Bitdefender Completes Acquisition of Horangi Cyber Security
logo

EN

Products +

Services +

Customers +

Partners +

Resources +

Careers
Sign InContact Us
Podcast

Cybersecurity Sales and Diversity in the Industry

With so many cybersecurity tools on the market today, what can help CISOs choose which ones to purchase and implement to secure their organizations? We put this question to Alexandra Jorissen, a veteran tech sales professional who spent 10 years at Google, in this episode of the Ask A CISO podcast.

Paul HadjyPaul HadjyMay 11 2022

Tune in to this episode of Ask A CISO to hear:

  • How is APAC different from EMEA and North America in terms of the cybersecurity market?
  • What working at Google is really like
  • Is it easy to transition from tech sales to selling cybersecurity tools and services?
  • What salespeople need to understand about CISOs and how you can help CISOs understand your products and services
  • Team building
  • Why diversity is needed in the cybersecurity industry

About The Guest: Alexandra Jorissen

Originally from the Netherlands, Alexandra started her career in Tech Sales selling video banners in London. 

A few years in New York and a few startups later, she returned to London and joined Google there in 2012 to sell a SaaS platform and build a sales strategy and team from the ground up for EMEA. 

Alexandra moved to Singapore in 2018 and joined SAFE Security in January 2022 where she’s the Senior Regional Sales Director covering APAC. Alexandra specializes in building out sales teams for companies in hypergrowth, and at hyperspeed, and is passionate about tech, travel, and tennis.

About The Host: Paul Hadjy

Paul Hadjy is co-founder and CEO of Horangi Cyber Security. 

Paul leads a team of cybersecurity specialists who create software to solve challenging cybersecurity problems. Horangi brings world-class solutions to provide clients in the Asian market with the right, actionable data to make critical cybersecurity decisions.

Prior to Horangi, Paul worked at Palantir Technologies, where he was instrumental in expanding Palantir’s footprint in the Asia Pacific. 

He worked across Singapore, Korea, and New Zealand to build Palantir's business in both the commercial and government space and grow its regional teams. 

He has over a decade of experience and expertise in Anti-Money Laundering, Insider Threats, Cyber Security, Government, and Commercial Banking. 

Transcript

Paul

All right, everyone. Thanks again for listening in on the podcast.

Do subscribe if you get a chance, to either on YouTube or on Spotify.

With me here today, we have Alexandra. Originally from the Netherlands, Alexandra started her career in tech sales selling video banners in London. A few years in New York and a few startups later, she returned to London and joined Google in 2012 to sell a SaaS platform and build a SaaS strategy as well as a team from the ground up for EMEA.

Alexandra moved to Singapore in 2018 and joined Safe Security earlier this year where she's the Senior Regional Sales Director covering APAC.

Alexandra specializes in building out sales teams for companies in hypergrowth at hyper-speed and is passionate about tech, travel, and tennis.

So, Alexandra, tell us a bit more about yourself that I didn't kind of cover there.

Alexandra

I think that's pretty much it, Paul, but yeah, I've been, um, I've been in Singapore for about four years now.

Loving it, obviously loving the new freedom. It's ... yeah, it feels really good.

Uh, yeah, I love tech, and I've been like intrigued about cybersecurity for couple of years now. And I decided to finally make the jump in the industry and start my gig in January. So bit of a newcomer to cyber, but tech is tech.

Paul

Yeah.

Well, welcome to the space, and congrats on the new role. I think definitely exciting and curious to hear more, throughout the podcast.

So let's start with some stuff little bit less specific on security and talk a bit about you.

How was your long weekend? Well, for those of you listening, we had a four-day weekend here in Singapore which was nice. And for me, it's always a surprise because I always forget about the holidays, but curious, how yours was, Alexandria?

Alexandra

It was really good! I mean, like I said, I'm really enjoying the new freedoms! So I had a barbecue with, I don't even know how many people. Like a lot. At least 15 to 20 people so that felt really good.

I played a little bit of tennis and then like most of us, I still had some friendly people from the U.S. and EMEA, cause you know, cyber waits for no one. So I still got a few pings on Monday and Tuesday from people saying, oh, I know it's a holiday, but any use on that POV or, you know, any news on these questions?

So, yeah, it's still a good weekend.

Paul

Yeah, that is, that's good. Yeah, definitely. Mine was similar, pretty quiet, but had a few things pop up for sure.

