Self-Sufficient Security: The Perks of Being a vCISO
Episode 869th March 2023 • The New CISO • Steve Moore
00:00:00 00:45:18

Share Episode


In this episode of The New CISO, Steve is joined by guest Laura Louthan, Founder & vCISO at Angel Cybersecurity.

Originally from Britain, Laura moved to Los Angeles to explore new opportunities before transitioning into IT. Eventually starting her own business, Laura shares her self-sufficient approach to cyber security. Listen to the episode to learn more about Laura’s unconventional career journey, why it’s more efficient when you understand your abilities, and how she handles being a contracted CISO.

Listen to Steve and Laura discuss embracing challenges but avoiding struggle and tackling likeability when applying for jobs:

Meet Laura (1:45)

Host Steve Moore introduces our guest today, Laura Louthan.

CISO and only employee at Angel Cybersecurity, Laura, had an eclectic past before settling into the security field. She worked as a scuba instructor, can-can dancer, and temp before getting her first IT job. She feels she was fortunate to break into IT when she did.

London and LA (5:04)

Laura explains why London and Los Angeles didn’t suit her well. She had a job in London that she didn’t enjoy, but her brother worked in Los Angeles in the film industry. 

When she got to LA, she realized that the movie business was not for her, bringing her to her Club Med job. When something didn’t sit right with her, she left and is grateful that she used her twenties to explore. She advises people looking for work to try temping because you just need to meet someone to get your foot in the door.

Learning On The Job (9:47)

While working in IT at Equifax, Laura had to teach herself how to do things. She figured out how to get answers and become self-sufficient, which is a valuable skill.

She knows how to get things done but also understands her skillset. She believes that it is more efficient to be truthful about your abilities.

Challenges, Not Struggles (14:09)

Laura admits that while she likes a challenge, she does not want to struggle. For example, she understands that privacy and security are different, although overlap exists. 

If her clients asked her to fulfill their privacy needs, she believes that would be inefficient since that is not her area of expertise. She would be happy to refer that client to a privacy professional instead.

The Privacy Question (16:24)

Steve asks Laura if there is a greater need for privacy help. Laura believes this is external pressure for CISOs, and that privacy pressure comes after security.

Laura thinks privacy is exciting and intellectual but recognizes it as a different CISO mindset. She is very comfortable with her specialty in security.

Her Time At Sephora  (22:48)

At Sephora, Laura was the head of Information Security. After working in the credit industry, she found the retail space to be a fascinating change.

Although Laura is not the archetypal security type, she found her personality and gender made her a good fit for this female-focused company. 

The Likeability Index (27:41)

Steve and Laura discuss how “likeability” is typically higher in women, which can hurt them during negotiations because women tend to want to be liked.

Women also tend to apply for jobs they are overqualified for. Laura advises women to apply for jobs they think are reaches for themselves instead, which is what men do. We should all hope for a job that challenges us.

In The Interview (31:22)

Laura and Steve explore different questions candidates should ask or consider during the interview process.

For Laura, she asks what technology the potential client uses, their industry, and other questions that clarify if she's the right fit. Before taking a client on, you want to ensure you can help them. Ultimately, if you do good work, clients will typically recommend you.

Legally Speaking (36:20)

Since Laura is not an employee of her clients, she explains how she handles legal risk. 

Laura has errors and admissions insurance and details that she is not responsible for other companies' compliance. Since Laura is not full-time, she can’t be there for every meeting, but she works hard to discuss how she can get them where they want to go.

The Challenges of Being a CISO (41:55)

Laura shares that the worst part of the cybersecurity industry can be the negative security person. She believes that what CISOs can do better is to collaborate with other departments outside of IT.

The New vCISO (43:45)

To Laura, a new vCISO is a chance to be pragmatic and enable the business. Working together is a joint decision, so building relationships with the people you work with is important.

Links mentioned: