Mary Writz: Take a negative and make it into a positive. [VP Product Strategy] [Career Notes]

A

You're listening to the Cyberwire Network, powered by N2K.

B

Most security conferences talk about Zero Trust Zero Trust World puts you inside this is a hands on cybersecurity event designed for practitioners who want real skills, not just theory. You'll take part in live Hacking labs where you'll attack real environments, see how modern threats actually work, and learn how to stop them before they turn into incidents. But Zero Trust World is more than labs. You'll also experience expert led sessions, practical case studies, and technical deep dives focused on real world implementation. Whether you're Blue team, Red team, or responsible for securing an entire organization, the content is built to be immediately useful. You'll earn CPE credits, connect with peers across the industry and leave with strategies you can put into action right away. Join us March 4th through the 6th in Orlando, Florida. Register now at ztw.com and take your zero trust strategy from Theory to Execution.

A

Hello, my name is mary ritz. I'm vice president of product strategy at ford rock. Most of my career I've been a woman in a male dominated career and in fact I became a manager and a leader very early on. So I was often leading people, mostly men older than me, potentially smarter than me, more well paid than me. So I had to learn how to think about galvanizing this group to charge forward with me, even though I was a bit of a minority in that way. But my method for doing that was just to make sure we all stayed very passionate about what we're running toward. I had a hunch that I wanted to be an accountant because I had a pragmatic mindset and some good business acumen. Turns out in college I took some accounting classes and realized I definitely did not want to be an accountant. I took other classes that excited me so much more. I started taking math classes like calculus, linear algebra, and I also started taking computer classes, particularly networking and it just really sparked my intellectual curiosity so I just kept running in that direction and pivoted to eventually cybersecurity. When I realized that I definitely did not want to do accounting, I was halfway through my degree and I didn't want to change schools. I was in the business school so I stayed in the business school and majored in information systems, which was a good middle ground at the time to pair studying computer science with business domains. I had an internship where I ran it for a small startup and then I took this job at IBM. They were hiring for ethical hackers, which sounded like the coolest job I'd ever heard. I didn't know what I was doing. But it was 2001, nobody knew what they were doing and sort of I knew just enough to be dangerous. So it was really great start to my career. I stayed a security practitioner in pen testing, some forensics, some security architecture. And then I started pivoting to building services and products around threat detection. And that's really where I settled into my career and grew into an executive was through this product rank of building products to help protect enterprises. You know, product's an interesting space. You spend like a third of your time learning, understanding the market, the competition, technology, and then you spend about a third of the time, you know, designing your strategy and what's going to be important to build, to go forward. And you spend about a third of time communicating to everybody to make sure they understand what you're doing. So it's a very hyper connected type role. So I spend a lot of time, day to day on the phone connecting with people, but also just rolling up my sleeves and thinking about what we're doing, why we're doing it and just sort of obsessively looking to see if I'm missing anything. A big part of my ability to progress my career has been public speaking, both in small venues and big. Some life changing events for me happened speaking to small groups, but board meeting type groups, that really elevated my profile and also being confident to speak in large audiences. Even more importantly to speak about my ideas about technology and why they're valuable and why we should build them and why we should prioritize the things we're prioritizing. So I feel like communications has been so key and particularly in cybersecurity, some of the concepts can be deeply technical. So finding ways to talk about what you're doing in accessible ways for a broad audience. Not everyone you're talking to is technical. So how can you think about these concepts but convey them in ways that are understandable? I find that when I'm talking about identity and access, I talk about it from their perspective. So you know when you're trying to log into a website to do something. So our technology is under the hood, validating that you are who you say you are and that you should have access. And so I try and frame it from the lens that they experience the technology. I tend to lead very high performing teams and I have much of my career so I've honed my skills for that particular type of high performing employee or which is to set a really strong vision and get buy in. So have the team help set the vision and strategy because then they feel ownership and they'll run and take it across the line for me. Well, there's two things I tell myself and the first is focusing on what's the next thing I need to do. So I get very short sighted on what's the next thing I need to do so I can keep moving forward. But the second thing is to remind myself that these are actually usually the defining moments in your career and you can turn something that feels negative into a positive by showing people how you can respond to what's happening with a lot of energy and focus and care. So you can turn these things around. You know, we've seen some really bad breaches, for example happened, but the response was so amazing by the enterprise that it actually gained customer loyalty. And so I try to remind myself that these are opportunities and try and think about it like that. I think this area is the funnest area to be in. It's a hyper growth area with a lot of things changing all the time. So I would say jump right in and don't be afraid to take some risks. It's a really interesting area and just get exposed to a lot of different things and take some risks. You know, while I really love the technology accomplishments I've had, the things that mean the most to me are when employees or peers will tell me that working with me or for me changed their life for the positive. And that is what I would hope my legacy would be, that the people around me would feel that they've been able to achieve career milestones or have a really stable, interesting job thanks to my help. That's what I hope my legacy will be.

B

If you only attend one cybersecurity conference this year, make it RSH. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26. I'll see you in San Francisco. When it comes to mobile application security, good enough is a risk. A recent Survey shows that 72% of organizations reported at least one mobile application security incident last year and 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com.