Keeping one’s data protected has become the top-most priority in the digital revolution. The organizations operating in the cybersecurity niche are working to the bone trying to meet the demand of a skills and labor shortage which has become a massive issue. Overcoming these challenges by providing organizations with strategies to safeguard their critical data and privacy while actively educating and developing the next generation of promising talent is top-of-mind for Michelle Drolet.
As Founder & CEO of Towerwall, Inc., Michelle is a highly focused professional specializing in the preparedness side of cybersecurity with a proven and integrated approach.
Insights Success caught up with Michelle in our expedition to find “The 10 Most Inspiring Women Leaders to Follow in 2022” and talked with her to understand her methodologies in the ever-changing landscape of cybersecurity.
Below are the highlights of the interview.
Brief our audience about your journey as a business leader until your current position at the company. What challenges have you had to overcome to reach where you are today?
At the start of my career in 1993, I met Nizar Huddani, who turned out to be my mentor. He hired me to run the US Operations for his IT consulting business CDG Technologies. Together we grew the consulting business which eventually led to an acquisition by a public company. I stayed with the new company but grew disenchanted by its direction, so I decided to buy back the company and shape it into where we are today with Towerwall. That was my proudest moment in business. Nizar saw potential in me that I hadn’t realized. Those lessons have stuck with me and still guide me today.
Tell us something more about the company and its mission and vision.
For nearly 30 years now, I’ve worked closely with many small to mid-size organizations in banking, life sciences, education, and manufacturing, providing highly specialized cybersecurity technology and services. Cybersecurity is all we do here at Towerwall. We are highly focused and specialized in protecting our client’s critical assets. We take great pride in being our client’s trusted security partner, addressing the daily challenges they face in securing key data as well as keeping them abreast of the evolving legal and regulatory requirements. Following our mantra of people, process, and technology, we build security user awareness programs that educate employees, converting them from being the weakest link to being the strongest asset, which I recommend is a winning combination.
Enlighten us on how you have made an impact in the industry through your expertise in the market.
We stand behind our notion of “programmatic” security services. We’ve created a repeatable process that integrates People (user awareness), Process (policies/procedures), and Technology (MDR: Managed Detection, Response). This serves as a kind of roadmap of best practices to battle cyber criminals and better protect our clients. We spend countless hours educating all levels of an organization, including the Board and C-suite, so that they can understand the threat landscape and how best to protect not only their company but their customers’ data as well.
Describe in detail the values and the work culture that drives your organization.
We believe in finding the right balance between work and family life. In fact, my husband is the CTO, and my daughter leads client relations and sales. Like her, we have employees starting their families. Our values are about having focus, determination, and compassion. We all face challenges in our personal and business life, but the ability to persevere is the difference between success and failure. Particularly in business, nothing is more important than solving your customer’s needs. Our entire team is focused on cybersecurity. We often compete and win against larger players because our team has a ‘run through the wall’ attitude when we are maturing our customers’ security programs.
Undeniably, technology is playing a significant role in almost every sector. How are you leveraging technological advancements to make your solutions resourceful?
Security is not a destination but a journey. Keeping up with the growing list of regulatory mandates and upcoming data privacy laws can be challenging. A great example is a client who came to us to help answer a seemingly simple governance, risk, and compliance (GRC) security questionnaire from one of their partners. In doing so, we discovered they needed an entire information security infrastructure to protect not only their own intellectual property but their customers as well. The big challenge was getting a plan in place in short order to ensure they could continue doing business.
What, according to you, could be the next big change in the industry? How is your company preparing to be a part of that change?
We’re in the tightest labor market ever seen, and the largest challenge is finding enough qualified security professionals. To offset the high demand for skilled services, we have ramped up an innovative service we call “virtual CISO,” a personal service Towerwall offers to take on the responsibilities and duties associated with the Chief Information Security Officer (vCISO) role, the virtual Data Protection Officer (vDPO) role, and virtual Chief Privacy Officer (vCPO) role. We are also in the process of building a comprehensive Managed Compliance Security Service program, alleviating the day-to-day security operations for our customers (e.g., Vendor Risk Management, Security Awareness Training, Vulnerability Scanning, ongoing Information Security Program Plan development and management).
Where do you envision yourself to be in the long run, and what are your future goals for the company?
The programs we’ve developed have evolved to serve our clients’ pressing security concerns. Our strategic plan has outlined a number of initiatives to continue our leadership in shaping the future of cybersecurity. With new privacy laws, the regulatory environment has grown more complex. With full trust and confidence, we rely on a network of vendor partnerships tasked with building the best front-line security software possible. These include the likes of Alert Logic, Varonis, LogRhythm, KnowBe4, Tenable, Sophos, and other best-of-breed security vendors. Our goal is simply to keep providing the best hands-on, customized cybersecurity services.
What would be your advice to budding women entrepreneurs who aspire to venture into the industry?
My advice to young women is this: Work hard, work smart, and be good to yourself. Nothing comes from nothing. You make your own destiny. Don’t look for handouts. There are far too many opportunities and open positions in cybersecurity. I would suggest finding internships at any one of the many cyber security vendors and shadowing their mentors for direct hands-on experience. I would recommend security certification training via Cybrary.com, which offers SANS-like training for free. Here in Massachusetts, we are involved with the MassBay Community College Cyber Program, the Women’s Independent Network, Young Women and Minorities in Science and Technology, Cyber Internship Programs. Most recently, we made a donation to the newly introduced Lauro Garner Minority Cybersecurity Scholarship, in association with Mercer University.