March is National Women's History Month, and at Mandiant we know that this is a time to pay tribute to the innovations and contributions of women throughout history that have made a difference in our society. And more importantly for us, we want to recognize the women of today that are embracing technology to make a difference in the world of cybersecurity.
As part of this series, we sat down with CEO and Founder of Pondera International, Kristen Verderame, to discuss her career and what has driven her to embrace the future of technology.
HB: Please introduce yourself and explain your role at your organization.
KV: I am the CEO and founder of Pondera International, a consulting and advisory firm that specializes in two main areas: cybersecurity policy and startups. With regard to cybersecurity policy, I represent a select group of clients whose goal is to, literally, 'make this country safer.' In that role, I spend a lot of time on Capitol Hill working with Members and staff to provide technical and policy expertise where it may be needed, facilitate positive discussions, and strategize to achieve some sort of legislative solution to the threat of cybersecurity. My clients do not support or oppose any specific legislation, but support any positive legislative steps that could serve to address the existing threat. With regard to startups, I also lead a virtual team of experienced advisors and specialists to advise start-up companies on business strategy, including serving as outside general counsel and interim executive during transition or growth periods.
HB: How did you get started in the field?
KV: Before establishing Pondera, I served as General Counsel for British Telecom (BT) in the Americas. BT had an aggressive inorganic growth strategy which meant a lot of M&A transactions. BT is a UK-based company, so every transaction in the US had to be cleared through the Committee on Foreign Investment in the United States, otherwise known as "CFIUS." In order to get us through that process, I had to become an expert on BT's global security, its operations and all things that today have the sexy name 'cybersecurity.' I also had to develop a deep understanding of the government's role in securing this space, and their concerns and interests. Through the CFIUS process, I learned most importantly how industry and government can identify shared objectives, and together forge best practices that serve the interests of both sides.
HB: What interests you most about your career?
KV: I feel very passionately about technology and the benefits it brings to - well, everything. I also feel very passionately about the threats posed by certain technology, in the wrong hands, to our country, individuals and businesses. Having spent a great deal of time with former senior government officials who have been and remain 'behind the curtain' to understand the real threats, I appreciate the severity of the circumstances in which we find ourselves today. Therefore to have a career that focuses on addressing this situation, and helping facilitate solutions, is incredibly rewarding.
HB: How would you recommend someone enter the field of cybersecurity?
KV: Speaking in terms of policy work, I would recommend getting a thorough base understanding in one or more technical areas of cybersecurity. It is essential to understand 'how it actually works' before you can jump into any discussion about the options for governments or industry for addressing the issues. I would also recommend getting experience in government and in the corporate world. In my view, the best negotiator is one who can truly see both sides, and facilitate the solution that serves the interests of both parties as much as possible.
HB: Do you think cybersecurity legislation will pass this year and what form do you think it will take?
KV: I do. I came into this new session of Congress as an optimist, and my optimism has been confirmed through meetings with Members and staff so far. From my experience, most everyone on Capitol Hill has the best interests of this country at heart and understands the severity of the threat. We know from the debacle of last year's Congressional efforts 'where the bodies are buried,' as they say, so we are working to develop a strategy for positive movement. The main objective is to keep politics out of this - which can be certainly difficult, and in fact killed the bills last year. I believe this can be done by bringing all parties to the table to develop smart and informed solutions. Whatever legislation gets passed, this country can and will benefit from greater protection. Regardless of what we achieve in Congress this year, I would like to see the international community come together to strengthen cooperation and coordination efforts. The threat of cybersecurity is clearly not a domestic issue, and cannot be addressed by a single country.