This episode features an interview between host Andy Schneider and Julie Chickillo, VP and Head of Cybersecurity at Guild, a learning marketplace offering classes, programs, and accredited college degrees for working adults. Julie has over 20 years of experience in Information Security Governance, Risk and Compliance, Threat & Vulnerability, IT Audit, Privacy, DevSecOps and Legal. Julie has been recognized with the APEX CISO of the Year Award in Colorado and is one of the inspiring leaders of the Lacework Secured by Women Initiative.
This episode features an interview between host Andy Schneider and Julie Chickillo, VP and Head of Cybersecurity at Guild, a learning marketplace offering classes, programs, and accredited college degrees for working adults. Julie has over 20 years of experience in Information Security Governance, Risk and Compliance, Threat & Vulnerability, IT Audit, Privacy, DevSecOps and Legal. Julie has been recognized with the APEX CISO of the Year Award in Colorado and is one of the inspiring leaders of the Lacework Secured by Women Initiative.
Key Quotes
*”Once you can get into the contracts, that's going to help you understand the business. The stuff in the contracts is what's important and you'll start seeing what they'll fight for in the contract. That's one of the ways that I get immediate kudos or brownie points, when I start supporting sales.”
*”I [start by doing] a listening tour - stop and listen. I make a point to go to all the business meetings that I can get myself into. I go to all the strategy meetings and just listen for a while to understand where are the important pieces of the business? And really going back to those teams and finding out how you can support them before you even ask them to change anything. I think that's one of the big misses that we see in security.”
*”If you're not supporting the business, you're out of the business. And so I think [it’s important to have] that mindset and understanding that it's not just about you. There's a bigger business that you really have to pay attention to.”
*”Not every company's going to have a data ops team, but we are starting to see [data] becoming really important to most companies. If your data's moving very, very quickly, it's sort of like at the beginning of the DevOps practice where you were starting to see how can we ship small things? How can we move very quickly? And how can we make small changes with big impacts without having to wait six months for it to happen? This is happening in the data ops industry. There is a really big move for data to support the business.”
*”We're starting to see some really great technology coming out and just a practice around not only where the data lives, but how you're securing it where it lives, how you secure it when it moves, and then understanding the privacy impacts.”
Time Stamps
[1:11] What does Guild do?
[2:03] How does Julie’s team act as a business enabler?
[4:30] Tell me about the merging of data ops and security
[6:47] Is data scaling like security?
[8:01] Is it worth having a data ops person on your cybersecurity team?
[10:18] When do you know that your data is secure?
[1:15] How is privacy keeping up with this shift to a data focus in cybersecurity?
[14:12] What makes a good leader?
[16:01] Guild is a woman-led organization. What advice would Julie give to women leaders in security?
[21:11] What has been the biggest learning in Julie’s career?
[23:28] How did Julie get involved in security?
[27:50] How does Julie’s background in legal intersect with her current work in DevSecOps?
Links