April 23, 2025 • 44 mins
Sivan Tehila, CEO and founder of Onyxia Cyber, shares her journey from Israeli military CISO to innovative startup founder and cybersecurity educator, revealing how personal resilience shaped her multi-faceted career.
• Started as a cybersecurity officer in the Israeli military for 10 years, serving as CISO of the Research and Analysis Division
• Named her company Onyxia after a World of Warcraft character who could adapt to evolving environments, mirroring how security programs must adapt to evolving threats
• Created a governance platform that serves as the "operating system for security teams," unifying disparate security tools and data
• Developed a cutting-edge cybersecurity master's program at Yeshiva University featuring hands-on training in a Security Operations Center
• Advocates for bringing more women into cybersecurity through education initiatives and mentorship
• Lost her father at age 12, which taught her independence and resilience at a young age
• Believes in "work-life harmony" rather than "work-life balance" as the key to managing multiple professional roles
• Finds paddleboarding to be her "active meditation" and way to stay sharp and focused
Connect with Sivan on LinkedIn or at upcoming events in Boston (May 14th) and New York (May 8th).
https://www.vigilantviolet.com/
www.linkedin.com/in/jessvachon1
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:02):
Welcome to Voices of the Vigilant, where we dive deep
into the human side of tech.
Here we go beyond the ones andzeros to explore the people,
passions and stories driving thecyber and internet security
world.
In each episode we bringtogether experts, rebels and
innovators from across the techindustry to share their personal
journeys, challenges andvictories.
(00:23):
And here's your host and rebelin charge at Vigilant Violet,
Jess Vachon.
Jess Vachon (00:33):
Hey everyone, welcome to another episode of
Voices of the Vigilant.
I am so happy, so excited, tohave my special guest today,
Sivan Tehila, CEO and founder ofOnyxia Cyber.
She is more than just the CEOand founder of this company, but
I'm going to let her tell youall about herself.
(00:54):
The floor is yours.
Sivan Tehila (00:58):
Thank you so much for the opportunity, Jess.
It's super exciting to be here.
I was really looking forward toit and, as you said, my name is
Sivan Tehila.
I'm the CEO and the founder ofOnyxia Cyber, but I really
started my career as apractitioner and I was a
(01:18):
cybersecurity officer in theIsraeli military for 10 years in
the Israeli military for 10years.
As part of my work there, I wasthe CISO of the Research and
Analysis Division and the headof the Information Security Unit
for the Intelligence Corps.
Later I worked for otherdefense industries critical
infrastructures and at somepoint I shifted into the startup
(01:40):
world.
I fell in love with the idea ofbuilding security products and
help companies improve theirsecurity posture with technology
, and I identified a problemthat I have experienced and I
really wanted to solve, and wecan talk about this more.
Later, and in parallel to mywork in the previous startup, I
(02:04):
also started to develop securitycourses for a master's degree
in cybersecurity at YeshivaUniversity, The Katz School of
Science and Health, and that'show I also became the program
director eventually for thisincredible program, and I would
be more than happy to share moreabout my experience with
(02:27):
academia as well.
Jess Vachon (02:30):
Yeah that's amazing .
I mean, that is a huge list ofaccomplishments.
But before I dive into that, Iknow everyone's going to ask,
please explain where you get thename for your company
Sivan Tehila (02:48):
Yeah, so when we started the company, I was
thinking a lot about like theproblem we're trying to solve,
but also how I'm not going toname it like another standard
cybersecurity company which issize something right.
So when I was young, I used toplay World of Warcraft and I'm
sure some of the people in theaudience could relate to how
(03:12):
much fun that was, and one of myfavorite characters was Onyxia.
Onyxia had a human form and adragon form and she could adjust
based on the evolvingenvironment.
So that's how the name and theID came up.
What we do at Onyxia Cyber isto help companies and security
leaders to adjust their securityprograms and strategies based
(03:35):
on the evolving threats, andthat was the idea behind it.
But it's not just the name.
The inspiration behind thecolors and the design of the
platform itself is also based onthe game.
So that's that's the story.
Jess Vachon (03:53):
Yeah, I love that story.
I love that you are a gamer,I'm a gamer.
I think probably a lot ofpeople that will listen to this
podcast are gamers.
I think a lot of people in ourindustry are gamers because they
want that kind of a balance,right?
You have this very serious jobyou do all day, you're super
focused on it.
It's all about protectingeverything, and then you get to
go into a game and just let yourmind go and be something
(04:19):
completely different.
So I love that.
I have been able to test outyour platform and what I love is
a kind of you've developed akind of sandbox area with data
built into it, so that potentialcustomers don't have to connect
directly in the system and signnondisclosure agreements and do
all that.
(04:39):
They can go in and actuallylearn about what the product
looks like and how it adapts andhow it changes.
Sivan Tehila (04:49):
Do you want to speak a little bit about that?
Yeah, sure, and I think maybeI'll start with talking more
about the value that we bring toclients and how the playground
can really serve them.
What I realized over the yearsof experience as a CISO and
after working very closely withCISOs is that it's becoming very
hard not only to keep up withthe solutions we have in place,
(05:10):
but also with the data that wehave in each one of those
solutions.
And we talk in security aboutthe basics of a learned security
approach and defense in depthand we implement solutions on
top of solutions and it'sbecoming very hard to understand
how those solutions reallyserve the business.
The other part of it is that wehave always new regulations
(05:32):
coming in and we have, forexample, the new SEC regulation
that require companies not onlyto disclose incidents in four
days but also to disclosesecurity programs and strategies
.
And we have those regulations,but we don't have industry
standard.
We don't know what they'reexpecting us to report on, and
that's really how the idea ofbuilding Onyxia came up.
(05:55):
We consider Onyxia as agovernance platform or
management platform, but what Ireally like to hear from a
client last week or two weeksago that they see on XS, the
operating system for securityteams, the ability to really
manage the security initiativesunder one umbrella when the
(06:17):
security team are all aligned onthe same mission and strategy
and goals.
I'm sure you're also also basedon your military experience.
You know how important it is toalways be aligned on the
mission and goals and, like we,always come back to this.
But when you have so much goingon as a security expert, it's
very, very hard.
So we developed this.
(06:40):
I think what is nice about theplatform is that every
conversation that we're havingwith CISOs, regardless if
they're clients or not, we'lllearn and we implement some new
things and some new ideas.
The idea of the playground camefrom you.
I remember that we had aninitial conversation and you
know it's not sometimes easy, oryou know, given the busy
(07:01):
schedule of a CISO starting tofigure out how to come up with a
POC and integrate your internaldata, it's hard.
So we literally developed thisplayground in order to make it
easier for you and others toreally try the platform.
We see a huge success with this.
Success with this, I mean itmakes it gets us more visibility
(07:32):
into some new clients and theirneeds and it's a great way to
open a conversation about thewhole concept of governance and
security management and becomingthe operating system for
security teams.
Jess Vachon (07:44):
Yeah, so a couple things there.
One thing that I want to talkabout is the commander's intent,
or the commander's ability, togather as much information as
possible in a military aspect.
So the more information youhave, the quicker you have it,
the quicker you can execute onyour decisions and you can back
those up with some degree ofcertainty on what you're doing.
(08:05):
But beyond that, they can runmetrics in real-time and they
can report those metrics to therest of the executive team or to
the Board Risk Committees orthe Board as a whole, and they
(08:26):
can be very accurate on theinformation they have.
From the first time I looked atthe platform to the last time I
think it was maybe a month ago,the growth of the platform, the
integrations, is reallyincredible and for CISOs ,and I
know you know this becauseyou've sat in that chair and had
the experience that ease ofaccess to that information is so
(08:49):
critical, and I think that'swhat is really unique about your
platform.
So in a form of endorsement, Iguess, if you're a CISO and
you're out there looking forsomething to simplify your life,
this is one of those productsyou absolutely should take a
look at, because it's going tomake your life that much more
(09:09):
easier to walk through, and weneed that, because we have so
many things coming at us on adaily basis that anything that
improves and automates thecollection of the information,
distribution of the information,is certainly a place to go.
The other aspect and I don'tthink another company that
wasn't founded and led by aformer CISO could do this is,
(09:33):
every time I asked you aquestion about the platform,
"can it do this?
Can it do this?
Because you'd already been aCISO, you had already asked
yourself those questions, you'dalready put it into the product.
So that's a plus too right,because this isn't someone who
just randomly had an idea andslapped some software together
and said, oh, this is a newproduct you can bring in and you
(09:54):
can add it to the rest of yourproduct portfolio.
No, this is a CISO who saidI've been through the struggle,
I'm frustrated with the optionsthat are out there.
I'm going to build somethingthat I would want to use that
would make my life better.
So no need for response on that.
That's pretty much a commentaryon what I've seen, and I'm
excited about the growth thatI've seen in your product and
(10:16):
the potential of where it'sgoing to go.
It's really incredible.
I think you've got a great teamassembled around you and, like
I said, I don't usually, youknow, prop up products,
especially not on the podcast,but this is an exception to that
rule, I believe.
I want to change things up alittle bit.
You went through an extensivelist of things that you do or
(10:39):
have done.
It is incredible.
Yeah, what you've described is,for some people, like if it was
me, that would be my entirelifetime of work.
Right, you've done it in arelatively short period of time.
How do you, what do you think,contributed to that success in
such a short period of time?
Sivan Tehila (11:01):
So I think, if I look back at my career and like
the different stages of mycareer and I have many
discussions about this with mystudents as well I started in
the military and in the militaryin Israel they basically decide
for you what you're going to do.
I don't think that I would endup in cybersecurity if I didn't
(11:25):
have this opportunity and I'mvery grateful for that.
But it also made me think howwe can expose more people to
cybersecurity as a profession,because it's such an incredible
opportunity for people to growand develop a career in the
field, and most of the time wesee that students or people in
(11:47):
in young age they're not reallyexposed to this type of
profession.
So, I think, after I had thisopportunity to grow and I
fulfilled different positions, Irealized that, um, there are
many different ways to do things, and one of the best ways is to
build a career strategy and tounderstand and try to assess
(12:09):
where you want to be in five orsix or ten years from now and
what are the steps that you needto take in order to get there.
And I do this exercise with ourstudents when they're taking
their internships, when theydecide what kind of internship
to take or what kind ofcertificates they need to take.
We're breaking down their goalsand that's how we basically
(12:34):
come up with those ideas.
So after I retired from the armyand I joined a cybersecurity
startup, it opened my eyes toanother new world that I didn't
know before, because you, youknow, the army gives you the
opportunity to do so many thingsin a very young age, which is
amazing, and sometimes, like,looking back, I don't even
(12:56):
believe I've done those thingswhen I was so young.
Maybe that's the key.
Like you don't, you're notoverthinking when you're young,
so you're just doing whateverthey tell you to do.
But I think I really love theidea that you can build actual
technologies and build thingsfrom scratch and create an
impact in the world that reallysimplify people's job or, like
(13:21):
even more important than that,help companies to be more secure
.
And I think any decision I madewhen it comes to my career, I
always had to feel that I'mdoing something that is
meaningful, that I'm doingsomething with purpose.
For me, building Onyxia isreally like the vision and the
(13:49):
idea of, as you said, simplifyCISOs positions and make their
life a little bit easier and, bythat, help them achieve better
resilience for their own company.
When it comes to cyber educationfor me, I also see that as a
mission I'm very passionateabout, because I was lucky to
(14:09):
have an opportunity to getexposed to cybersecurity.
But many students didn't havethis opportunity, and especially
women.
We see that women make up 25%of the cybersecurity workforce.
I mean, I'm sitting here withyou and I'm very happy to you
know, when I met you, I was soinspired and impressed by your
(14:29):
journey, but it's not somethingthat we see often maybe more now
, but hopefully the numbers willincrease.
But that's how the idea ofbeing involved more in education
came up and, I think, theability to not only structure an
academic program that ismeaningful for students, but
(14:51):
also a program that helps themunderstand how it can help them
develop a meaningful career.
It's something that I wasreally busy with, and before I
became a program director in ourcybersecurity master's degree,
I actually developed a programfor high school, and it was a
high school for girls in NewYork, because I thought I mean,
(15:14):
they really need to get thisexposure to this type of
profession right before they'remaking a decision on what
they're going to study incollege.
And that was two years when Iwas actually like literally
teaching in a high school anhour or two a week on Fridays,
just to kind of, you know, giveback to the community in my way,
(15:39):
and I was very happy andexcited about the opportunity to
also take a more significantrole in the university and
become a program director there,and one of the things that
we've done there was not only todevelop, you know, the academic
courses but also to make surethat everything we're teaching
(16:02):
is really connected to the field, and we have professors and our
industry leaders.
They have their day job, theirpractitioners.
They bring their experience andreal world experience and
knowledge to the students basedon their day-to-day experiences
(16:23):
and scenarios.
We developed a SOC for students, a security operations center
for students to practice realworld scenarios, whether it's
red team, blue team exercises orwhether it's just experiencing
what it means to configure afirewall, like all those basic
things that it's very hard toteach in an academic program
(16:47):
unless you have a lab or a placewhere you can really get them
this hands-on experience,because we see that, at the end
of the day, hiring managersreally care most mostly about
the hands-on experience and thereal experience that people are
bringing in.
We see great results so far onthis part.
(17:10):
Regarding Onyx and the company,I think, like you said, things
have evolved since we started.
I started really with a visionto solve this problem that I've
experienced.
We have so many security tools,we have so much data, we have
regulations.
We need to keep up with all ofthis and we don't have one place
to manage everything.
We see that traditional GRCsolutions are mainly focusing on
(17:35):
risk and compliance, but notgovernance, and governance.
That's our job as CISOs.
On the other hand, we see thatall those I mean great products,
right, but SIM solutions, mdr,xmdr solutions they wanted to
become a main dashboard forCISOs, but they can't because
it's just way too much noise,you're not going to get there
(17:56):
every day.
So what is it?
What is this dashboard orplatform where CISOs can really
say, okay, that's what I need.
But most of the time, CISOsdon't want that.
No one to get another dashboardfor them.
They want to make sure thatit's something that is
meaningful for the whole team,and that's where Onyxia comes in
.
It's literally operating systemfor security teams.
(18:18):
You come as a CISO, you defineyour day-to-day priorities, your
high-level mission, your goals,your KPIs, and everyone are
aligned on this and whenever youI'm sure it's part of your
day-to-day too, like yousometimes ask your people
questions and then they need togo and aggregate data from so
(18:39):
many places, but Onyxia reallygives everyone the ability to
get this data, these simpleanswers to not so simple
questions, and we allow everyoneto work around one platform.
To CISOs, we allow to also leadwith transparency, whether it's
(18:59):
with their teams or executive,and we see that this is becoming
something that is much neededand if, like a few years ago, it
was a nice to have thing, nowit's becoming something that is
crucial for the ongoingoperational effectiveness of the
security team and by that,basically, we're enabling the
(19:23):
business.
So I know I covered many things, but hopefully that answered
your question.
Jess Vachon (19:31):
Yeah, and then some .
That was great.
The program that you are partof at Yeshiva University, that
graduate program, is one of thetop rated in the nation and you
talked about how the program isbuilt and what you're doing and
why the program is so successful.
Why do you think other collegesand universities aren't
(19:52):
following the model that you andyour peers have set there?
Sivan Tehila (19:59):
So we were really ranked as one of the top
cybersecurity programs out thereand we're very proud of it.
There are other great collegesand universities offering a grad
program.
I think our competitiveadvantage is really the security
operations center that we haveestablished, with the ability to
(20:21):
provide students end zoneexperience and access to cutting
edge technologies.
So when they go and you know,they land their first job.
It's not the first time they'regetting exposed to a SIM
solution and how it works, or afirewall or like all these
things.
I think we also built theprogram in a way that allows
(20:45):
people from differentbackgrounds to join and really
find their place.
So we see that you know we havecareer changers sometimes, but
we also have IT managers whowants to get into security and
they have more technicalknowledge than others.
So we start with, you know,first or two semesters of like
(21:07):
very basics, like foundations ofcybersecurity, and then we
allow students to chooseelectives based on what they're
willing to focus on.
So if it's more of a forensicrole, they'll have the ability
to take more courses around inthis area.
(21:28):
Or if you want to become a GRCleader, obviously you want to do
, you want to take more of likethe business oriented courses
and we also help them to build,as I mentioned, a very
customized cybersecurity andcareer strategy.
(21:49):
So we help them to look at thesyllabus, to take the core
courses and electives that arerelevant for them, but also we
offer them to take certificatesas part of the program.
So we give them the CISSPtraining, which is really part
of the program.
We give them the CCSK, which iscertified cloud security
(22:14):
knowledge by ISACA, and theCISSP is by ISC Square.
So we're really giving them theopportunity to take the top
certificates exams out there.
On top of that, they're gettingtheir master's degree with
hands-on experience and I thinkthis combination with the fact
(22:36):
that we help them develop anetwork with our professors that
are industry leaders, I thinkthis combination is really the
power behind, you know, thesuccess of the program.
Jess Vachon (22:52):
I've long advocated for companies to take the
opportunity to do on-the-jobtraining.
As a hiring manager forgraduates coming out of school,
what I've always looked for ishave they had any hands-on
(23:14):
real-world experience?
And it's so hard for newgraduates out of a BA program,
or even sometimes graduates outof a graduate program, to get
that experience, especially ifthey're switching careers.
So it is terrific to hear thatthe program that you're part of
(23:34):
builds that into the curriculum,builds that experience piece in
there, and it's real- time,real- world experience.
It's not dated, because a lotof these people that go through
programs, the programs arelagging by one or two years.
As you know, in thetechnological world that we live
(23:56):
in, things are moving so fast,like nine to 12 months.
Things are changing.
When I started in my career along time ago, they changed in
terms of years two or threeyears so it's much more
accelerated now and with AI herenow, things are going to go
(24:16):
that much faster.
So having relevant skills, realworld skills, along with the
relevant training, is vital tothat success.
When we talk about people doingcareer transitions, I want to
press you a little bit on that.
What message would you have topeople making those career
(24:39):
transitions from somethingcompletely not technology
related into cyber security, forthose that may be apprehensive
about it or those who think theycan do it, but they have a
non-traditional background.
What would you tell thosepeople?
Sivan Tehila (24:58):
Yeah, you know, I think I will answer that with an
example of like a success storythat we had in our school.
I often get those very you know, many questions from career
changers before they join.
They're very you know, they'reconcerned that maybe it's not
the right thing for them.
So the first advice will be tojust go and do a research.
(25:20):
Do a research on what is it tobe a CISO, what a day-to-day of
a CISO looks like.
Is this something you seeyourself doing?
If yes, so you can come here.
And obviously, same thing withother different positions we
have a professor in our program.
His name is Kevin Sokol.
He's incredible and he was astudent while he was a police
(25:48):
officer in the nypd, so heworked there on you know other
other things, but he was socurious and so excited about the
opportunity to get into cybersecurity and he basically made
the decision to join the programand he knew that he's very
(26:08):
excited about the forensics partand I think I mean he turned
out to become one of our beststudents.
Obviously, he landed veryquickly an amazing job in the
forensic space in one of the bigfour.
An amazing job in the forensicspace in one of the big four.
(26:34):
He became after that aprofessor in our program and is
often running the catch, theflag competitions that were
running.
And it's just so amazing to seehow a student who came with a
background who not very relatedto what he's doing, but there
are some things he could findright, like I mean, obviously
(26:55):
when you're a police officerthere are some aspects in
forensics that you know youcould apply.
So I always tell students Imean, if you're curious enough,
ambitious enough, doing theresearch before you join, there
is no reason why you won'tsucceed.
Obviously, if you're not sure,I think the way to get clarity
(27:20):
is to get answers to questionsand speak to people.
But we do have amazing successstories and Kevin is now one of
the most incredible professorsthat we have, is a security
practitioner and students arereally enjoying to hear you know
his perspective and the story,which is really inspiring.
Jess Vachon (27:44):
It's interesting Some of the top performers I've
found in cybersecurity have thatbackground in law enforcement
and specifically in theforensics area.
So it's something about the wayI think they think and they
walk through problems that lendsitself to information security
and that's terrific.
I like that you highlightedthat nontraditional role,
(28:07):
because I work with a lot ofpeople that are coming from
non-traditional backgroundsaccounting, lawyers, bartenders,
right from the service industry.
So many people from the serviceindustry are really great for
working in information security,for working in information
(28:29):
security, and that might seemodd to some people, but a lot of
what we do, as you know, iseducation, it's teaching, it's
revisiting topics, it's beingadvisors.
So you know, let's go back tothe bartender example.
Right, the bartender is havingto put out great customer
service, effectively communicate, doing a little bit of selling
all the time and doing a lot oflistening and understanding as
(28:53):
part of the success of theirroles.
So if you're out there andyou're listening to this episode
, know that there are really nolimitations to you coming into
the information security fieldand there's many different
branches and avenues for successwithin that field, and then,
when you're in it, you don'thave to become a CISO, right, a
(29:15):
lot of the top companies thatare out there have created
alternate paths where you becomea senior fellow in information
security so you can attain asmuch technical knowledge or
governance, risk and complianceknowledge as possible.
You can be at the top of yourgame and you can still be at
that peer level of the CISO andin a lot of circumstances it's
(29:41):
probably more job security thanthe CISO and probably more job
satisfaction, and you have thepleasure of being able to share
your information with others.
You covered a lot about givingback.
Where does that come from?
In either your upbringing orjust who you are as a person, or
(30:04):
the experiences you've had,because you are very passionate
about that.
Just from listening to whatyou've said, it sounds like 25
to 35% of your time is spentgiving back.
That's on top of being a parent.
That's on top of being aprofessor.
That's on top of running acompany, founding and running a
company.
So you know what makes you tickunder all of this, because it's
(30:28):
incredible what you're doing.
Sivan Tehila (30:32):
Well, thanks, Jess , and I feel the same about you,
and we had many conversationsabout this, right Like it's, I
think when you're passionateabout something, you find a ways
to do that and give back.
I always talk about thedifference between a work-life
balance and work-life harmony.
We often hear that work-lifebalance that's the goal, but
(30:56):
balance is something that isvery tricky because you can't be
50% in one place and 50% inanother place and always manage
that.
The concept of harmony is to bein the right place in the right
time, based on the differentneeds.
So if your family needs you ata certain time, you know that
(31:17):
that's when you need to focus onIf your business needs you more
, so your family will probablyunderstand that, but you have
the ability to really manage thetime in a way that really makes
things be successful and allowyou the focus to be fully
present with what you're doing,and I think that was something
(31:40):
that you know helped me over theyears to manage all those
things.
Speaking about past experiences, so I think I was also very
fortunate to meet really goodpeople along the way that opened
doors for me and supported mein many, many things after
retiring after my militaryservice.
(32:02):
Moving from military to theprivate sector is very, very
hard because everything isdifferent, the language, even
the systems you're using.
I remember the first time Iused Slack, I was so amazed that
people are actually using thisto communicate right.
Also, the ability to work fromeverywhere is something that is
very new.
When you're in the military,you have all the rules and
(32:24):
everything is on on-prem.
So everything was so differentand it really took me time to
transition.
But I had to first, you know,make some effort in order to get
used to like the new industrystandards and technologies and
also understanding how I canapply the knowledge that I've
(32:46):
gained in order to be really,you know, beneficial and helpful
for the companies I'm workingfor.