So you moved out here to Singapore from London almost four years ago. How was that move and any culture shocks for you, and what do you think are the major differences there?

Alexandra

I mean there's no real culture shocks. I mean, we all know Singapore is a great place to live. It's Asia for beginners, right? Can't really complain, but there's a few differences.

I mean, I moved with Google and my role at Google in London was covering EMEA. And then my role in Singapore was to cover APAC. So in a way you're like, oh, that's the same. That can't be that different. I mean, that was a bit of a culture shock because EMEA, I mean, a lot of European countries, you can group them together, and then you can find projects that scale. So something that works well in the Netherlands will probably also work well in Germany. You know, it's a little bit homogenous.

And then I arrive in APAC thinking I'm gonna, I'm going to conquer, I'm going to conquer everything.

And then you realize like, oh, I can't do something in Korea and then roll that out in Japan. I can't group together Thailand, Vietnam, and the Philippines. It just doesn't work that way. It's incredibly diverse and things just don't scale.

So that was a bit of a shock! Just traveling, you're like, oh, I need to get to Tokyo. Ah, that's gonna take a while, right? It's gonna take awhile, or all the way back down to Australia.

But I think APAC is incredible. I've obviously really enjoyed it. It's home to 60% of the world's population. And I think we can be a huge, huge growth engine.

Paul

Yeah. Yeah, definitely.

I think it's, there's a lot of opportunity and like all the markets are growing pretty fast as well, which I think is, something that's exciting. And then, yeah, of course like from the Google side of things, cloud is the thing, so there's a lot of growth, across that sector as well which is exciting.

So, yeah, maybe tell us a bit more about your time at Google?

Alexandra

Ah, magical place!

Like honestly, I can't say much bad things about it. It is, you know, as magical as it claims to be.

So I spent 10 years there. So we'll start with the good things.

So all the legends are true. You do get the silly little hat when you join and you're called a Noogler, and you carry that title with pride for a few months. The food is amazing. The offices are playgrounds cum, you know, meeting room extravaganza. It's incredible, but you know, it really does work. I mean I used to easily spend 12 hours at the office. And you know, Google would make me want to be there. They would make me want to just work more and more, more as if it is a startup. Yeah, even though, you know, it's not necessary.

I really liked the kind of no assh--- rule that they have and, you know, they are very strict in their hiring and hiring people that are a fit and making sure that everyone gets treated with respect and everyone has a voice. And you surely do feel that even though it's a company of, I think now it's at 150,000 people. I literally met thousands and thousands of Googlers and most of them are absolutely incredible. So those are all the good things.

In terms of, I'd say that the "bad things", they're not bad, but for me, like I'm in sales, right?

And so I'm used to kind of driving revenue and building sales teams and kind of trying to grow things as fast as possible. And sales at Google, obviously Google has a couple of money printing machines in the basement.

There is Google search. There is YouTube. There is Android. There is cloud, and yeah, their money printing machines.

They literally do. They just churn out millions of dollars everyday. So for me, in terms of building out sales teams and, and training and coaching salespeople, individuals, it's actually quite hard because you always have that machine behind you. And oftentimes, you know, the product is reasonably mature in terms of search and video. So I didn't feel that we were pushing salespeople to be the best salespeople that they can be on, on a personal level.

And then the other thing that I thought was quite interesting is that, you know, we have a, there's a lack of urgency there. So I've now worked at a startup and you're at a similar type, hyper-growth company. It's like, let's do it today. Cause tomorrow, or the day after it's obviously too late, right? Let's just do it right now. And I remember at one point I was working on a very, very large client and they were launching a new campaign and it was to go 'live' on like Friday night. Obviously. Makes complete sense.

Things weren't working and the client called me up. It was a search campaign. The client called me up and things weren't working. So I said, okay, let me look into it. I've filed a ticket, et cetera, et cetera. Apparently it's a, it's a P0 bug. So it's a really big deal, right? And for my client, it's, it's a really big deal. Most of the weekend, I'm not hearing much from engineering and product because there's probably a few P0 bugs. I'm not sure.

Long story short, on the Monday, somehow the bug gets resolved. Amazing. However, when I looked at what's happened over the weekend, which is obviously nothing and looking at the lost revenue that we have. And obviously my client didn't get to run their campaign. We lost more than just over a million dollars in potential revenue over the weekend.

So I'm gonna fire someone. You know I want to have like a proper debrief and a sit down with everyone in a room and be like, guys, what happened, right?

