I used to do Pro Bono projects for some of those places to help them out, and the difference this little effort makes for some of these companies sparked something for me. There are many underserved and unprotected communities out there that need help, resources and everything in between. I want to do all that I can to shift that.”
How has the industry shifted focus to small businesses?
“Today, there’s more conversation about small business cybersecurity happening, which is a step in the right direction. There’s a ton of room for growth. We’re seeing a couple of trends in the industry. First, regulations are starting to impact small businesses more. Often, small businesses are held to the same standards as big businesses, creating stress on the small businesses. As small businesses look to work with large customers or look to become vendors of large customers, they’re also required to comply with certain cybersecurity regulations.
For example, let's say Google is working with a small business supplier, which is a great opportunity to fill a need for Google and also help a business grow. At the same time, if their systems are connected and the small business is hacked, cyber attackers can use that as an entry point to hack the larger company. That piece is a reason why these vendors are starting to have very strict requirements for small businesses.
Customer expectations and consumer expectations are higher today for cybersecurity. If I’m buying a product from you or using your product, I expect that you’re going to protect my data and protect me. These things are shifts in how the industry views and works with small businesses. That has its pros and cons because, on the positive side, this protection needs to happen. Small businesses should not be as vulnerable as they are today. For an under-resourced company, it’s hard to figure out what needs to be protected.
I’m glad that the growth in protecting small businesses is happening, but these small businesses also need the support and help to meet expectations that continue to grow.”
What does the talent landscape look like in cybersecurity, and how do we build stronger pipelines?
“The cybersecurity talent space is very dear to me. One of the biggest challenges from a talent standpoint is the number of people needed to defend against attacks. There are something like 3.5 million more jobs than people to fill in the cybersecurity space, and there are a lot of layers to it.
It’s easy to say that statement on the surface level, but building stronger talent pipelines is not just about raising awareness that these opportunities exist. That’s important, and it needs to happen more. I stumbled across this industry by accident, and so I think more awareness that this industry exists is important. Educating people in building programs to spread awareness is great, but the biggest gap to building talent pipelines today, from a cybersecurity standpoint, is high-risk stuff. Most of these roles and positions that are open require years of experience.
When there’s a shortage of talent when you’re trying to develop people, but they don’t have the opportunities to gain experience, it just widens the gap. Within this space, I think that one of the biggest areas of opportunity in building pipelines is to find very organized and scalable ways to get people hands-on experience. As we solve that problem, we’ll finally see some relief and shrinking of that gap in the shortage that we see today.”
What problems still need to be solved in the industry?
“In the next couple of years, we’re going to get to a point where every single small business will need cyber insurance. A huge problem is that if small businesses don’t have the right security controls in place, they open up cyber insurers to a ton of risk. While there’s this explosive growth for cyber insurers, there are also greater losses. The problem of how to educate small businesses on what they should do from a cyber standpoint, and how they can take action, still needs to be solved. That way, as they get cyber insurance, they are not opening up their insurance to risk. We’re very focused on collaborating with the cyber insurance ecosystem to address this problem.
Another one that comes to mind is better organization. It sounds so basic, but there needs to be some sort of consolidation to help small businesses navigate the world of cyber. To give some context, there’s something like 7,000 cybersecurity solutions on the market today, which is insane. I’ve spent a decade leading security functions in a Fortune 100. I’ve bought and used plenty of tools. I have no shame in admitting that I don’t know what half of the tools on the market today are. If I feel that way, then we can’t expect most of the world to know what these things are. We’re in an environment where a lot of new tools are popping up and some of them provide value, but there’s just a lot of noise out there. Figuring out how to navigate that, whether you’re a large enterprise or a small business, is a growing problem that needs to be addressed.
Last, the more systemic thing is education and awareness. When people think about education and awareness in the cybersecurity space, they usually think about phishing or traditional training. It goes well beyond that. From every different angle, there’s a cybersecurity play, whether you’re a lawyer, founder or staff.”
Коментари