Podcast - The New CISO Ep. 86: Self-Sufficient Security: The Perks of Being a vCISO with Laura Louthan - Exabeam

The New CISO Ep. 86: Self-Sufficient Security: The Perks of Being a vCISO with Laura Louthan

Podcast Transcript | Air Date March 15, 2023

Listen to the Podcast

Listen to Steve and Laura discuss embracing challenges but avoiding struggle and tackling likeability when applying for jobs:

Meet Laura (1:45)

Host Steve Moore introduces our guest today, Laura Louthan.

CISO and only employee at Angel Cybersecurity, Laura, had an eclectic past before settling into the security field. She worked as a scuba instructor, can-can dancer, and temp before getting her first IT job. She feels she was fortunate to break into IT when she did.

London and LA (5:04)

Laura explains why London and Los Angeles didn’t suit her well. She had a job in London that she didn’t enjoy, but her brother worked in Los Angeles in the film industry. 

When she got to LA, she realized that the movie business was not for her. Instead, she landed a job at Club Med. When something didn’t sit right with her, she left and is grateful that she used her twenties to explore. She advises people looking for work to try temping as a way to get a foot in the door at organizations.

Learning On The Job (9:47)

While working in IT at Equifax, Laura had to teach herself how to do things. She figured out how to get answers and become self-sufficient, which is a valuable skill.

She knows how to get things done but also understands her skillset. She believes that it is more efficient to be truthful about your abilities.

Challenges, Not Struggles (14:09)

Laura admits that while she likes a challenge, she does not want to struggle. For example, she understands that privacy and security are different, although overlap exists. 

If her clients asked her to fulfill their privacy needs, she believes that would be inefficient since that is not her area of expertise. She would be happy to refer that client to a privacy professional instead.

The Privacy Question (16:24)

Steve asks Laura if there is a greater need for privacy help. Laura believes this is external pressure for CISOs, and that privacy pressure comes after security.

Laura thinks privacy is exciting and intellectual, but recognizes that it takes a different mindset. She is very comfortable with her specialty in security.

Her Time At Sephora  (22:48)

At Sephora, Laura was the head of Information Security. After working in the credit industry, she found the retail space to be a fascinating change.

Although Laura is not the archetypal security type, she found her personality and gender made her a good fit for this female-focused company. 

The Likeability Index (27:41)

Steve and Laura discuss how a desire for “likeability” is typically higher in women, which can hurt them during negotiations.

Women also tend to apply for jobs they are overqualified for. Laura advises women to apply for jobs that may be more of a reach instead — which, often, is what men do. Laura explains that a job should be a challenge.

In The Interview (31:22)

Laura and Steve explore different questions candidates should ask or consider during the interview process.

For Laura, she asks what technology the potential client uses, their industry, and other questions that clarify if she’s the right fit. Before taking a client on, you want to ensure you can help them. Ultimately, if you do good work, clients will typically recommend you.

Legally Speaking (36:20)

Since Laura is not an employee of her clients, she explains how she handles legal risk. 

Laura has errors and admissions insurance and details that she is not responsible for other companies’ compliance. Since Laura is not full-time, she can’t be there for every meeting, but she works hard to establish her purpose and goals with company leaders.

The Challenges of Being a CISO (41:55)

Laura shares that the worst part of the cybersecurity industry can be the negative security person. She believes that CISOs should, in general, improve their ability to collaborate with other departments outside of IT.

The New CISO (43:45)

To Laura, a new CISO is a chance to be pragmatic and enable the business. Working together is a joint decision, so building relationships with the people you work with is important.

Links mentioned:

Listen to the Podcast