From ballet dancer to back-up singer to cyber security professional, Louisa Vogelenzang has already had an interesting journey, uprooting from England and making her mark in Australia since 2012.

Her security life started with a crash course in encryption for a sales role – and has since seen her rise to impressive heights at Telstra and now Kroll, where she’s responsible for leading the cyber risk team in Australia.

 Get to know Vogelenzang and you’ll soon discover she’s also ultra-passionate about her volunteer work, a role model and diversity champion, and is diligently working to help women find their ‘public speaking’ voice in the world of cyber security.

 Stories Ink caught up with Vogelenzang to discuss her early years, some of her career milestones (like her secondment to the Federal Government’s cyber resilience task force in 2017), and her main lessons learned in finding her groove in the world of cyber: Back Yourself; Push Yourself; and Be Yourself.

Growing up, what did you want to be?

I always wanted to be a ballerina and I put a lot of hard work into that growing up. My wonderful parents spent hours driving me to and from lessons and competitions and I studied at the Royal Ballet School in London for a time. Eventually, I decided to stay on at school as I realised ballet was going to be a very short career and in truth, I had lost my passion for it. I felt quite lost for many years after giving up ballet as it was such a huge part of my life, for so long, and I didn’t know who I was without it. It certainly took me a few false starts before ending up in cyber security.

What were some of your first and most memorable jobs?

My first job was on my family farm in England picking potatoes out of the ground – I earned 25 pence a basket. I remember it was cold, hard work but it felt great to ‘earn’ that pocket money and play a role in helping the family business (even if it was a very small role). 

My most memorable job was working behind the bar, which I did in various places to earn money when I was a student. It was such a great opportunity to practice the art of conversation, meet different characters, manage expectations, learn strategies to deal with conflict, and also to think on your feet.  

How did your path take you into your current role: Associate Managing Director & Country Leader (Australia) – Cyber Risk.

I needed to fund my dream ‘around the world’ trip, and a recruiter put me forward for a sales job at an encryption start-up in Cambridge (UK) back in 1999. I had no experience in sales, technology, or security, but the sales director saw potential in me for which I am still grateful for today. I will never forget my first day – a crash course in encryption. 

After I travelled and then graduated university in 2004, nCipher asked me if I wanted to come back, this time as a territory manager for the Benelux region in Europe. I never looked back and ended up staying at nCipher for another eight years, growing the region year-on-year and was eventually able to realise my dream of moving to Australia in 2012.

From there, I joined Dimension Data as a security specialist, which was an amazing opportunity to broaden my cyber security knowledge and experience across more complex commercials including managed services and outsourcing. I was then promoted to running the Victorian Security Practice there, which at the time was a $60m business with a team of 30 consultants, architects and engineers.

In 2016, I moved to Telstra’s Security Products Team which covered both physical and cyber security products across both large and small businesses, initially as national manager where we launched two new security operations centres and a new product suite and in the last year there as a product owner.

I joined Kroll in 2019, originally to launch our breach notification services in Australia. I was then asked to take on the additional responsibility of leading the Australian Cyber Risk Practice in December 2020.

Can you highlight your main responsibilities in that role? 

I’m responsible for leading our Cyber Risk team in Australia, which involves supporting our local team of consultants, leading client engagements, working with my APAC and global peers, working with our many local law firms and insurance partners and growing our business through strategic relationships. I also get to use my product and intrapreneurial skills, expanding our data breach notification and ID theft monitoring services across the APAC region, following our successful launch in Australia last year.

What do you love about your current job, and what’s your big vision for the role? 

I work in cyber security because I genuinely enjoy helping people and businesses to reduce their cyber risk. Cybercrime is global and one of the things I particularly love about working at Kroll is that we are truly a global team, empowered to work together to deliver the best outcomes for our clients. We sit on over 60 cyber insurance panels globally and manage over 2,000 cyber incidents annually. We genuinely have so much knowledge and experience to share that we then combine with our decades of in country knowledge, to help our Australian clients effectively and efficiently.  

Most of all I love working as a team with our clients, often during a tough time during a cyber-attack or data breach, helping them to recover their business operations as quickly as possible or to reduce their reputational risk. It’s an amazing privilege to be able to partner with clients in these circumstances which are often high pressure and high stakes situations for their business. 

