CyberWire Daily - Carole Theriault: Constantly learning new things. [Media] [Career Notes]
Episode Date: November 1, 2020Communications consultant and podcaster Carole Theriault always loved radio and through her career dabbled in many areas .She landed in a communications and podcasting role where she helps technical f...irms create audio and digital content. In fact, Carole is the CyberWire's UK Correspondent. She says cybersecurity is good place to go because of the many different avenues available and "you don't even have to be a tech head" (though Carole has quite a technical pedigree). Our thanks to Carole for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. My name is Carol Theriault.
I am a woman, also a founder and director of TikTok Social, which is a consultancy in the UK.
And I also co-host and produce the Smashing Security podcast.
I was in love with radio.
Isn't that outrageous?
And now I do podcasts, but I was in love with talk radio.
Oh my God, love talk radio.
So I dreamed of being a radio host, especially late night radio.
The idea where people can call up and really give their problems and you could really get into it.
So that's what I really wanted to do.
So I did loads of jobs, right?
I wanted to go to university and that took a lot of money to do.
And I wanted to go out of province or far away as I could from home just to stretch my wings, I think.
So I did everything.
far away as I could from home, just to stretch my wings to think.
So I did everything, waitressing, looked after horses,
worked in chain restaurants, worked in clubs, school photographer, all that stuff.
And then I got into the University of Waterloo.
And that had a huge impact on me getting into tech,
because it's a serious tech university.
And I think I actually chose it because it had a really strong reputation, but also it was the furthest from Montreal where I grew up.
And then, of course, I wanted to travel.
So I'm not in Montreal anymore. I'm in England, where I ended up because I managed to convince
this company called Sophos to sponsor me as a visa to come over and work at their firm in the UK.
I mean, I was applying for all sorts of jobs, but really tech firms were the ones looking for different skill sets that were pretty high caliber.
And I suspect Sophos probably noticed me because of my university background, where I went to university.
So, yeah, I think they were interested in me.
I was certainly interested in them.
I was interested in being near Oxford and, you know, just living here and working here.
So that turned out to be serendipitous.
And it took a year to get done.
But then there I was.
I was working at this company.
And it was run by these two Ph.D. University of Oxford graduates, you know, who they were just incredible.
It felt like an almost a university still.
They still wanted to explore.
And I loved all that.
I loved the atmosphere.
And I fell at hook, line and sinker and did tons of different jobs there.
You know, bosses make or break everything, don't they?
And so do company direction.
And, you know, over 15 years, I was working for an entirely different, much more senior group of people.
And also the company had become much more focused in its goals and where it was going, which had
changed drastically in 15 years. And also at the end of that stretch, I had been editor-in-chief
of a blog called Naked Security, which was, you know, we, Graham, my colleague and now my co-host
on the Smashing Security podcast, we both started it together and we really worked our everything
off to make that a success.
And we really did. We did an amazing job, but I think we got burnt out as well. I think after
doing that for five years, we just got exhausted and the company wanted more and more of us and we
just had nothing left to give. So it was time to go. It was 15 years. And I thought about maybe
coming back or taking a sabbatical or going off and working
in another corporation. But actually, the very next day, the day after I left, I opened up my
own company the very next day. I only decided to do it in a whim and I still run it today.
I am a podcast host. And if they don't know what a podcast is, it's like a radio host.
It's focused on security.
And I see my job as trying to educate people on what the devices that we use every day can do, should do, and shouldn't do.
And how we can try and be aware of that and do as best we can to try and avoid the pitfalls.
The one great thing about cybersecurity is like, let's compare it to selling, you know, I don't know, selling furniture, right?
The most exciting thing you can look forward to is, oh, hey, the new sofas come in and look at the new color swatches.
In our world, it changes so fast. So it's high pace, high stakes, and can take a lot out of you, but it gives you a lot back. You're constantly
challenged. You're constantly learning new things. And I found that fascinating. I don't know how I
would have stayed in a job. I don't know if my character would have allowed me to stay in a job
that didn't change very quickly. I'm sure I would have ended up in media somewhere or something that was really bouncy.
It fits my role.
So I think you've got that character and you're hungry to learn more.
It's a good place to go because there's so many different avenues.
And you don't even have to be a tech ed.
Like, I have no tech background.
I didn't study tech in university,
but I know a lot more now just through osmosis of 20 years being around folks
that really, really know their stuff.
When you work in a company, you feel, you know,
you feel you understand everything that's going on within that company,
but actually you're in the fishbowl and you can't get out of that fishbowl.
You're just inside it.
And unless you're running that company,
you have a very blinded view as to what's going on or what the company's goals are or what they're trying to do.
And that can lead to a lot of frustration. So I think my advice now is to chill.
And I also thought I understood how everything worked. And only after I started running my own
company did I kind of go, oh, God, I was so blind. You know, I thought my job was the most important
thing. But actually, I wasn my job was the most important thing,
but actually I wasn't the navel of the company by any stretch.
So not having a boss and not having a company goal
that's different from what my personal company goal is,
is very satisfying.
So I've worked really hard towards getting that,
and so far I'm in a really good place and long may it continue.
Cyber threats are evolving every second and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.