And I had to do that with, youknow, surrounding myself with
the relevant people, and manypeople really helped me along
the way.
Same the academia, like umDavid Schwedt is was is a good
(33:07):
friend, but he was really amentor.
And and after, you know,transitioning from the military
to the industry, the privatesector, I had to also move to a
new country, and that's another,you know, challenge.
And then, here and when I movedto New York, another challenge
(33:27):
and that's actually what led mealso to leading Cyber Ladies in
New York.
It was an opportunity to builda network, but I got to know so
many great people that reallyare part of my journey until
today when I started the company.
Same thing finding the rightinvestors, who I'm very grateful
for, and advisors.
(33:48):
Rinky Sethi is like aninspiration for me and she's a
powerhouse, not just, you know,supporting me, but so many other
founders and femaleentrepreneurs and security
leaders in the industry.
So anytime I meet someone whohelps me and inspires me, I
(34:08):
really have this need to give itback and move it forward and do
that for others.
And who knows, maybe one daythose students that I'm teaching
today will become for sure,they'll become the next
generation of CISOs and securityleaders, and you can never know
(34:29):
how those things really youknow come back to you.
So I think that that's reallythe drive behind this.
Jess Vachon (34:39):
I love that and that's such a great reward that
we get when we mentor others orlead others or coach others and
watching the success that theyhave and we don't think about it
sometimes.
But when we have staff thatwork with us or we're helping
someone in their career, it'snot just that person we're
(34:59):
affecting, right.
We're affecting their entirefamily and potentially
generations of their families,because they're given an
opportunity, we help them togrow in that opportunity, and
their success translates tosuccess of their family or their
loved ones.
For me at least, seeing thathappen is so rewarding, it's so
(35:27):
fulfilling on a personal leveland it fills what I need as my
purpose for being alive, rightfor going through this time
period.
This show is about rebels andobviously you're doing a lot of
stuff that is rebel-oriented.
I like to understand where thatcomes from.
(35:48):
What were you like as a kid andwhat influences did you draw
from your parents that make youwho you are today?
I think life made me becomevery independent in a very young
(36:09):
age.
Um, I don't know if I shared itwith you ever before, but I
lost my father when I was 12.
And my father was 30, my momwas 39 and she stayed with like
four kids.
I was the oldest.
So it was like obviously anexperience that shaped my, I
(36:30):
think, my life, my career, myjourney.
But I was really the one whohad to take care of my siblings
when my mom was working.
After it happened, she had toreally change her own career
because she needed moreindependency in her life to
manage everything.
And then she started a business.
It was a fashion store that sheopened and I remember that I
(36:57):
used to go to school as ateenager in the morning, and
then afternoon I used to go help, like taking my siblings out of
their schools, taking care ofthem, and then I used to go to
work in the store when my momcame back to spend some time
with my siblings.
So that was my reality for likemany years, until I joined the
(37:19):
army, and I think you know itwas obviously challenging, but
it was really something thatshaped me.
I realized that I have to bevery independent to take care of
myself, to make sure that Ialways create opportunities for
myself.
I learned from my mom how toturn, you know, a challenge into
something that can really helpher be independent and manage
(37:43):
her own schedule.
That can really help her beindependent and manage her own
schedule.
She started with one store.
Eventually it became likemultiple stores and it was a
very successful business thatshe stayed with until she
retired.
But I think that's really whatmade me feel like, ok, you can
overcome many different things,you can overcome many challenges
, and I think that's probablythe story that shaped me the
(38:08):
most, and obviously I mean themilitary service is another
really, you know, meaningfulexperience, and I served for 10
years, so obviously that's alsoaffected my career moving
forward.
Well, thank you for sharing that.
I know that was quite personal,but I think it's important
because it allows people tounderstand what you need to draw
(38:32):
from in this field andespecially to achieve the
heights that you've achieved.
That's great.
You know, your mother soundslike an amazingly strong woman,
and you can see how thatdefinitely passed down to you,
and I'm sure your siblings aregrateful for your fortitude as
(38:53):
well.
So now I have what's called anempowering question.
I like to ask my guests so I'mgoing to throw this out to you.
Is there something in your lifethat makes you forget time
while you're doing it?
Sivan Tehila (39:12):
So I think it's just as simple as just spending
time with my daughter, which youknow.
I think everything I'm doing isreally, I mean, first, to set
an example for her and tosupport her on her journey in
this world to become asuccessful woman, businesswoman,
(39:33):
if she wants to and createopportunities for herself.
The things that drives me everyday to be a better person, a
better professional, um, maybemore successful, as much as I
(39:57):
can, and um, and when I'm withher, I I kind of really, you
know, I'm grateful foreverything I'm doing and for the
time I have with her.
Um, so that's the simple answer.
I can think about other things,but that's the first thing that
came up to my mind.
Jess Vachon (40:12):
That's a great answer.
Any hobbies that you pursue?
I don't even know if you havetime for hobbies with everything
you do, but any hobbies you dooutside of your professional
work.
Sivan Tehila (40:21):
Yeah, so I really am.
I'm really excited aboutpaddleboarding.
I find that as my activemeditation.
I started doing that, Actually,after my daughter was born.
I was looking for a little bitmore of an extreme way to
exercise, so I started to paddlein the ocean in Israel.
It's not the oceans like theMediterranean Sea, but it was.
(40:43):
You know it's different thannow I'm doing paddleboarding on
the Hudson, but I find it verymeditative.
It's like just me on the water,um, exercising, and there is
something about um pedalboarding that is also.
It keeps you really sharp andfocused.
Um, you always need to plan inadvance like strategy for the
(41:04):
pedal, like how, where I'm goingto pedal, if the wind is behind
me, when I'm like coming back,like there are so many factors
you need to consider.
So I like that part andobviously in the water you
realize that everything youplanned is really worth nothing,
because that's life.
So it's kind of like the storyof my life, right, like startup.
(41:27):
My hobbies and you know mypersonal life are always I'm
trying to plan them.
It's not always working out,but it's an amazing experience
so far and I do enjoy theuncertainty often.
So, yeah, that's my hobby.
Jess Vachon (41:45):
That's amazing.
Thank you for so much, forbringing your whole person, not
just to the talk here, but tothe audience that's going to
listen to this podcast later.
It's so important that peopleknow what helps us to get to
where we're at in our career,but, more so, what makes us tick
, who we are outside of the workwe do.
(42:06):
So you've shared two great,three great personal items in
the last few minutes and I'm soappreciative for that.
We're about at the end of thepodcast.
When are you going to be up to,what are you going to be doing
in the next few months, and howcan people get hold of you?
Sivan Tehila (42:26):
Yeah, so obviously the best way to follow me will
be LinkedIn, so feel free toreach out on LinkedIn.
I'm very responsive there andI'm sharing many of our
activities there.
I'll be at RSA next week, ifsomeone wants to meet up there
(42:49):
there, and we're always hostingevents and bringing together
security and leaders to ourevents.
So, again, you can follow ourwebsite, my LinkedIn, our
LinkedIn page, and I'm more thanhappy to make more connections
and see if I can be helpful in away for anyone who's listening.
Great.
Jess Vachon (43:04):
And I think you mentioned going to Boston
sometime soon.
All right.
Sivan Tehila (43:08):
We have an event in Boston I think it's May 14th
and we have another event in NewYork on May 8th.
So those are the upcomingevents that we're hosting.
Jess Vachon (43:22):
Awesome.
So if you're in Boston or NewYork, get a hold of Sivan and
get connected to one of thoseevents and check out the
platform, or just meet thisamazing individual and make a
network connection.
There we're at the end of ourtime.
Thank you so much for joiningthe podcast.
Really appreciate your time andbest of continued success to
(43:44):
you, although I don't think youneed it.
You're just an amazingindividual and that's the show
for today.
Thank you.
Sivan Tehila (43:53):
Thank you.