What are some of your big milestones in your career so far – given you’ve been in cyber security for over 16 years? 

I had the opportunity to be seconded to the Federal Government’s cyber resilience task force in Canberra in 2017 while I was at Telstra. It was a great honour to be part of this initiative and I had the opportunity to meet and work with some amazing leaders in the cyber industry.

Also during my time at Telstra, I was part of the team that helped to design and launch two state-of-the-art cyber security operations centres in Melbourne and Sydney, including two new managed security services. Our efforts helped the company secure the Australian Information Security Association’s Project of the Year award and the Frost and Sullivan’s Australian Managed Security Services Provider of the Year award in 2017.

After volunteering in the Melbourne branch for several years, I was appointed to the board of The Australia Information Security Association (AISA) from 2017-2018, which was a fantastic opportunity to gain some first-hand board experience and to work with some incredibly talented and hard working people.

Most of all, I’m proud of my contributions to the industry as a volunteer, which has included four years at AISA (Committee Member, Branch Chair and Board Director), as well as my work with IDCare, The Cyber Security Café Podcast, Women Speak Cyber and Cyber Security – The Good News (where I spread news via LinkedIn on the good things happening in cyber security). 

 

You’re passionate about empowering others – particularly encouraging and supporting women speakers and aspiring speakers in the cyber security industry As such, you’re the co-founder and director of Women Speak Cyber. Can you tell us about that initiative? 

For as long as I can remember I’ve struggled with public speaking and I know many others find that a challenge too. It was also being highlighted quite publicly that there were not enough women represented on stage at conferences in the cyber security industry.

Therefore, a Telstra colleague at the time (Louisa Partridge) and I wanted to take action, not only to raise visibility of women speakers in cyber security but also to add more women speakers to the pool. We founded Women Speak Cyber – originally as a linked in page – to draw attention to women speakers in our industry. However, in 2018 we partnered with AWSN and Public Speaking Coach, Emily Edgeley, to deliver a coaching program (Project Friedman), sponsored by the Australian Signals Directorate and Aura Security. It resulted in nine women who had never presented at a cyber security conference before, speaking at CyberCon (AISA) in 2019. It was genuinely the proudest moment of my career, playing a small part in empowering these women to succeed in their first cyber conference talk – and they continue to inspire me today.  We were also delighted that Project Friedman also made the finals of the 2020 AWSN ‘Project of the Year’.

Last year, we received further funding from the Australian Signals Directorate, which meant we could establish Women Speak Cyber as a social enterprise and expand our initiatives. This includes a free coaching program for 20 women to present for the first time at a cyber security conference; a podcast, which recently launched; and a database of women speakers in cyber security in Australia for conference organisers to easily identify our existing talented women speakers in cybersecurity.

How would you describe yourself? 

Tenacious, caring, creative, passionate, and curious.

What’s a fun fact or something people don’t know about you? 

I was a backing singer in a band back in the UK with some of my cousins and my best friend when I was teenager and we made an album of our own songs (that thankfully isn’t on the Internet). During lockdown last year, we reunited (after a 23-year break) to record one song and a music video virtually, which brought some much-needed joy to all of us and our families in 2020. It would have never happened if it wasn’t for the pandemic, and honestly really helped me get through the second lockdown in Melbourne as it was such a positive thing I could focus on.

Have you had many challenges or hurdles to overcome? 

Like others, I’ve also experienced the challenge of  ‘imposter syndrome.’ This was exacerbated by the fact I was often the only woman in the room and had very few women leaders to look up to – I couldn’t see what I could be. I also started to realise that the unconscious bias of others, particularly as a woman in cyber security, was also influencing my confidence to speak out, so I decided to learn more about this area and find out what I could do about it.

It was 2017 and I was Branch Chair of AISA in Melbourne. I considered this to be a subject that was relevant to many others in the cybersecurity industry. Therefore, I invited Dr Jennifer Whelan to present to the Melbourne branch on diversity and inclusion and this was a talk that truly changed the course of my career and my life. It made me recognise that everyone has bias – myself included. I took a Harvard unconscious bias test and found I was biased towards women in science (I have an Honours Degree in Science) and as I unpacked this I realised – my own bias had also played a role in holding me back. Recognising and addressing this bias has helped me unlock more of myself. It also helped me to recognise and challenge unconscious bias towards others in the workplace, not just towards women but also towards others who are unrepresented.  

