Next up in our Stories From Cybersecurity series, we have an interview with Lauren Trujillo, Global Security Alliances Manager at Lumen Technologies (formally CenturyLink)
As passionate and outspoken ethical hacking proponents ourselves, we were excited to learn more about Lauren's journey into cybersecurity. Let's take a look.
How did you start in IT and how did you get to where you are in your career today?
A career in IT was never on my radar. I started my career journey in Graphic Design and Marketing. First owning my own business that developed success on a national level and eventually I left the stressful business owner world and accepted a role with Chick-Fil-A corporate as a National Grand Opening Marketing Director.
I travelled all over the country and spent a week with new restaurant operators helping them get their store’s up and running with business development strategies. In my time there I met tons of people in various industries and started to develop an extensive network of professionals in all fields. I was approached by a company opening a new office in my hometown. They were a large IT provider and offered me a role as a Sales Manager.
I at the time knew absolutely nothing about IT let alone how to lead a team to successfully sell technology anything. The President of the company at the time gave me one critical piece of advice I have never forgotten, he said “You can learn anything and everything about technology, what most can’t learn is business development skills, having magnetic energy, and the ability to be passionate about what you are doing. I can mentor you and provide you the tools to learn technology and you can take it as far as you want with the skills you already have.”
Terrified I took the job and took advantage of every training, certification, every webinar vendor’s hosted, I stayed up late at night reading and self-teaching myself to not just know the baseline, but to know enough to not have other IT professionals question my ability and question if I should be in the meeting.
From there my career exploded with offers from companies all over the country and there was one company that peaked my interest. A Silicon Valley Cyber Security Company that had founders from Albuquerque, NM. I engaged with their team and found that cybersecurity was by far the most interesting, complex, and in my opinion the most critical.
They hired me to help create and manage a partner program selling their services to larger company’s clients. I travelled all over the US training teams for major companies, working with clients and teaching them how to approach a conversation with clients and sales professionals about Cyber Security. Currently, I still support that company since they are a partner of Lumen Technologies (formally CenturyLink) as well as a number of other Cyber Security partners and companies globally in my role as Security Alliances Manager for our Global Cyber Security Ecosystem.
What is it you like about hacking/security compared to other areas of IT?
I find that cybersecurity is the baseline for success in anything else done in technology. You can implement any solution you want in an effort to move toward digital transformation, but without the security… you have a very expensive boat with a hole in it. It will inevitably sink.
The impact cybersecurity has on the world we live in has proven to be critical in everything we do in technology, there is no IT without security. Cybersecurity Is constantly evolving, changing and you have never fully learned everything there is to learn which keeps it interesting and exciting.
What skills do you think are important to be successful in cybersecurity?
The number one commitment I made to myself when I started my career in IT & Cybersecurity was to never stop learning. I have since taken CompTia certifications, been certified through most Cybersecurity companies and started the course work for Certified Ethical Hacking exam.
While I may not need to hack, code or patch on a daily basis in my role, I believe I cannot effectively serve my company, my partners, or our end users if I don’t understand the field from all directions. To be successful I believe it takes the want for continuous training and learning.
What do you think are the biggest cybersecurity threats we are facing right now?
The lack of knowledge and understanding of what Cybersecurity is let alone how to implement an effective defense strategy. We see it from the top down- from government down to small businesses… organizations of all sizes have no idea what it means let alone what the impact looks like and how to keep up. This stems from assuming the complexities of cybersecurity can only be understood by certain IT professionals.
We are no longer in a world where only a small percentage of professionals can have an understanding of the risks out there. Everyone is susceptible to an attack, a breach, and the possibilities of loss of critical business resources and everyone- in all industries needs to step out of their comfort zones and learn more about how to keep communities, customers, and businesses safe.
You do not need to be a programmer, a System administrator, an analyst to have a basic understanding of what is out there and how it can affect the world around you. Awareness and budget prioritization for keeping the modernization of the world around us safer, needs to become more of a focus and less of a topic we don’t want to talk about.
Although things are starting to change, IT has traditionally been a male dominated field. Do you think more needs to be done to encourage more women into the industry? How do you think the industry can encourage more girls and women to pursue cybersecurity?
It is a male dominated industry. As women in Infosec, we are often challenged or questioned on our ability to be effective in IT in general. There is some truth to the joke that women in infosec spend the first 15 minutes of their meetings interviewing for their seat at the table. Women and girls need to understand that while cybersecurity is complex and the male dominated industry stigma can be intimidating, there is plenty of room at the table. We are seeing a significant shift in the inclusion of women in these roles but still not enough.
Encouraging women to consider the industry, supporting them through their training and education and guiding them through their career paths can encourage more women to consider cyber security & infosec. These roles do not have to be limited to penetration testing, analysts, and other technical positions, there are many critical roles from product development, to training and education that fall in the cybersecurity industry, and all are needed and all are critical.
Do you have any advice for aspiring cybersecurity professionals?
Never become complacent and always assume there is more to learn. The most dangerous thing you can do in this industry for your customers or for your employer is assume you have learned it all. Tech in general is growing and continuing to shift daily, we have to be ok with knowing this industry comes with the assumption you will always need more classes, certifications and more training.
Lauren on Linkedin
Lauren at University of Houston