Up next in our series featuring women in technology at Imperva is a spotlight on Shu White, the company’s vice president and deputy general counsel. Hailing from a legal background, I found her perspective particularly unique. Read below for Shu’s take on the cybersecurity industry, the inspiring characteristics of one of her biggest mentors, and what she finds to be the most challenging about her role.
Your background is law. Tell us how you got into cybersecurity.
SW: As an attorney, I initially learned about cybersecurity because I had several clients in the security space and part of my job was helping those clients develop public disclosures to investors about why their companies would be a good investment. The disclosures would talk about why the security solutions they sold were important, what they expected the market for those products to be, and the risks attendant to their businesses. Imperva was one of my clients and when the opportunity arose to join the company, I jumped on it and haven’t looked back.
What do you love about your job?
SW: I am on a great team and I get to work with smart people across the organization who are engaged in solving important problems for our customers. Security is not an easy problem to solve but an easy cause to rally around because you’re on the good side. It’s a constantly evolving threat landscape and I am constantly learning. The company puts time and effort into interesting research on the latest hacking techniques and what we are learning from our products about the ways data and applications are vulnerable and how those vulnerabilities are being exploited. The proliferation of personal data in the cloud also makes finding effective ways to protect data and combat bad actors all the more important.
What do you find to be the most challenging?
SW: Organizations are complex. They are made up of individuals who have different motivations and skill sets and teams that have different priorities. It can be challenging to execute on ideas and effect positive change. Getting individuals and teams to work together toward a common goal takes trial and error and oftentimes it takes the right people with the right capabilities doing the job. Performance issues within a team are common and it can be hard to overcome inertia and the way things have always been done. I focus on how I can help my team perform at optimal levels so we can contribute to the organization’s larger goals.
Who was one of your biggest mentors?
SW: The company’s general counsel, Trâm Phi, has had a huge influence on my career and I’m really thankful to have the opportunity to learn from her. Before Imperva, she was general counsel of Invision and Arcsight, which were both security companies though in different spaces. She knows her values and doesn’t waiver in the face of tough decisions. She could also do the day job of every person on her team (if there were enough hours in the day). She’s a doer, a thinker, a leader and really cares about her team. I aspire to be a similar kind of business adviser and lawyer.
As you mentioned, cybersecurity is constantly evolving. How has the industry changed throughout your career?
SW: At Imperva, we are definitely focused on the shift to cloud computing and how you protect data and applications that are migrating to the cloud. There are also so many different point solutions for security that an organization’s ability to integrate data from different security vendors can be challenging – integrating our solutions with the ones our customers are already using can be a key differentiator. Security also has to adapt to the way bad actors are choosing to approach data theft and extortion and how malicious insiders (or even careless insiders) can pose a threat to an organization’s data and applications. It’s important to understand what the biggest threats are and develop solutions accordingly.
What advice would you give to someone entering the cybersecurity field today?
SW: It’s a great time to be entering the field of cybersecurity and I don’t see the need for cybersecurity slowing down any time soon. Be proactive, understand the landscape and how it’s changing and stay on top of trends relevant to the area of cybersecurity you’re focused on. No matter what industry you’re in, it’s important to be proactive and a practical, solutions-oriented thinker.
Anything else you’d like to tell our readers?
SW: Protect your loved ones and educate them about cybersecurity threats and the ways they may be vulnerable. If you don’t know how you might be vulnerable, educate yourself. Check out the resources available online, like the Department of Homeland Security’s “Stop.Think.Connect.” campaign aimed at educating the public on how to create safer and more secure online spaces. There are so many scams out there. It can be hard to know what communications to trust and we’ve got to train ourselves on what to look out for. I’ve accidentally clicked on the phishing links sent out by the information security team at Imperva that test whether employees are sufficiently aware of the risks. It helped me learn what to look out for and not to be tricked again.