But probably the biggest hurdle was moving to a new country to effectively ‘start again.’ While it had always been a dream to move from the UK to Australia, the reality of knowing nobody both personally and professionally (aside from my husband with whom I moved with) was a lot harder in practice. Because nobody knows you, that also means they don’t know what you are capable of – whether that’s a great friend to being knowledgeable in your subject matter. All of your history is sort of zeroed out. It took a lot of time and energy to prove myself all over again, but the relationships I’ve formed are so strong as a result, and it has made me an even more resilient person.

What’s the term leadership mean to you – and what type of leader are you?

Leadership means creating an environment where people can grow, feel safe to move out of their comfort zone and where they feel supported, championed, and able to thrive.

I also think as a leader you must be willing to be vulnerable and accept that you don’t have all the answers and that’s okay. Often the answers are there within the team – solving problems together is so much more enjoyable. As a woman leader in cyber security, I also feel it is my duty to lead by example through the following actions: 

  • Be the change you want to see; and 
  • Call out unacceptable behaviour (the standard you walk past is the standard you accept)

My goal is to always lead with empathy, compassion, and an open mind.  

As a female role model and champion of diversity, what advice or lessons learned can you offer? 

Back  Yourself: What I mean by that is be prepared to advocate for yourself. I used to think that my hard work would simply speak for itself, that someone would tap me on the shoulder and suggest I should go for that promotion or offer me a speaking slot. However, you have to take ownership of that conversation yourself – that means making it clear that you want to be considered for that promotion (recognising you don’t have to be 100% ready), creating that business case for a pay rise, asking for that speaking slot. It’s not something that comes naturally to me, but I’ve seen the positive impact this can have. This is a really important skill.

Push Yourself: Every time I’ve done something that scares me, I’ve learned something and come out stronger. Start off with small things, and over time, the big goals can be achieved. I’ve definitely seen this with my public speaking. Five years ago, I struggled to present in a small group and would often be overcome by nerves. Last year, I was able to do a live TV interview, but there were lots of baby steps in between that got me there.

Be Yourself: I started my career in sales, and on more than one occasion, I was told I was too quiet, too introverted and needed to talk more in meetings to be ‘successful.’ Being an active listener and curious is something I’ve always done. I was sure that listening more than I was talking, and ensuring I was helping my clients to solve their problems – not the problems I wanted them to have – was the right approach. Over time, the results spoke for themselves.  What this taught me was you can succeed by using your strengths, and you can always challenge the status quo. It’s not always easy, but trust your gut and be true to yourself. It’s also critically important to find a work culture where you can be yourself, as this will be a place where you truly thrive and deliver your best work.

What do you do outside the world of cyber security? 

I’m a creative soul and really enjoy painting and I’m currently learning to play the Ukulele.

I’m also fond of a good Netflix binge, paddle boarding and walks in the beautiful Australian bush,  and early morning walks on the beach with my dog.

How has cyber security changed/evolved since you first entered the profession? 

The people we are having the conversation with have changed. Back in the noughties, it was always an IT and technical conversation and most of my meetings were with system or network administrators who were also ‘responsible’ for security.  Today, it’s at CEO and board level and is a business risk conversation. There’s also much better public visibility of the need for cyber security. 

If you could meet anyone in life, who would it be? 

My Grandfather – he died suddenly when I was 12 after a routine operation and I never got to say goodbye. It was a tragic event in our family, but it was also an event that changed the course of my life forever. It made me realise that life was short; you must get out there, take opportunities and cherish every moment with those you love. I always wish I had the opportunity to meet him and tell him about all the things that I’ve done.

And finally, what do you wish to achieve moving forward? 

My goals are fairly simple: Keep learning and growing and helping others do the same; continue to empower women in cybersecurity to harness the public speaking platform through Women Speak Cyber; and continue to help companies and individuals reduce the impact of cybercrime on their businesses and lives.

Do you know of a worthy ‘Close-Up’ contender? Get in touch with Jennifer at jennifer@storiesink.com.au to get the story captured.