We ‘go phishing’ with Carolyn Crandall, Chief Marketing Officer at Attivo, who tells us about her career journey and life inside and outside the office.
- What would you describe as your most memorable achievement in the cybersecurity industry?
My most memorable achievement in cybersecurity was being ranked as one of the top 10 women in cybersecurity from CDM in 2021. It is truly an honour to be recognised among so many talented women. Over my career in cybersecurity, I have had the good fortune to be able to participate in market education, standards development and bringing new technology to the market.
Working for Attivo Networks has also provided me with the opportunity to make a difference in cybersecurity through its deception and identity security products. Being able to efficiently detect in-network attack activity has become critical for all organisations so that they can be prepared to combat and derail the actions of ransomware and other advanced attacker tactics.
- What first made you think of a career in cybersecurity?
Having been in the industry for over 30 years, it goes back to the days when networks were just becoming established. No one gave much thought to cybersecurity as a concept as they were more focused on developing forms of connectivity. Therefore, my background started as a natural progression, when people started realising that these new networks needed greater protection.
- What style of management philosophy do you employ with your current position?
The foundation of good management is communication – making sure there is alignment between a business’ vision goals and priorities across all levels. Everyone must understand what the company objectives are and how it is achieving them.
Another important aspect is collaboration and recognising that no one can conquer business objectives alone. Each team works cross-functionally and there shouldn’t be a silo in sight. Also, if a team never fails, then it means they’re playing it safe. Leaders should be encouraging teams to push themselves by trying new things. Some proposals will work, some will not and others will deliver greatness. I love discussing a good, better, best plan and running through ‘what if’ scenarios that revolve around the removal of barriers.
- What do you think is the current hot cybersecurity talking point?
As remote working is still a part of our everyday lives, hybrid working naturally becomes a hot topic. On top of this, there are many conversations around government mandates directives and the need for greater action against the aggressive set of ransomware attackers currently out there. It all comes down to this: if global governments don’t partake in helping prosecute the assailants and shut down their activities, what other measures do we need to strengthen the safety of our critical infrastructures?
When looking into identity security, the act of protecting credentials, privileges and the systems that manage them, one of the biggest talking points is exposures and misconfigurations in Active Directory. This is mission-critical because if domain control is lost there can be a significant impact on Business Continuity and welfare. Protecting identities must be a top priority for organisations, to prevent cybercriminals from gaining this level of control, especially when it can result in a direct impact on human safety and well-being.
- How do you deal with stress and unwind outside the office?
I enjoy doing anything outdoors and typically love to travel. My salvation over the past few years has been my dog, who was a constant reminder to get away from my screen and revisit the world around me.
- If you could go back and change one career decision, what would it be?
I should have had better diligence about a company, its viability and the leadership before working there. I also should have moved on faster, once I realised that it was not a great match. Changing jobs quickly can be a difficult choice, but when you know you’re not in a good environment, you should make that decision to change. Harmful environments and employers can often have a huge impact on mental health, which can have longer and deeper implications.
- What do you currently identify as the major areas of investment in the cybersecurity industry?
Right at the top of priorities is identity security. There is currently a significant amount of investment in identity access management, with a lot of focus falling on provisioning, connecting and controlling it. There has not been the investment needed in identity security, which focuses more on visibility to identity-related exposures and detection of attacks leveraging credentials and privileges.
Further, ransomware pay-outs are greatly increasing and becoming more common. It’s now reached the point that insurance companies will refuse to pay out if organisations are not taking the appropriate protection measures in the first place.
- Are there any differences in the way cybersecurity challenges need to be tackled in the different regions?
Certain markets have attracted more negative attention than others. However, attacker attention is becoming more universal with cybercriminals turning to wherever they can gain access to high-value assets. The UK needs to be as prepared as the US or Australia, regardless of the industry in which they operate. Attackers will always follow the money. So, it’s become more a case of which industry or organisation has the biggest prize pot and the weakest defences to get to it.
- What changes to your job role have you seen in the last year and how do you see these developing in the next 12 months?
The role has evolved with the growth of the company. Attivo has grown from only selling cyberdeception technology for lateral movement detection to also selling identity security solutions. It is a natural progression of defences since security teams need visibility and detection into how attackers misuse credentials, elevate privileges and move laterally. This change has driven work in company rebranding and repositioning so that Attivo is recognised for its leadership in both deception-based detection and identity security markets. We have also seen tremendous global expansion, which has created new activities to support global expansion, demand generation and brand leadership recognition. The other change has been related to the slow restoration of face-to-face events. This has created an opportunity for limited but direct engagement with prospects and customers.
At the end of the next 12 months, I’d like to see identity detection and response become an established category with its place firmly established within the security stack. It’s off to a good start, based on the survey findings from research by Enterprise Management Associates (EMA), which found that 27% of respondents are already using IDR for combatting advanced attacks such as ransomware 2.0.