Speaker 1 (43:55):
Thank you for listening to this episode of
Voices of the Vigilant.
If you liked what you heardtoday, please subscribe and
leave a review in your favoritepodcast app For a copy of the
transcript.
To follow Jess to apply as aguest of the show or to learn
more about services fromVigilant Violet, please visit
vigilantvioletcom.
(44:15):
Until next time, stay vigilant.
Welcome to Voices of the Vigilant, where we dive deep
into the human side of tech.
Here we go beyond the ones andzeros to explore the people,
passions and stories driving thecyber and internet security
world.
In each episode we bringtogether experts, rebels and
innovators from across the techindustry to share their personal
journeys, challenges andvictories.
(00:23):
And here's your host and rebelin charge at Vigilant Violet,
Jess Vachon.
Jess Vachon (00:33):
Hey everyone, welcome to another episode of
Voices of the Vigilant.
I am so happy, so excited, tohave my special guest today,
Sivan Tehila, CEO and founder ofOnyxia Cyber.
She is more than just the CEOand founder of this company, but
I'm going to let her tell youall about herself.
(00:54):
The floor is yours.
Sivan Tehila (00:58):
Thank you so much for the opportunity, Jess.
It's super exciting to be here.
I was really looking forward toit and, as you said, my name is
Sivan Tehila.
I'm the CEO and the founder ofOnyxia Cyber, but I really
started my career as apractitioner and I was a
(01:18):
cybersecurity officer in theIsraeli military for 10 years in
the Israeli military for 10years.
As part of my work there, I wasthe CISO of the Research and
Analysis Division and the headof the Information Security Unit
for the Intelligence Corps.
Later I worked for otherdefense industries critical
infrastructures and at somepoint I shifted into the startup
(01:40):
world.
I fell in love with the idea ofbuilding security products and
help companies improve theirsecurity posture with technology
, and I identified a problemthat I have experienced and I
really wanted to solve, and wecan talk about this more.
Later, and in parallel to mywork in the previous startup, I
(02:04):
also started to develop securitycourses for a master's degree
in cybersecurity at YeshivaUniversity, The Katz School of
Science and Health, and that'show I also became the program
director eventually for thisincredible program, and I would
be more than happy to share moreabout my experience with
(02:27):
academia as well.
Jess Vachon (02:30):
Yeah that's amazing .
I mean, that is a huge list ofaccomplishments.
But before I dive into that, Iknow everyone's going to ask,
please explain where you get thename for your company
Sivan Tehila (02:48):
Yeah, so when we started the company, I was
thinking a lot about like theproblem we're trying to solve,
but also how I'm not going toname it like another standard
cybersecurity company which issize something right.
So when I was young, I used toplay World of Warcraft and I'm
sure some of the people in theaudience could relate to how
(03:12):
much fun that was, and one of myfavorite characters was Onyxia.
Onyxia had a human form and adragon form and she could adjust
based on the evolvingenvironment.
So that's how the name and theID came up.
What we do at Onyxia Cyber isto help companies and security
leaders to adjust their securityprograms and strategies based
(03:35):
on the evolving threats, andthat was the idea behind it.
But it's not just the name.
The inspiration behind thecolors and the design of the
platform itself is also based onthe game.
So that's that's the story.
Jess Vachon (03:53):
Yeah, I love that story.
I love that you are a gamer,I'm a gamer.
I think probably a lot ofpeople that will listen to this
podcast are gamers.
I think a lot of people in ourindustry are gamers because they
want that kind of a balance,right?
You have this very serious jobyou do all day, you're super
focused on it.
It's all about protectingeverything, and then you get to
go into a game and just let yourmind go and be something
(04:19):
completely different.
So I love that.
I have been able to test outyour platform and what I love is
a kind of you've developed akind of sandbox area with data
built into it, so that potentialcustomers don't have to connect
directly in the system and signnondisclosure agreements and do
all that.
(04:39):
They can go in and actuallylearn about what the product
looks like and how it adapts andhow it changes.
Sivan Tehila (04:49):
Do you want to speak a little bit about that?
Yeah, sure, and I think maybeI'll start with talking more
about the value that we bring toclients and how the playground
can really serve them.
What I realized over the yearsof experience as a CISO and
after working very closely withCISOs is that it's becoming very
hard not only to keep up withthe solutions we have in place,
(05:10):
but also with the data that wehave in each one of those
solutions.
And we talk in security aboutthe basics of a learned security
approach and defense in depthand we implement solutions on
top of solutions and it'sbecoming very hard to understand
how those solutions reallyserve the business.
The other part of it is that wehave always new regulations
(05:32):
coming in and we have, forexample, the new SEC regulation
that require companies not onlyto disclose incidents in four
days but also to disclosesecurity programs and strategies
.
And we have those regulations,but we don't have industry
standard.
We don't know what they'reexpecting us to report on, and
that's really how the idea ofbuilding Onyxia came up.
(05:55):
We consider Onyxia as agovernance platform or
management platform, but what Ireally like to hear from a
client last week or two weeksago that they see on XS, the
operating system for securityteams, the ability to really
manage the security initiativesunder one umbrella when the
(06:17):
security team are all aligned onthe same mission and strategy
and goals.
I'm sure you're also also basedon your military experience.
You know how important it is toalways be aligned on the
mission and goals and, like we,always come back to this.
But when you have so much goingon as a security expert, it's
very, very hard.
So we developed this.
(06:40):
I think what is nice about theplatform is that every
conversation that we're havingwith CISOs, regardless if
they're clients or not, we'lllearn and we implement some new
things and some new ideas.
The idea of the playground camefrom you.
I remember that we had aninitial conversation and you
know it's not sometimes easy, oryou know, given the busy
(07:01):
schedule of a CISO starting tofigure out how to come up with a
POC and integrate your internaldata, it's hard.
So we literally developed thisplayground in order to make it
easier for you and others toreally try the platform.
We see a huge success with this.
Success with this, I mean itmakes it gets us more visibility
(07:32):
into some new clients and theirneeds and it's a great way to
open a conversation about thewhole concept of governance and
security management and becomingthe operating system for
security teams.
Jess Vachon (07:44):
Yeah, so a couple things there.
One thing that I want to talkabout is the commander's intent,
or the commander's ability, togather as much information as
possible in a military aspect.
So the more information youhave, the quicker you have it,
the quicker you can execute onyour decisions and you can back
those up with some degree ofcertainty on what you're doing.
(08:05):
But beyond that, they can runmetrics in real-time and they
can report those metrics to therest of the executive team or to
the Board Risk Committees orthe Board as a whole, and they
(08:26):
can be very accurate on theinformation they have.
From the first time I looked atthe platform to the last time I
think it was maybe a month ago,the growth of the platform, the
integrations, is reallyincredible and for CISOs ,and I
know you know this becauseyou've sat in that chair and had
the experience that ease ofaccess to that information is so
(08:49):
critical, and I think that'swhat is really unique about your
platform.
So in a form of endorsement, Iguess, if you're a CISO and
you're out there looking forsomething to simplify your life,
this is one of those productsyou absolutely should take a
look at, because it's going tomake your life that much more
(09:09):
easier to walk through, and weneed that, because we have so
many things coming at us on adaily basis that anything that
improves and automates thecollection of the information,
distribution of the information,is certainly a place to go.
The other aspect and I don'tthink another company that
wasn't founded and led by aformer CISO could do this is,
(09:33):
every time I asked you aquestion about the platform,
"can it do this?
Can it do this?
Because you'd already been aCISO, you had already asked
yourself those questions, you'dalready put it into the product.
So that's a plus too right,because this isn't someone who
just randomly had an idea andslapped some software together
and said, oh, this is a newproduct you can bring in and you
(09:54):
can add it to the rest of yourproduct portfolio.
No, this is a CISO who saidI've been through the struggle,
I'm frustrated with the optionsthat are out there.
I'm going to build somethingthat I would want to use that
would make my life better.