That never happened.

When I spoke to engineering, they were like, yeah, don't worry about it. It's fine now. And I'm like, yeah, but I lost the million dollars and they are like, yeah, it's fine.

Paul

Yeah.

Alexandra

I was like, I cannot, I cannot just sit here and be like, oh, we just lost a million dollars. Don't worry about it, right?

Paul

Yeah, definitely. That's not something I've ever experienced, but I'd still probably be pretty fiery about it as well. Like, yeah, it's not acceptable, but it is what it is.

So you made the jump over to security. Tell us more about that. Like what do you like? What's been challenging, like for a lot of people who are interested in kind of entering into the security space. From something analogous or maybe something that's not. But curious to hear your experience and any learnings you have.

Alexandra

Ah, let me think.

I mean, for me, tech is tech, like microwaves, rocket ships, the internet, cybersecurity. It's all just tech, right? So you can learn it, and for me, my motivation is always to try and work in a space and sell a product that excites me. So, you know, jumped into video in early 2000s and then mobile in 2010.

So for me, cybersecurity was very much a no brainer. Is it hard? Yes, it is. It's pretty technical. There's a lot of acronyms. There's a lot of words that I'm not always entirely sure what they mean, but that's why we have Google and we have mobile phones that you can hold under the meeting room table and you can Google something if you really have to.

Oh, honestly, I think you can also just ask. I don't think there's anything wrong with that. I mean, what I'm seeing more and more is that the CISOs that I speak to are saying that they're really under-resourced and they're obviously hiring, but they actually can't find anyone. They can't find people that fit that description of, you know, 10 years of solid cyber experience, technical background, dah, dah.

And it's like, well, you're going to have to open up your requirements and find more people. And I would encourage anyone who's in cloud or anything like that to join the cybersecurity movement.

Paul

Yeah. Yeah. I think it's an exciting space. I think the good thing about it, which is also the challenging part is that everything changes very quickly because essentially it's subsequently based on technology, right? So all the technology is changing with cloud and like all these new cloud technologies as well. And subsequently we got to figure out how to secure that, right? So it's a constant challenge.

And yeah, I mean, like I see a lot of times in resumes and in sort of job descriptions where they're asking for like 10, 15 years of cyber experience, but so much changes in the 10 - 15 years, you may have the 10 or 15 years of experience but what's relevant is really the past couple because everything else is completely different from what it was, when you started your career, which is my case, too. Like everything was on-prem when I started. I spent a lot of time in closed rooms, server rooms and stuff. And I haven't been inside of a server room, at least as much, as long as I can remember in recent time. So most of the time in Horangi, I haven't been inside of a server room, right?

So I think times are changing which is good and makes, I think, the industry exciting because the security challenge has changed too.

Alexandra

Yeah. I think you just want people that are curious. People that want to learn. And like you said, the knowledge and the know-how of how things were done 5 or 10 years ago might not actually be relevant. Obviously it's great if you do have it, cause sometimes it's easier to put things into context, but I think, you know, that the rates at which the industry is growing, we need more and more people to join.

And I'll also take away that piece of, you know, people saying, oh, it's cyber, I wouldn't understand. Like, I wouldn't know. It's like, no, it's not that hard. You know how to use the internet? You know the internet is, so there you go, right?

Paul

Yeah. I think there's, I think a majority of cyber is that way, right? Like there's aspects of it that you need to learn in terms of security, really. So if you're even like from a traditional security background, I think cyber is even easier to learn than if you're not. But also there are some technical aspects that I think are very difficult, but I think the amount of people that are actually touching those things is quite small. So, yeah, I think it can easily be learned and to get into the industry, it's, you know, I think it's fine to not have experience, especially in certain roles.

Alexandra

Yeah, and I also think, I mean, for me now, my tool is very much something that we talk to CISOs and we talked to people that, you know, people on the boards that companies that want to know, like how much is my company at risk. I mean, those people barely know how to use the internet, right?

So it's also important to translate those risks and what's important and what's not important to, you know, business people, Chief Revenue Officers, CISOs CFOs, in order to, you know, keep this ecosystem going and not fight for tiny IT budgets.

Paul

Yeah. Yeah, exactly.

So yeah, I guess next question: What's kind of your take on the cybersecurity product landscape, like, do you think customers are having a hard time choosing one product over another? And like, what do you think customers are actually looking for?

