Interview: Christine Vanderpool, CISO, Florida Crystals

Christine Vanderpool is the CISO for Florida Crystals since 2018 and although it was never her plan to have a career in IT, she has a proven track record as a security leader for almost 20 years. She has spent her career in a variety of security and IT roles including security leadership for Molson Coors Brewing Company and Kaiser Permanente. Christine was the 2019 Cyber Security Woman Leader of the Year and the 2020 recipient of Global Technology Executives Who Matter Award.

CSH: The journey for a CISO seems to have many origins. What’s your story? And how did you end up where you are now?

CV: I never wanted to be in IT. I hated computers growing up. I got my business degree in Marketing but my senior year of college, I got an internship with Honeywell. I was hired to do IS27001 documentation; however, when I started, they informed me that they were implementing this new, hot, state of the art thing called an ERP system, SAP. Keep in mind this was the late 90s. They handed me a book and a computer and told me to “learn SAP”. I did SD and MM configuration.

Later, IBM’s hard disk drive business was recruiting at the university I attended and they were surprised that I not only knew what SAP was but as a college kid had already worked on a full scale implementation. So, they offered me a job after graduation which I accepted. I moved to San Jose and joined their SAP Security team and the rest is history.

CSH: What is the biggest myth about the enterprise CISO?

CV: That we are the “NO” people. I always try to build programs that are secure but at the same time enable the business to be innovative, efficient, and moving forward.

See Related: Interview: Jim Gordon, Security Strategy Leader, Intel

CSH: What motivates you to keep pushing ahead every day in the security field?

CV: The people! Cyber security is a very close knit community of some amazing people. We work together across companies and industries to learn from one another and to help one another since we all face the same or similar threats.

CSH: Conversely, what concerns do you have about the state of cyber security today?

CV: The quality, knowledge and skills of those entering the field. People know it is a hot industry and many are interested which is great. I do believe that others without a traditional security background can learn and can bring new ideas and thoughts to the table; but don’t just get into security because it is a hot field and tends to pay well. You have to really LOVE security to be great at it. It is not just a job or career. It is a journey. It is a passion. It is a way of life.

See Related: Interview: The Intersection Of Diversity, STEAM And Cyber Security

CSH: Is the cyber talent shortage a reality for you? Or is this the hand that was dealt and organizations just need to live within their means?

CV: As stated above, I don’t think there is a talent shortage of people. I believe there is a shortage of qualified experts.

CSH: The lack of equality for women in IT/cyber is evident. What do you observe being done to build community and provide good role models?

CV: It is important for people like myself and other women in cyber to be active in our communities and with our schools to promote cyber as a career for women and minorities. I sit on the board of a non-profit that is focusing on growing technical skills in the community I live in. It is also important to get beyond the “myth” of what a cyber security person is supposed to look like or act like. We all know the visual of the guy in the hoodie. Well, that is not what cyber looks like so being visible to our youth as a cyber security leader will hopefully show that it is an amazing field with all kinds of people in it.

CSH: If you were able to give your younger self a piece of advice about the security industry, what would it be?

CV: Trust in the journey! Meaning if you are in the security industry, you are lucky to be in a high demand field and you may know A LOT about security but you can always learn more. Plus, it isn’t just about your what but about your how. That is how you become a LEADER in cyber. So don’t be in a rush. Don’t think you are all that and a bag of chips and mostly trust in the journey.

Christine is one of the speakers of Cyber Security Digital Summit. To learn about about the event, and register for free, click here.