So no need for response on that.
That's pretty much a commentaryon what I've seen, and I'm
excited about the growth thatI've seen in your product and
(10:16):
the potential of where it'sgoing to go.
It's really incredible.
I think you've got a great teamassembled around you and, like
I said, I don't usually, youknow, prop up products,
especially not on the podcast,but this is an exception to that
rule, I believe.
I want to change things up alittle bit.
You went through an extensivelist of things that you do or
(10:39):
have done.
It is incredible.
Yeah, what you've described is,for some people, like if it was
me, that would be my entirelifetime of work.
Right, you've done it in arelatively short period of time.
How do you, what do you think,contributed to that success in
such a short period of time?
Sivan Tehila (11:01):
So I think, if I look back at my career and like
the different stages of mycareer and I have many
discussions about this with mystudents as well I started in
the military and in the militaryin Israel they basically decide
for you what you're going to do.
I don't think that I would endup in cybersecurity if I didn't
(11:25):
have this opportunity and I'mvery grateful for that.
But it also made me think howwe can expose more people to
cybersecurity as a profession,because it's such an incredible
opportunity for people to growand develop a career in the
field, and most of the time wesee that students or people in
(11:47):
in young age they're not reallyexposed to this type of
profession.
So, I think, after I had thisopportunity to grow and I
fulfilled different positions, Irealized that, um, there are
many different ways to do things, and one of the best ways is to
build a career strategy and tounderstand and try to assess
(12:09):
where you want to be in five orsix or ten years from now and
what are the steps that you needto take in order to get there.
And I do this exercise with ourstudents when they're taking
their internships, when theydecide what kind of internship
to take or what kind ofcertificates they need to take.
We're breaking down their goalsand that's how we basically
(12:34):
come up with those ideas.
So after I retired from the armyand I joined a cybersecurity
startup, it opened my eyes toanother new world that I didn't
know before, because you, youknow, the army gives you the
opportunity to do so many thingsin a very young age, which is
amazing, and sometimes, like,looking back, I don't even
(12:56):
believe I've done those thingswhen I was so young.
Maybe that's the key.
Like you don't, you're notoverthinking when you're young,
so you're just doing whateverthey tell you to do.
But I think I really love theidea that you can build actual
technologies and build thingsfrom scratch and create an
impact in the world that reallysimplify people's job or, like
(13:21):
even more important than that,help companies to be more secure
.
And I think any decision I madewhen it comes to my career, I
always had to feel that I'mdoing something that is
meaningful, that I'm doingsomething with purpose.
For me, building Onyxia isreally like the vision and the
(13:49):
idea of, as you said, simplifyCISOs positions and make their
life a little bit easier and, bythat, help them achieve better
resilience for their own company.
When it comes to cyber educationfor me, I also see that as a
mission I'm very passionateabout, because I was lucky to
(14:09):
have an opportunity to getexposed to cybersecurity.
But many students didn't havethis opportunity, and especially
women.
We see that women make up 25%of the cybersecurity workforce.
I mean, I'm sitting here withyou and I'm very happy to you
know, when I met you, I was soinspired and impressed by your
(14:29):
journey, but it's not somethingthat we see often maybe more now
, but hopefully the numbers willincrease.
But that's how the idea ofbeing involved more in education
came up and, I think, theability to not only structure an
academic program that ismeaningful for students, but
(14:51):
also a program that helps themunderstand how it can help them
develop a meaningful career.
It's something that I wasreally busy with, and before I
became a program director in ourcybersecurity master's degree,
I actually developed a programfor high school, and it was a
high school for girls in NewYork, because I thought I mean,
(15:14):
they really need to get thisexposure to this type of
profession right before they'remaking a decision on what
they're going to study incollege.
And that was two years when Iwas actually like literally
teaching in a high school anhour or two a week on Fridays,
just to kind of, you know, giveback to the community in my way,
(15:39):
and I was very happy andexcited about the opportunity to
also take a more significantrole in the university and
become a program director there,and one of the things that
we've done there was not only todevelop, you know, the academic
courses but also to make surethat everything we're teaching
(16:02):
is really connected to the field, and we have professors and our
industry leaders.
They have their day job, theirpractitioners.
They bring their experience andreal world experience and
knowledge to the students basedon their day-to-day experiences
(16:23):
and scenarios.
We developed a SOC for students, a security operations center
for students to practice realworld scenarios, whether it's
red team, blue team exercises orwhether it's just experiencing
what it means to configure afirewall, like all those basic
things that it's very hard toteach in an academic program
(16:47):
unless you have a lab or a placewhere you can really get them
this hands-on experience,because we see that, at the end
of the day, hiring managersreally care most mostly about
the hands-on experience and thereal experience that people are
bringing in.
We see great results so far onthis part.
(17:10):
Regarding Onyx and the company,I think, like you said, things
have evolved since we started.
I started really with a visionto solve this problem that I've
experienced.
We have so many security tools,we have so much data, we have
regulations.
We need to keep up with all ofthis and we don't have one place
to manage everything.
We see that traditional GRCsolutions are mainly focusing on
(17:35):
risk and compliance, but notgovernance, and governance.
That's our job as CISOs.
On the other hand, we see thatall those I mean great products,
right, but SIM solutions, mdr,xmdr solutions they wanted to
become a main dashboard forCISOs, but they can't because
it's just way too much noise,you're not going to get there
(17:56):
every day.
So what is it?
What is this dashboard orplatform where CISOs can really
say, okay, that's what I need.
But most of the time, CISOsdon't want that.
No one to get another dashboardfor them.
They want to make sure thatit's something that is
meaningful for the whole team,and that's where Onyxia comes in
.
It's literally operating systemfor security teams.
(18:18):
You come as a CISO, you defineyour day-to-day priorities, your
high-level mission, your goals,your KPIs, and everyone are
aligned on this and whenever youI'm sure it's part of your
day-to-day too, like yousometimes ask your people
questions and then they need togo and aggregate data from so
(18:39):
many places, but Onyxia reallygives everyone the ability to
get this data, these simpleanswers to not so simple
questions, and we allow everyoneto work around one platform.
To CISOs, we allow to also leadwith transparency, whether it's
(18:59):
with their teams or executive,and we see that this is becoming
something that is much neededand if, like a few years ago, it
was a nice to have thing, nowit's becoming something that is
crucial for the ongoingoperational effectiveness of the
security team and by that,basically, we're enabling the
(19:23):
business.
So I know I covered many things, but hopefully that answered
your question.
Jess Vachon (19:31):
Yeah, and then some .
That was great.
The program that you are partof at Yeshiva University, that
graduate program, is one of thetop rated in the nation and you
talked about how the program isbuilt and what you're doing and
why the program is so successful.
Why do you think other collegesand universities aren't
(19:52):
following the model that you andyour peers have set there?
Sivan Tehila (19:59):
So we were really ranked as one of the top
cybersecurity programs out thereand we're very proud of it.
There are other great collegesand universities offering a grad
program.
I think our competitiveadvantage is really the security
operations center that we haveestablished, with the ability to
(20:21):
provide students end zoneexperience and access to cutting
edge technologies.
So when they go and you know,they land their first job.
It's not the first time they'regetting exposed to a SIM
solution and how it works, or afirewall or like all these
things.
I think we also built theprogram in a way that allows
(20:45):
people from differentbackgrounds to join and really
find their place.
So we see that you know we havecareer changers sometimes, but
we also have IT managers whowants to get into security and
they have more technicalknowledge than others.
So we start with, you know,first or two semesters of like
(21:07):
very basics, like foundations ofcybersecurity, and then we
allow students to chooseelectives based on what they're
willing to focus on.
So if it's more of a forensicrole, they'll have the ability
to take more courses around inthis area.
(21:28):
Or if you want to become a GRCleader, obviously you want to do
, you want to take more of likethe business oriented courses
and we also help them to build,as I mentioned, a very
customized cybersecurity andcareer strategy.
