Q&A with Wendy Shepperd, SVP of Engineering

March 8 is International Women’s Day and a time to celebrate the achievements of all women everywhere. Today, we are highlighting one of our newest crew members, Wendy Shepperd, SVP of Engineering.  

Wendy shares how she got started in cybersecurity, the significant role cybersecurity plays in our world today, how she supports an equitable work environment, and her dream to see more women in tech. 

Tell us a little about yourself and what inspired your cybersecurity career journey. 

I have been building enterprise software for nearly 30 years and have had a front-row seat to the evolution of technology from mainframes to distributed computing to cloud computing. Throughout this journey, security has been at the forefront of product development. Several things have inspired my journey to cybersecurity. 

As a product engineering leader, I’ve experienced multiple situations when we had to pause our innovation or other planned roadmap work to respond to a threat that, in some cases, consumed much of our capacity and velocity. Major security incidents that come to mind are Shellshock, Heartbleed, and Log4j, to name a few. These types of incidents, even when they do not result in a breach, can seriously impact a company’s business goals and consumes resources due to the effort it takes to respond, apply patches, and communicate with customers, among other things.  

One of the most stressful incidents earlier in my career was a full-blown data breach that compromised the customer credentials of the company I was working for at the time. It takes enormous effort and causes significant disruption when a data breach occurs. The impacts spread across every function in the company from discovering the breach, to understanding the impact, remediation, to communicating with customers. It was all-consuming for a couple of months. Ultimately, we reached a resolution but at great costs (time, people, and money).  

Another important part of the work we do is meeting compliance standards and certifications such as ISO200, FedRamp, SOC2, HIPAA HITTRUST, GDPR (to name a few). Achieving these standards is critical to improving security posture for any software company. And in many cases, these standards are required for customers who operate in highly regulated industries.  

I enjoy being in the security space, and I am motivated every day to stay aware and protect against cyber threats both personally and professionally. There is no finish line when it comes to security!  

Who made the most significant impact on your professional career, and how do you “pay it forward”? 

An executive years ago gave me an opportunity to move into a senior engineering leadership role for the first time. Being a woman in tech, it has always been more challenging to be considered for these opportunities. I appreciate that this executive saw my potential, elevated me, and challenged me to grow as a leader. They advocated and supported me while giving me candid feedback on areas I needed to improve.  

I pay it forward by advocating for women and others from underrepresented groups. My advocacy shows up in different ways. For example, investing time in mentorship and sponsorship programs, participating in employee resource groups, donating money to organizations, volunteering in the community, ensuring fair and equitable hiring practices, and fair and equitable pay.  

I am grateful for those who have paved the way before me and committed to giving back and fostering diversity, inclusion, and belonging in the tech industry for folks from various backgrounds.  

What would be your suggestion to women looking to enter the field of cybersecurity?   

First, do it! We need more women in the field of cybersecurity. It’s a fascinating space full of opportunities for people from all backgrounds. Women are still under-represented overall, but our numbers are growing. You are welcome, and you belong here.  

Second, cybersecurity is a broad industry. Think about what interests you the most. Do you enjoy engineering, product management, consulting, educating, marketing, sales, compliance, finance, and legal? All functional disciplines are present in cybersecurity. Consider how to apply your natural strengths and interests to pursue the right path for you.  

And finally, know that companies are continually investing in cybersecurity. It’s not a “nice to have,” it is a “must have.” That translates into you can develop an entire career in cybersecurity that can take many directions and can be quite lucrative.