Learning About Inherent Professional Skills of Women, Working with Male Allies and Preventing Cyber Attacks with Browser Posture Management

TechNadu interacted with Poornima DeBolle, Chief Technology and Security Officer and Co-founder of Menlo Security, as part of its women in cybersecurity campaign, LeadHER in Security. 

Taking inspiration from the women in her family and industry leaders, DeBolle co-founded the company to combat the growing threat of malware and address email security challenges. 

DeBolle emphasized the need for a robust browser architecture because of the time a workforce spends consuming content on it. Scam prevention requires better scanning capabilities besides looking for typos in fraudulent communications. 

With a strict no to synchronizing work credentials to a personal account, DeBolle warned against synchronizing accounts across devices to prevent exposing an enterprise to a threat actor with an admin account compromise.

Read the full interview to learn more about ransomware prevention, phishing, the Center for Internet Security (CIS), mirroring the skills of the male counterparts, and more.

Vishwa: Please tell us about your entrepreneurial journey to Menlo Security and experience as a female leader in technology.

Poornima: Inspired by women in my own family and role models in the industry, I learned early in my career that creativity and perseverance are key to solving problems. The gratification of solving a customer problem and the determination to get the job done well drives me to this day.

I began my career in cybersecurity at Check Point Software. Following Check Point, I joined Altor Networks, which was acquired by Juniper, where I managed the cloud security and security management products and interfaced with major service providers and enterprise customers. 

I co-founded Menlo Security with the bold vision of changing the security paradigm to conclusively solve security problems rather than make them incrementally better. At a time when detect and remediate solutions were no match for advanced malware and adoption of Software as a Service (SaaS) was progressing at a fast clip, I co-founded the company to focus on web and email security challenges. 

In the new world, where the majority of the workforce spends 75% of their time in a browser and 90 %+ of threats were from web and email, employees could do their work because they were “secure by architecture”.

I was recently named Menlo’s Chief Technology and Security Officer and previously served as CPO. As a woman of color and tech entrepreneur with 20+ years of cybersecurity experience, I have shattered barriers, leading Menlo to $100 million in ARR in October and achieving 2-3x the revenue of our competitors. 

Vishwa: The website of Menlo Security proudly states, “Phishing and ransomware? Eliminated.” What makes the firm so certain about its defensive capabilities and solutions?

Poornima: Ransomware relies on various circumvention techniques, typically of network inspection, which are missing browser and user context. Combining the browser context with the air gap of the Menlo Secure Cloud Browser has proven to be the best model to protect from ransomware from the web vector.

Phishing is another problem that the industry has been grappling with for years. The Menlo Secure Cloud Browser has the benefit of seeing what the user sees and what the user does not see in the browser back-end. 

Combining that perspective with neural networks and AI has given us the ability to identify and block credential phishing campaigns 6 days before the reactive, research-based technologies have identified the campaign. This one-of-a-kind solution is only possible with our architecture and infrastructure.

Vishwa: Please share how the Menlo Security Browser Posture Manager shields a user’s activities and data. How is it different from solutions offered by other companies?

Poornima: Popular browsers like Edge and Chrome serve billions of consumers whose activity, like shopping, video games, movies, synchronizing credentials, etc., uses capabilities that are not needed by an enterprise user and are, in fact, detrimental to security.

Many organizations turn to security benchmarks like CIS Level 2 or 3 to configure their browsers to meet the needs of the enterprise user while keeping the organization safe. However, there is no easy-to-configure, easy-to-manage, and easy-to-deploy solution. Most organizations are evaluating the browser configuration every 6 months, while browser updates are delivering new capabilities every 2-3 weeks.

Browser Posture Manager (BPM) is a Menlo product that not only centralizes browser configuration management to keep up with the fast pace of browser innovation but also provides the security administrator a way to stay on top of browser configuration that meets the enterprise needs. By customizing the browser to the user's needs, BPM reduces the browser attack surface.

BPM benchmarks the organization’s configuration against the industry benchmark and guides the administrator to the best configuration for their enterprise. Other solutions on the market expect the administrator to have thorough knowledge of the browser innards to ensure they don’t create user friction.

Vishwa: What are some of the human errors that lead to security breaches while surfing online? How could those be avoided?

Poornima: Common user errors are the typical giving away of credentials to an impersonated website as is downloading software updates from pop-ups. Attacks these days, aided by AI, are so good that much of our past training about identifying bad grammar and spelling mistakes is no longer applicable. 

The best way to avoid these is by continuously educating yourself. Especially if you are a non-technical professional, make an effort to learn one thing every week. Find your favorite blog or news source; there is no shortage of information.

From an enterprise perspective, a human error that recently resulted in a massive breach is synchronizing your work credentials to a personal account. Browsers and various password managers make it easy to synchronize across accounts and devices. An administrator’s personal account was compromised, which gave the attacker keys to the enterprise.

Menlo Browser Posture Manager helps avoid these types of mistakes that can lead to unfortunate incidents.

Vishwa: What are the common deterrents affecting women entrepreneurs, and how can they prepare against them?

Poornima: Women entrepreneurs face some of the same challenges that entrepreneurs face, but in addition to that, there are the usual challenges of the high-tech world that spill into the entrepreneurial process. 

I recommend women entrepreneurs mirror some of the habits of our male counterparts - network and learn from other women entrepreneurs. I have observed that women network a lot less than men. 

Participate in tech forums and build connections. Like Steve Jobs said, “I have never had anyone say no to helping me.” If they’re not available, they are usually willing to connect you to someone. There are also great, experienced women VCs - though few and far between. Reach out to them to learn before you pitch them your idea.

As always, don’t forget our male allies. I have been blessed to know a number of men who have given me a male perspective when I am preparing for a big presentation. Their perspective was invaluable. Most of your colleagues want to help, but many times they may not know how. 

Asking them explicitly gives them the opportunity to engage.

Vishwa: You have extensive experience in business development. What are your main qualities and traits that helped you in this role and build companies? Also, what were the skills that developed further with experience?

Poornima: Women are especially suited for business development and partnerships because we are inherent relationship builders. I learned from experience that cybersecurity is a small world, treat everyone with dignity and respect. You never know when that person is on the other side of the table for an important business deal.

Be it customers or partnerships, listening is the most important skill for success. In business development, understanding the limitations and desired outcomes of the other side is very helpful. 

While some requests may sound unreasonable, understanding the motivations for those can drive resolution. If I had a penny for every time my CEO, Amir, told me to think from the partner’s perspective, I would retire a rich woman. I learned a lot from working with him, he is one of the best in the business.

Vishwa: Being the co-founder of Menlo Security for over a decade, and having worked at other companies in various roles, when you look back, what seems like the factors that helped you effectively tackle work life challenges?

Poornima: As a woman of color, female founder, and entrepreneur, I’ve encountered numerous challenges throughout my career. I am not sure I have tackled them all yet.

Without a doubt, the most important factor in my ability to tackle work-life challenges is my family. They understand and appreciate that my work is important to me and have supported me through various accommodations and sacrifices.

In addition to that, I also consciously made my own compromises. When I had young children, I deliberately and consciously chose to slow down because it was the right choice for me and my family. I have met other women, friends, and acquaintances who chose not to because they had the support of parents, caregivers, etc. Everyone’s situation is different, and being deliberate about your choices is the best way to configure something that works for you.

Long ago, I heard an interview with Cookie Roberts where she said a career is not a sprint; it is a marathon. We spend decades building our careers. Mine does not need to look like the man or woman next to me. I have the license to build it and navigate it the way that suits me. 

That perspective liberated me and really helped me confidently build my own path rather than try to emulate others around me.