Cybersecurity is crucial for businesses to protect themselves from attackers, and Cobalt is one of the firms that provides help. Cobalt connects SaaS (software as a service) companies with hackers who can help find problems before attackers do.

Caroline Wong is VP of Security Strategy at Cobalt and has more than a decade of experience in the industry, previously working at eBay, Zynga and Symantec. Wong, who received the 2010 Women of Influence Award in the One to Watch category and authored “Security Metrics: A Beginner’s Guide,” joined Cobalt last year. She talked to International Business Times about her company and offered advice to those who want to thrive in the cybersecurity sector.

STRUCTURE SECURITY -- USE THIS ONE Newsweek is hosting a Structure Security Event in San Francisco, Sept. 26-27. Photo: Newsweek Media Group

What is the biggest cybersecurity challenge for Cobalt?

Cobalt provides a collaborative SaaS platform where organizations connect with security researchers to test their web apps, mobile apps, and APIs. Because the Cobalt platform houses pen test findings, data security is critical. Our team believes that securing user data, preventing data leaks, and ensuring safe payment processing is simply another part of building a great product.

Can you talk about the importance of collaboration between Cobalt customers and researchers, as well as the reporting app?

Cobalt delivers manual application security pen tests that target an application to discover vulnerabilities, exploit them, and determine how resilient the application is to attacks. However, we don’t want to just find security issues. We want to help organizations fix security issues and improve the quality of their code. The Cobalt platform facilitates real-time communication between security teams, pen testers, and developers by providing them with a way to interactively chat with each other. Getting all the relevant parties together in one place to talk about it can be very powerful. It can even make the difference between security issues getting fixed or not. PCI-style pen test reports are available in the platform and can also be downloaded for sharing with additional stakeholders.

What do you want to say to young women who are thinking about a career in the tech industry, especially those who want to go into cybersecurity?

Do it. This industry has a major skills shortage, and we need you and everything that you bring to the table.

What advice would you give young people for them to thrive in cybersecurity?

  1. Start by focusing on problem statements. Take time to understanding what’s wrong or needs fixing before rushing to implement a solution.

  2. Learn everything you can. The cybersecurity community is open and generous when it comes to information sharing. Take advantage!

  3. Find a great boss. If you’re not appreciated and respected for the skills and experience you bring to the table, consider working for someone else.

  4. Cultivate your energy. You’ll perform your best at work when your mind, body, and heart are well. Do more things that give you energy, and fewer things that drain it.

If you had to give only one cybersecurity advice to an ordinary citizen what would it be?

This is kind of a cheat response, but I would say: Use strong unique passwords for your most important accounts and update your software.

If I really have to only give one piece of advice, it would be to keep your software updated at all times.