Women in Information Security: Rebecca Herold

Last time, I had the pleasure of speaking with Susan Ballestero. She taught me a lot about what it’s like to work in a security operations center.

This time, I got the opportunity to speak with Rebecca Herold. She’s been in the cybersecurity field for quite a long time now. She founded SIMBUS, LLC, a thriving information security, privacy and compliance firm.

Kim Crawley: Hi, Rebecca! Please tell me about what you do and how you got there.

Rebecca Herold: Cybersecurity, and then privacy, actually chose me. An opportunity presented itself, and I took it; and no one else, men or women, were even vaguely interested at the time in taking it on. And I’ve followed the path of taking on things others have never done ever since.

I started my career as a systems engineer at a large multi-national financial and healthcare corporation in 1988. I identified a vulnerability in how one of the major back office systems was designed and had an idea for how to mitigate it. I went to my new manager at the time, described my idea and sketched it out on the whiteboard in his office. He wasted no time telling me that it was a horrible idea, that none of the business unit heads would ever agree to do something so drastically different, that it had never before been done and that they would likely view it just as more work for them. So, I explained how it would actually be less work for them, after which he literally yelled at me, “Stop! Your idea is bad! Quit wasting my time!” I considered quitting that day but didn’t.

Two months later at the IT-wide quarterly meeting, the IT Director announced a great new innovative idea that my manager (Read more...)