This week’s episode of the Security Stories podcast was one of my favorites to record, for a few reasons.
Our interview is with a remarkable lady called Masha Sedova, who co-founded Elevate Security. Elevate uses data and analytics to invoke cultural and behavioural change in a company’s approach towards cybersecurity. I met Masha at RSA when she had just been announced as finalist for the 2020 Innovation Sandbox award, which tells you something about how unique and interesting her solution is.
Before Elevate, Masha was a Security Executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners and customers. And it’s there where she had the idea for Elevate.
I have always loved that within the security industry, you really can make a difference. Masha saw something that could change, and had the courage to go out and set something up herself, rather than wait for someone else to do it. “The industry doesn’t have to be this way” is the mantle she had when she decided to go for it.
There’s many reasons why this was one of my favorite interviews. For anyone tempted to listen, I would say – come for the unique insights into human behavior and why we make the security choices that we do sometimes. And then stay for the discussion on setting up a business, as a woman, in the security industry.
During the interview, Masha recalls a specific and very personal example of gender discriminatory behavior she came up against whilst she was trying to raise investment three years ago. This led to Masha creating a hiring policy in her organization which focusses on hiring more women, and embracing diversity as a rule.
It really struck a chord with me. Because this type of gender discrimination isn’t uncommon for women in the technology sector (dare I say most sectors). I myself can still recall, very vividly, when it’s happened to me. I know it’s happened to friends of mine. It does stay with you, and it has lasting impact.
So I wanted to share this important message to say that it doesn’t have to be this way, and Masha is an example of the kind of leadership that’s required to ensure it doesn’t have to happen to anyone else. Thanks also to Masha’s co-founder Robert Fly, who had her back in that investor meeting.
I have a few friends with daughters who are growing up, and I hope that soon, the world is open to whatever they want to do with their lives and careers.
Also in this episode, Ben talks about the resurgence of digital extortion scams, what they tend to include, and what to do about them.
And finally we have our ‘On this Day’ feature. For this, we go back into the cybersecurity archives and pick out significant events that happened around this time, however many years ago. We’ve gone back to the 70s to talk about the first ever network attack, and we visited the 90s in the last episode to talk about the launch of Snort onto opensource, but for this episode we’re only going to go back 3 years, because, well we couldn’t not.
Because on May 12th 2017, something called WannaCry began to wreak havoc within computer systems across the world. We revisit the timeline of the attack, how it all unfolded, and the significance that WannaCry still has today.