CyberWire Daily - Grace Cassy: Actions speak louder than words. [Associate Fellow] [Career Notes]

Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Thank you. More at zscaler.com slash security. Hello, my name is Grace Cassie, and I am an early interested in people and politics. I studied history at college and I've always been fascinated by the interactions between people and getting into people's motivations and the context in which they operate and how that affects their decision making.

Starting point is 00:02:07 So when I graduated, I joined the UK Civil Service and I went into our Foreign Service, where I spent 10 years in a range of foreign policy and national security roles. I was really fortunate to be posted abroad quite early on in that career. So my early 20s, I went to Pakistan, had a wonderful three years there and did a bunch of other roles in that time, including, very fortunately, three years as a foreign policy advisor. So I had a huge range of subjects there which I was able to get involved in. Everything from our policy towards Afghanistan, to India, to China, to migration, to counterproliferation. And, you know, a real fantastic mix of subjects that I was able to immerse myself in. able to immerse myself in. So I left public service after 10 years, I think because I didn't want to find that I woke up, you know, 30 years into it and it was too late for me to try anything

Starting point is 00:03:20 else. I'd always had an interest in science and technology. And I thought that I would step out and try to get into the technology world and, you know, really have a chance to work with builders. You know, being a policy person is great, but in some ways you're quite distanced from the people who are actually building stuff in the world. So I wanted to get closer to that. And I started out working with and advising growth stage technology companies across a whole range of subjects. So I worked with healthcare companies, energy tech, novel proteins, fintech. And that was fantastic. Worked with some wonderful, wonderful companies. But in terms of how I got into cybersecurity, it was a bit more of a roundabout journey, actually.

Starting point is 00:04:13 I had been talking for some time with good friends and colleagues in London about why we didn't see more high quality, scalable cybersecurity companies that emerged out of Europe. We felt that we had all the right ingredients here in terms of the talent, the problem set, the customers. And yet, we didn't typically grow the number of high-quality companies in security that we saw, for example, coming out of the US and Israel. And so my friends and I decided to set up an accelerator program for cybersecurity companies to try to create a kind of gathering point for a community, a program of support for founders taking on that really difficult challenge of building a deep tech business in security. So we founded Cylon in 2015 and worked with, gosh, upwards of 100

Starting point is 00:05:16 companies across Europe, Israel and the Far East, because we also latterly operated it out of Singapore as well. And that was where we really became exposed to investing at the very, very early stage in young startups. So that's where I made that transition from being more an advisor to being more of an investor. So no one day is the same, which is probably why I enjoy it so much. And I get to meet a lot of wonderful people, which is the is probably why I enjoy it so much and I get to meet a lot of wonderful people which is the other reason why I enjoy it so much but you know a day might include hearing a pitch from a new company that wants to seek investment for their solution I hear a lot of pitches all the time which I really enjoy I might spend some time on the phone with companies that I've already invested in. Obviously, we spend quite a bit of time doing that. I also spend quite a lot

Starting point is 00:06:14 of time looking at policy developments in our sector, trying to stay on top of that and hope that that also brings some perspective to the founders with whom I'm working. I've also happily managed to keep my hand in a little bit on foreign policy and international policy. I'm a visiting fellow at Chatham House in the UK, and that enables me to spend time talking to and thinking and writing about some of the geopolitical issues that affect the security landscape. I would really encourage anyone with an interest in cybersecurity to consider a career in our space.

Starting point is 00:07:02 I think there's a huge diversity of opportunities, both for people with a technical bent and for people who, you know, like myself, don't come from a technical background, but who are interested in people and motivations. And I think cybersecurity is a fantastic sector, if that is your interest, because it really gets into the heart of decision making and how organizations can be constructed to best support a well-organized risk program and to work with people rather than against them. with people rather than against them. I think it's a question of resilience. And I think that can be developed as a personal skill set. I've been lucky in some ways to have worked in some quite challenging environments. I was in Pakistan on 9-11 and for the period afterwards when the Allied forces went into Afghanistan.

Starting point is 00:08:09 And so, you know, there and at Downing Street when you work in a head of government office is obviously quite a lot of days where you're under high pressure. And I think that builds resilience. You start to appreciate that actually you can perform in those situations. to appreciate that actually you can perform in those situations and you can appreciate the almost the enjoyable aspects of working in high pressure environments and there's a real sense of achievement if you and your colleagues can draw together and deliver in some of those situations. So honestly I see challenging days or challenging times as an opportunity to build that sense of depth in your personal experience. I would like to be remembered as someone who tried to have some impact. I think there's a lot of talking that goes on in the world and goodness knows I've done a fair amount of that myself. But I think

Starting point is 00:09:14 if I could be seen as someone who really tried to make a difference for the companies in which I invested or for companies that I advised or for the industry as a whole that would be very pleasing because I think probably don't need too many more words but we definitely need a bit more action including on things like gender diversity right so I would really encourage anyone who is interested in people and has life experience to offer which we all do to give this industry a go because we need different voices and your voice would be very welcome. Cyber threats are evolving every second, and staying ahead is more than just a challenge. It's a necessity. That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications,

Starting point is 00:10:43 securing sensitive data, and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default deny approach can keep your company safe and compliant.

CyberWire Daily - Grace Cassy: Actions speak louder than words. [Associate Fellow] [Career Notes]

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.