Alexandra

Yeah, actually, let me get you my little, so this is my little cheat sheet. It's stuck on my wall.

Right. So yeah, this is what it looks like.

Paul

Yeah.

Alexandra

It's very confusing. Needless to say it's very confusing. So, I mean, I think that's probably the first thing that a lot of CISOs that I talked to are looking for. It's like explain to me what it is you do and what solution can you bring to me? And I already think that a lot of CISOs have a really hard job and they are incredibly busy. So explain it to me in 30 seconds, I think is very, very much what they're looking for. And also, you know, educate me on why does it matter? Help give me some clarity.

Another thing that I think is really important and I've always sold tools that do this is make sure that the tools that you're using or tools that you're adding can integrate with each other and complement each other. So that's so that you're not using 10 different tools with different metrics and different goals and different ways of doing things.

So that's something else that I think is important.

Paul

Yeah. Yeah, totally agree.

I mean, integration with other security tools, if you're not the end all be all, that is a, is a very important part of like actually the accomplishing something, because I think all security people, whether external or internal, kind of suffer from alert fatigue. So making sure your alerts or whatever it is you're identifying are going to the right place to where like a ticket is being created and someone's looking at it. It's part of the battle of actually sort of adding value as a security tool in a sort of mesh of other security tools which, you know, most security companies aren't, aren't the end-all-be-all.

So, you know, there's a lot of opportunities to integrate and continue to provide value in, in your platform, of course, but also outside of it, which I think is just as important, especially at larger organizations. That's something we focus on as well.

So kind of ... in most industries like products are becoming a bit more similar. How do you think cybersecurity companies can kind of differentiate themselves in their pitches and tell us more about Safe (Security) as well.

Alexandra

Oh, thanks.

I mean time will tell, right?

So looking back at this ridiculous LUMAscape which, you know, is probably going to be changing day by day. I always look back at, you know, search engines. So when I started out like 20 years ago, there was quite a few search engines around. So nowadays everything's Google, right?

But at the time there was, I don't know if you remember all of these, but that was Lycos, they had like a black Labrador as their logo. That was kind of cool. There was Yahoo!. There was AltaVista. uh, In the UK we had something called Ask Jeeves. And then there was Google and somehow, miraculously, Google is the one that came out on top.

Old search engines before Google emerged on top

And I feel in a lot of cybersecurity products like firewalls, EDRs, you name it, we really don't know right now who's going to come out on top. There's going to be some MNAs. There's gonna be some consolidation. But yeah, I think right now, sometimes on the surface of it, when you look at a couple of tools, they are quite similar, and they fix a similar problem because we're all seeing similar problems in the industry that we want to solve. And there's a lot of money in terms of VCs being thrown around and new companies popping up.

So I think that's kind of natural what's happening right now. So over the next few years, I do think that it's probably gonna, it's probably gonna thin out.

Paul

Yeah, I think consolidation in this space is, is bound to come and it's already happening, right?

I think Palo Alto has bought like 14 companies over the past three years, and like a lot of the bigger guys will continue to do that. I think it only makes sense. Especially as like new sort of problems and solutions come up. Makes a lot of sense for these bigger companies to acquire solutions that they can then sell through their huge amounts of channel partners and existing customer base, right?

So, yeah, a hundred percent agree.

I think there's going to be a lot there. And then, yeah, like some unfortunately probably won't make it as well, but that's the name of the game?

So what are kind of some major misconceptions organizations here have about purchasing cybersecurity products and services?

Alexandra

Misconceptions, I mean that's a tough one, I think. I mean, I'm seeing that, you know, CISOs are incredibly busy so they very much just want a quick pitch and then they just want to fit you in a box. Like, ah, this is the solution that you provide. Oh, actually I already have one of these tools, so I don't need it, have a nice day.

So I think it's, you know, somehow kind of taking a little bit of extra time and understanding exactly what are all the different solutions that are out there. Doing some more POVs if you have time to actually test and test and learn. But again, going back to our earlier conversation, you need resources to do that and you need time to do that. And those are things that most cyber teams at companies just don't have. So I think that's why it's, it's really hard, you know, if you feel like you're constantly under attack, which they are, and they're constantly putting out fires, it's hard to put together a solid strategic plan for an enterprise to say, oh, this is our risk management strategy. So, yeah, it's hard.

Paul

Yeah, yeah, definitely is hard.