(21:49):
So we help them to look at thesyllabus, to take the core
courses and electives that arerelevant for them, but also we
offer them to take certificatesas part of the program.
So we give them the CISSPtraining, which is really part
of the program.
We give them the CCSK, which iscertified cloud security
(22:14):
knowledge by ISACA, and theCISSP is by ISC Square.
So we're really giving them theopportunity to take the top
certificates exams out there.
On top of that, they're gettingtheir master's degree with
hands-on experience and I thinkthis combination with the fact
(22:36):
that we help them develop anetwork with our professors that
are industry leaders, I thinkthis combination is really the
power behind, you know, thesuccess of the program.
Jess Vachon (22:52):
I've long advocated for companies to take the
opportunity to do on-the-jobtraining.
As a hiring manager forgraduates coming out of school,
what I've always looked for ishave they had any hands-on
(23:14):
real-world experience?
And it's so hard for newgraduates out of a BA program,
or even sometimes graduates outof a graduate program, to get
that experience, especially ifthey're switching careers.
So it is terrific to hear thatthe program that you're part of
(23:34):
builds that into the curriculum,builds that experience piece in
there, and it's real- time,real- world experience.
It's not dated, because a lotof these people that go through
programs, the programs arelagging by one or two years.
As you know, in thetechnological world that we live
(23:56):
in, things are moving so fast,like nine to 12 months.
Things are changing.
When I started in my career along time ago, they changed in
terms of years two or threeyears so it's much more
accelerated now and with AI herenow, things are going to go
(24:16):
that much faster.
So having relevant skills, realworld skills, along with the
relevant training, is vital tothat success.
When we talk about people doingcareer transitions, I want to
press you a little bit on that.
What message would you have topeople making those career
(24:39):
transitions from somethingcompletely not technology
related into cyber security, forthose that may be apprehensive
about it or those who think theycan do it, but they have a
non-traditional background.
What would you tell thosepeople?
Sivan Tehila (24:58):
Yeah, you know, I think I will answer that with an
example of like a success storythat we had in our school.
I often get those very you know, many questions from career
changers before they join.
They're very you know, they'reconcerned that maybe it's not
the right thing for them.
So the first advice will be tojust go and do a research.
(25:20):
Do a research on what is it tobe a CISO, what a day-to-day of
a CISO looks like.
Is this something you seeyourself doing?
If yes, so you can come here.
And obviously, same thing withother different positions we
have a professor in our program.
His name is Kevin Sokol.
He's incredible and he was astudent while he was a police
(25:48):
officer in the nypd, so heworked there on you know other
other things, but he was socurious and so excited about the
opportunity to get into cybersecurity and he basically made
the decision to join the programand he knew that he's very
(26:08):
excited about the forensics partand I think I mean he turned
out to become one of our beststudents.
Obviously, he landed veryquickly an amazing job in the
forensic space in one of the bigfour.
An amazing job in the forensicspace in one of the big four.
(26:34):
He became after that aprofessor in our program and is
often running the catch, theflag competitions that were
running.
And it's just so amazing to seehow a student who came with a
background who not very relatedto what he's doing, but there
are some things he could findright, like I mean, obviously
(26:55):
when you're a police officerthere are some aspects in
forensics that you know youcould apply.
So I always tell students Imean, if you're curious enough,
ambitious enough, doing theresearch before you join, there
is no reason why you won'tsucceed.
Obviously, if you're not sure,I think the way to get clarity
(27:20):
is to get answers to questionsand speak to people.
But we do have amazing successstories and Kevin is now one of
the most incredible professorsthat we have, is a security
practitioner and students arereally enjoying to hear you know
his perspective and the story,which is really inspiring.
Jess Vachon (27:44):
It's interesting Some of the top performers I've
found in cybersecurity have thatbackground in law enforcement
and specifically in theforensics area.
So it's something about the wayI think they think and they
walk through problems that lendsitself to information security
and that's terrific.
I like that you highlightedthat nontraditional role,
(28:07):
because I work with a lot ofpeople that are coming from
non-traditional backgroundsaccounting, lawyers, bartenders,
right from the service industry.
So many people from the serviceindustry are really great for
working in information security,for working in information
(28:29):
security, and that might seemodd to some people, but a lot of
what we do, as you know, iseducation, it's teaching, it's
revisiting topics, it's beingadvisors.
So you know, let's go back tothe bartender example.
Right, the bartender is havingto put out great customer
service, effectively communicate, doing a little bit of selling
all the time and doing a lot oflistening and understanding as
(28:53):
part of the success of theirroles.
So if you're out there andyou're listening to this episode
, know that there are really nolimitations to you coming into
the information security fieldand there's many different
branches and avenues for successwithin that field, and then,
when you're in it, you don'thave to become a CISO, right, a
(29:15):
lot of the top companies thatare out there have created
alternate paths where you becomea senior fellow in information
security so you can attain asmuch technical knowledge or
governance, risk and complianceknowledge as possible.
You can be at the top of yourgame and you can still be at
that peer level of the CISO andin a lot of circumstances it's
(29:41):
probably more job security thanthe CISO and probably more job
satisfaction, and you have thepleasure of being able to share
your information with others.
You covered a lot about givingback.
Where does that come from?
In either your upbringing orjust who you are as a person, or
(30:04):
the experiences you've had,because you are very passionate
about that.
Just from listening to whatyou've said, it sounds like 25
to 35% of your time is spentgiving back.
That's on top of being a parent.
That's on top of being aprofessor.
That's on top of running acompany, founding and running a
company.
So you know what makes you tickunder all of this, because it's
(30:28):
incredible what you're doing.
Sivan Tehila (30:32):
Well, thanks, Jess , and I feel the same about you,
and we had many conversationsabout this, right Like it's, I
think when you're passionateabout something, you find a ways
to do that and give back.
I always talk about thedifference between a work-life
balance and work-life harmony.
We often hear that work-lifebalance that's the goal, but
(30:56):
balance is something that isvery tricky because you can't be
50% in one place and 50% inanother place and always manage
that.
The concept of harmony is to bein the right place in the right
time, based on the differentneeds.
So if your family needs you ata certain time, you know that
(31:17):
that's when you need to focus onIf your business needs you more
, so your family will probablyunderstand that, but you have
the ability to really manage thetime in a way that really makes
things be successful and allowyou the focus to be fully
present with what you're doing,and I think that was something
(31:40):
that you know helped me over theyears to manage all those
things.
Speaking about past experiences, so I think I was also very
fortunate to meet really goodpeople along the way that opened
doors for me and supported mein many, many things after
retiring after my militaryservice.
(32:02):
Moving from military to theprivate sector is very, very
hard because everything isdifferent, the language, even
the systems you're using.
I remember the first time Iused Slack, I was so amazed that
people are actually using thisto communicate right.
Also, the ability to work fromeverywhere is something that is
very new.
When you're in the military,you have all the rules and
(32:24):
everything is on on-prem.
So everything was so differentand it really took me time to
transition.
But I had to first, you know,make some effort in order to get
used to like the new industrystandards and technologies and
also understanding how I canapply the knowledge that I've
(32:46):
gained in order to be really,you know, beneficial and helpful
for the companies I'm workingfor.
And I had to do that with, youknow, surrounding myself with
the relevant people, and manypeople really helped me along
the way.
Same the academia, like umDavid Schwedt is was is a good
(33:07):
friend, but he was really amentor.
And and after, you know,transitioning from the military
to the industry, the privatesector, I had to also move to a
new country, and that's another,you know, challenge.
And then, here and when I movedto New York, another challenge
(33:27):
and that's actually what led mealso to leading Cyber Ladies in
New York.
It was an opportunity to builda network, but I got to know so
many great people that reallyare part of my journey until
today when I started the company.
Same thing finding the rightinvestors, who I'm very grateful
for, and advisors.