And I think, you know, standing out in the sea is also difficult. And what we use is ROI. And that's the, one of the things that we've found that kind of, you can often point to certain people within the company and that helps them provide value, but the best way to experience that of course is to just use the product, right?

So we use a lot of POCs and trials and things like that.

Alexandra

Oh, good. And then, I mean, something else or I think that's kind of in your question. I think, like the word "sales pitch". No one wants to hear a sales pitch. o one has time for that. So if there's anything that I'm trying to bring to the table, it is really to try and understand what are the pain points that you're experiencing in cyber?

Is it your technology? Is it your workforce? Is it policy and compliance?

And then try and see how my tool could potentially fit in because a sales pitch ... Yeah, it's awful. No one wants to hear that, right? No one needs to see that.

Paul

Yeah. So you're a big believer in team building. So tell us a bit more about how you came to believe so strongly in this, and like, what do you think are kind of the advantages of it and, what do you want to build into your teams to make them successful?

Alexandra

Oh, wow. Yeah. One can dream.

I mean, I'm very lucky. I mean, yeah, I've always had great colleagues and great mentors and managers to work with and that the first one was very much ...

When I worked at my first tech startup in London, we were very scrappy at the beginning and then we just grew beautifully on this trajectory and I used to sell the product, and then in the evenings, I would actually traffic things myself within the tool. Very basic coding. And then 9, 10 o'clock in the evening, I'd have some pizza and then we'd all go home and sleep. And then the next day we do that over and over again.

I mean, how do you build a team? It's just very much living through growth at that scale together. I mean the other part of my job to just to like show how small that company was at the time is when I was hired, I was the most junior salesperson in the office. I had to buy milk on Mondays for coffee and tea in the office. We had a small fridge and I had to vacuum the office on Friday afternoon, and then I would go to the pub with the team, but then, you know, 7 years later, we IPO'd at $250 million.

If you would've told me that when I had to buy milk on Mondays and get a dollar back from my boss for the milk, I would have said, I don't know. I don't know.

But as a team, we did that. It was sales, marketing, PR, account management, engineering, product ... because it was a fairly small company, I knew everyone and we all, you know, very much had to work together. We even had a sofa in the office that we would, you know, take naps on because we were just working, you know, insane amount of hours.

Paul

Yeah.

I'm a big, big believer in naps. I think it's a life. I have a couch behind me which is where I nap. It seems like you have one as well.

Alexandra

I don't nap, I don't nap!

Paul

Yeah, definitely. I definitely understand the small company thing.

I mean, Horangi not that long ago, it was just a couple of us, actually in an apartment. So we didn't even have an office. We were working out of our own apartment. So it was a good time and, yeah, everyone was doing everything and there was lots of work to always be done. But things are changing, everyone's specializing. The company's getting bigger which is good, but it's a different job now.

So that's changes.

Alexandra

Yes. And also to explain teams. Teams doesn't mean like working as part of the team, doesn't mean you always have to agree, right? If anything, it actually means that you do have the power to disagree with people. And that's totally fine. But at the end of the day, you need to all kind of agree to disagree and then commit and act on it together. There should never be like, you know, something went wrong during a launch or, you know, you missed the deadline. There should never be that kind of finger-pointing that can quite easily go on where they're like, oh, it's that? It's that ... Oh, it's like ... No, no, no.

It's, it's all of us.

Paul

Yeah.

Alexandra

That I feel is really, really powerful.

Paul

Yeah, definitely.

And that's like a, it sounds like a functioning team, right?

So it's like all about getting to that point.

Alexandra

Yeah.

Paul

Cool. So you're a big believer in diversity in the industry. Help us kind of define what diversity means to you. And then, what do you think we in cyber can be doing more to, kind of, just have more diversity?

Alexandra

I mean, funny story actually, because that's how you and I originally met. I don't know if you remember, but I was, so as I was doing my research to join the cyber industry, I remember watching a webinar, like there was a panel. This was during COVID so, you know, everything was very boring. Everything was online and you were on the panel and I believe the panel was four or five people and it was all men.

Paul

Yeah.

Alexandra

And I decided to heckle people a little bit and just like, yeah, I'll ask you guys why there was no women on that panel. So I apologize for that. But for me, diversity is like, we're now at a point where I think, you know, it's, it's super hot topic. Everyone, I think kind of agrees that diversity is very much needed. Everyone can kind of see that we're not quite there yet in terms of numbers. And in terms of true diversity and in terms of senior leadership and tech and engineering.

So that's why I then kind of called it out, you know, whenever I see panels or I see boardroom full of men, I called it out and diversity is not just important kind of all for me as a person, but it's actually better for organizations and companies in order to, to move faster and come up with more innovative I'll give you an example.

Just simple, like, you know, at Google, let's say we would come up against a new type of problem or a new product that we were thinking about. If you pull in, let's say 15 people into a room to look at this problem statement that you can write on the wall and do some brainstorming about it and say how could we fix this?

If you have 15 people in that room that all come from a very similar background, similar culture, similar education, similar kind of level in terms of, you know, society or anything like that, then you're probably going to come up with one solution because everyone's kind of thinking, ah, yeah.

And, and you come up with a solution and maybe that solution's fine. Maybe it is, but if you have a room full of people that come from different places, different perspectives, different ideas, you could come up with three or four solutions. And if, you know, they could be amazing, they could be entirely new, entirely different, and that could be your TEDx idea.

So that's why I care about diversity.

Paul

Yeah, for sure.

I think the diversity of, sort of thinking and just life experience as well, I think is, is important because it does generate different and new ideas, which ultimately like, and in my opinion, like the best idea wins. So the more ideas you have, you can kind of like figure out which one's the best. Yeah, I think diversity of thinking and experiences is a huge part of that.

Alexandra

Yeah.

And in terms of women, we're just not quite there yet. Like, I don't want to sit on my soap box, but you know, only 15% of Fortune 500 companies in the U.S., 15% have a female CEO, and the world to me just doesn't look like that. So I don't understand why at that level, it shouldn't be roughly the same as well. And what fascinates me, I'll share a quick personal story is I was raised by my dad.

My dad was a single parent, so he raised me. So in my mind, I've always kind of not thought too much about gender as an issue or problem or whatever. And then my children were actually raised, when they were small, they were raised also by their dad. He stayed at home for the first few years of their lives so he could look off to them and then I kind of kept going at Google. So I think it's really interesting how it really only takes kind of one generation to even out the bar.

So I have one eight-year-old, her name is Anna. And the other day we were just like chit chatting about life and what she wants to do and whatever. And she's like, oh, I think I'm going to get married when I'm 15. I was like, okay, well, first of all, that's illegal. So why don't we sit down and have an apple juice and we'll talk about this, because I thought this was a really weird statement.

So we sit down, have some apple juice, so I'm like, Anna, why did you want to get married at 15? Like what, what's this? And then she's like, okay, I'll tell you what, I'll get married when I'm 20. So I'm like, that's better. And I'm like, you know, that's still really young, Anna. Like, you don't need to get married at such a young age. It's like just, you know, live your life.

And then she looked at me and she said, but mama, if I'm not married, Who's going to look after the kids while I'm at work?

And I just loved that because obviously that's how she perceives, you know, the world. It's not her or her husband or wife or whoever who has to stay home and look after the kids. Like that decision to her is like neutral.

Paul

Yeah, that is interesting. Interesting thought process from her.

Alexandra

And that was really cute.

Paul

Yeah. It's funny. 15 starting early ... Yeah, that is young. I was like, oh ...

Alexandra

I was like, where's this going? Yeah, it's she will wait...

But yeah, diversity. It really matters to me personally. And I think as a, as a society, we should all, you know, look to kind of even that out. And it's definitely happening. I see it on panels. Obviously at Google. Things actually changed a lot from when I joined to by the time I left. But you know, when I joined, I looked at all my managers and Google's quite flat, right? It's lovely like that.

And it kind of shows who are all your ... what does your reporting line look like to Larry and Sergei? And when I would look at all my managers, they were all male. Yeah, it's discouraging. It's like, wow, why is there not someone that I can relate to a little bit more? Or, you know, and, and that's all it takes. Just a few women in those, you know, seeing that, at least in those senior leadership roles and you're there, but to have none seems a little, you know, seems a little odd.

It's like when you walk around on the street, and like I said, about 15% of CEOs are female. If you walked around on the street and there's only 15% women walking around, society would feel really weird, and be like, this is a strange place. What is this?

Paul

Yeah.

All right, well, we'll just kind of like to wrap up and get your opinions on the space in general. Curious kind of what you foresee for the cybersecurity industry in APAC over the next few years and I mean also, obviously, we're talking about diversity, so where that kind of fits in. What would you like to see in the diversity side of things?