(33:48):
Rinky Sethi is like aninspiration for me and she's a
powerhouse, not just, you know,supporting me, but so many other
founders and femaleentrepreneurs and security
leaders in the industry.
So anytime I meet someone whohelps me and inspires me, I
(34:08):
really have this need to give itback and move it forward and do
that for others.
And who knows, maybe one daythose students that I'm teaching
today will become for sure,they'll become the next
generation of CISOs and securityleaders, and you can never know
(34:29):
how those things really youknow come back to you.
So I think that that's reallythe drive behind this.
Jess Vachon (34:39):
I love that and that's such a great reward that
we get when we mentor others orlead others or coach others and
watching the success that theyhave and we don't think about it
sometimes.
But when we have staff thatwork with us or we're helping
someone in their career, it'snot just that person we're
(34:59):
affecting, right.
We're affecting their entirefamily and potentially
generations of their families,because they're given an
opportunity, we help them togrow in that opportunity, and
their success translates tosuccess of their family or their
loved ones.
For me at least, seeing thathappen is so rewarding, it's so
(35:27):
fulfilling on a personal leveland it fills what I need as my
purpose for being alive, rightfor going through this time
period.
This show is about rebels andobviously you're doing a lot of
stuff that is rebel-oriented.
I like to understand where thatcomes from.
(35:48):
What were you like as a kid andwhat influences did you draw
from your parents that make youwho you are today?
I think life made me becomevery independent in a very young
(36:09):
age.
Um, I don't know if I shared itwith you ever before, but I
lost my father when I was 12.
And my father was 30, my momwas 39 and she stayed with like
four kids.
I was the oldest.
So it was like obviously anexperience that shaped my, I
(36:30):
think, my life, my career, myjourney.
But I was really the one whohad to take care of my siblings
when my mom was working.
After it happened, she had toreally change her own career
because she needed moreindependency in her life to
manage everything.
And then she started a business.
It was a fashion store that sheopened and I remember that I
(36:57):
used to go to school as ateenager in the morning, and
then afternoon I used to go help, like taking my siblings out of
their schools, taking care ofthem, and then I used to go to
work in the store when my momcame back to spend some time
with my siblings.
So that was my reality for likemany years, until I joined the
(37:19):
army, and I think you know itwas obviously challenging, but
it was really something thatshaped me.
I realized that I have to bevery independent to take care of
myself, to make sure that Ialways create opportunities for
myself.
I learned from my mom how toturn, you know, a challenge into
something that can really helpher be independent and manage
(37:43):
her own schedule.
That can really help her beindependent and manage her own
schedule.
She started with one store.
Eventually it became likemultiple stores and it was a
very successful business thatshe stayed with until she
retired.
But I think that's really whatmade me feel like, ok, you can
overcome many different things,you can overcome many challenges
, and I think that's probablythe story that shaped me the
(38:08):
most, and obviously I mean themilitary service is another
really, you know, meaningfulexperience, and I served for 10
years, so obviously that's alsoaffected my career moving
forward.
Well, thank you for sharing that.
I know that was quite personal,but I think it's important
because it allows people tounderstand what you need to draw
(38:32):
from in this field andespecially to achieve the
heights that you've achieved.
That's great.
You know, your mother soundslike an amazingly strong woman,
and you can see how thatdefinitely passed down to you,
and I'm sure your siblings aregrateful for your fortitude as
(38:53):
well.
So now I have what's called anempowering question.
I like to ask my guests so I'mgoing to throw this out to you.
Is there something in your lifethat makes you forget time
while you're doing it?
Sivan Tehila (39:12):
So I think it's just as simple as just spending
time with my daughter, which youknow.
I think everything I'm doing isreally, I mean, first, to set
an example for her and tosupport her on her journey in
this world to become asuccessful woman, businesswoman,
(39:33):
if she wants to and createopportunities for herself.
The things that drives me everyday to be a better person, a
better professional, um, maybemore successful, as much as I
(39:57):
can, and um, and when I'm withher, I I kind of really, you
know, I'm grateful foreverything I'm doing and for the
time I have with her.
Um, so that's the simple answer.
I can think about other things,but that's the first thing that
came up to my mind.
Jess Vachon (40:12):
That's a great answer.
Any hobbies that you pursue?
I don't even know if you havetime for hobbies with everything
you do, but any hobbies you dooutside of your professional
work.
Sivan Tehila (40:21):
Yeah, so I really am.
I'm really excited aboutpaddleboarding.
I find that as my activemeditation.
I started doing that, Actually,after my daughter was born.
I was looking for a little bitmore of an extreme way to
exercise, so I started to paddlein the ocean in Israel.
It's not the oceans like theMediterranean Sea, but it was.
(40:43):
You know it's different thannow I'm doing paddleboarding on
the Hudson, but I find it verymeditative.
It's like just me on the water,um, exercising, and there is
something about um pedalboarding that is also.
It keeps you really sharp andfocused.
Um, you always need to plan inadvance like strategy for the
(41:04):
pedal, like how, where I'm goingto pedal, if the wind is behind
me, when I'm like coming back,like there are so many factors
you need to consider.
So I like that part andobviously in the water you
realize that everything youplanned is really worth nothing,
because that's life.
So it's kind of like the storyof my life, right, like startup.
(41:27):
My hobbies and you know mypersonal life are always I'm
trying to plan them.
It's not always working out,but it's an amazing experience
so far and I do enjoy theuncertainty often.
So, yeah, that's my hobby.
Jess Vachon (41:45):
That's amazing.
Thank you for so much, forbringing your whole person, not
just to the talk here, but tothe audience that's going to
listen to this podcast later.
It's so important that peopleknow what helps us to get to
where we're at in our career,but, more so, what makes us tick
, who we are outside of the workwe do.
(42:06):
So you've shared two great,three great personal items in
the last few minutes and I'm soappreciative for that.
We're about at the end of thepodcast.
When are you going to be up to,what are you going to be doing
in the next few months, and howcan people get hold of you?
Sivan Tehila (42:26):
Yeah, so obviously the best way to follow me will
be LinkedIn, so feel free toreach out on LinkedIn.
I'm very responsive there andI'm sharing many of our
activities there.
I'll be at RSA next week, ifsomeone wants to meet up there
(42:49):
there, and we're always hostingevents and bringing together
security and leaders to ourevents.
So, again, you can follow ourwebsite, my LinkedIn, our
LinkedIn page, and I'm more thanhappy to make more connections
and see if I can be helpful in away for anyone who's listening.
Great.
Jess Vachon (43:04):
And I think you mentioned going to Boston
sometime soon.
All right.
Sivan Tehila (43:08):
We have an event in Boston I think it's May 14th
and we have another event in NewYork on May 8th.
So those are the upcomingevents that we're hosting.
Jess Vachon (43:22):
Awesome.
So if you're in Boston or NewYork, get a hold of Sivan and
get connected to one of thoseevents and check out the
platform, or just meet thisamazing individual and make a
network connection.
There we're at the end of ourtime.
Thank you so much for joiningthe podcast.
Really appreciate your time andbest of continued success to
(43:44):
you, although I don't think youneed it.
You're just an amazingindividual and that's the show
for today.
Thank you.
Sivan Tehila (43:53):
Thank you.
Speaker 1 (43:55):
Thank you for listening to this episode of
Voices of the Vigilant.
If you liked what you heardtoday, please subscribe and
leave a review in your favoritepodcast app For a copy of the
transcript.
To follow Jess to apply as aguest of the show or to learn
more about services fromVigilant Violet, please visit
vigilantvioletcom.
(44:15):
Until next time, stay vigilant.
Popular Podcasts
Las Culturistas with Matt Rogers and Bowen Yang
Ding dong! Join your culture consultants, Matt Rogers and Bowen Yang, on an unforgettable journey into the beating heart of CULTURE. Alongside sizzling special guests, they GET INTO the hottest pop-culture moments of the day and the formative cultural experiences that turned them into Culturistas. Produced by the Big Money Players Network and iHeartRadio.
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com