Alexandra

I mean, in diversity it's, I think it's just one of these things that will sort itself out in time.

I'm not a big, you know, proponent of saying, you know, you can only hire only hire women because you should never do that. You should always obviously hire the right person for the job. But you should make sure that when you're interviewing people, you find candidates from all walks of life and from different diverse backgrounds, right? And if you see that that's not happening, you need to call that out. Like I did when I saw you on that panel and there's like six blokes on the panel.

So I'm like, hey, that's, that's a lot of guys. Surely you could find a woman somewhere. In terms of trends that kind of, I'm seeing.

A lot of talk about data privacy and compliance. So, you know, GDPR in EMEA, and then, you know, we don't quite have the equivalent in APAC, but you see a lot of local governments are kind of starting to ... trying to put those things in place. So I think that's very interesting. I think in Singapore we are probably quite well-developed for that.

Ransomware. I actually just read that in India, 2021, one in four companies reported a ransomware attack. I mean, that's, that's huge. One in four. That's absolutely incredible. So, you know ...

Paul

If you have that article, you should send it to us and we can link it because that was pretty interesting.

Alexandra

That's pretty profound. Yeah. It's huge.

I mean, it's ransomware as a service, right? It's easily done in a sense, right? What we're seeing is that people just pay and then this kind of keeps that circle going of ransomware being really good business to be in.

Paul

Yeah.

Alexandra

What else?

I mean, I'm hoping to see increased collaboration. To kind of go back to my story, we have America, which was traditionally like the more mature market in terms of cyber. And then EMEA, which is also fairly cohesive, and then APAC, which is a lot of different countries kind of banded together in one geographic region. So hopefully that can be more collaboration there as well between the different countries to pull ourselves up to a similar benchmark there.

And then I think there's still a long way to go in terms of education, right? With cyber awareness, just of people. So we're all completely glued to our phones and used to banking on our phones and doing all those things by phone. And then, I mean, this is a good example of what happened here in Singapore with, the bank. Was it OCBC with the SMS scams, like yeah, people fell for that. Normal people fall for that. And I think it was like, well, $1.9 million or not, it was a huge amount of money that people were just transferring using SMS because that's what we do nowadays thinking they were transferring it to a legitimate bank account when it obviously wasn't.

Paul

Yeah. Yeah, definitely.

I think, I mean, there's all kinds of stuff going on and making people aware, educating them about the different threats as they come out too. Because it's always changing. I think it's the difficult part on both sides on that front. So, yeah, totally agree.

Alexandra

Kind of have like a zero trust in terms of individuals as well.

And again, I don't want to talk about my kids all the time, but my kids are actually very good at that because I've told them online ... Basically, I told them everything's fake. It's all just, you know, don't trust anyone. Anyone sends you a message, anyone, whatever, don't trust it. So my, again, my eight-year-old, she got sent a message the other day from her grandmother, but it came from a different address. Like it, yeah, it looks a little funky.

And she was like, I'm not going to respond until she proves that it's actually her. And I was like, yeah, that's totally normal. That's the way it should be. Whereas I mean, maybe you and I, when we were kids, we would probably talk about whatever online and share anything, right? Cause it's like yeah. It's people!

Paul

Yeah. Yeah, definitely. I think times have changed on that front, but ...

Yeah, I guess we grew up with it too. So we probably got burned a couple of times and figured it out along the way.

Alexandra

Did you get catfished? Is that what happened to you?

Paul

No, no.

Yeah, but definitely I spent a lot of my youth online and grew up playing video games and stuff and definitely got some stuff stolen from video games, for sure. Yeah. I used to play Diablo and a lot of item trades gone wrong. But yeah, good times.

Well, thanks, Alexandra, for joining. It's good to have the chat and welcome, have you on the podcast, and look forward to having you again as well.

Yeah. And for the listeners out there, please like, and subscribe to the channel, and we'll post some of the information about Alexandra and Safe Security in the link.

All right. Thanks, everyone.

Alexandra

Thank you.

Paul Hadjy
Paul Hadjy

Paul is a technology visionary working across the US, Middle East, Singapore, Korea, and New Zealand to build business in both the private and public sectors. Paul spent over 6 years at Palantir and was the Head of Information Security at Grab.

Subscribe to the Horangi Newsletter.

Be the first to hear about Horangi's upcoming webinars and events, up-and-coming cyber threats, new solutions, and the future of cybersecurity from our tech experts.