Meet Michelle Drolet, Founder and CEO of Towerwall, Inc., a highly experienced and well-renowned information security expert. She has earned a name in the market and is respected by various information security peers and analysts. She is a sought-out speaker and panellist, and is a regular contributor to leading online publications such as Forbes Technology Council, Wired.com, and IDG CSO Online.
Laying the Foundation
In the year 1993, Michelle met Nizar Huddani, who turned out to be her boss, friend, and mentor. He hired her to run the US operations for his IT consulting business, CDG Technologies, playing in the then new cyber security space. She states that together they grew the consulting and VAR businesses that eventually led to an acquisition by a public company. She stayed with the new company but grew disenchanted by its direction. Therefore, she decided to buy back the company and contribute to Towerwall’s success. The first penetration test was done in the year 1999, when she bought the company back. After several years, she added its GRC practise to help the company’s customers build solid and repeatable information security programs. “I am so very grateful that Nizar saw potential in me that I hadn’t realized. So very blessed to be CEO of such an amazing organization,” says Michelle.
Thriving for two decades
Ever since its founding, Towerwall has been providing cyber security services and solutions. It is centred in Massachusetts, but a remote workforce is situated all over the USA. As the industry’s leading cybersecurity preparedness partner, it offers end-to-end solutions that ‘operationalize’ information security, bridging the gap between plan and action to ensure resiliency. As a women-owned, independent cybersecurity preparedness and consulting services firm, Towerwall helps their customers understand ‘one-size security solutions lead to failure’ and ‘secure cultures lead to secure companies.’ The company assists in ‘getting you prepared, keeping you protected’ with their proven 4E methodology of ‘Evaluate, Establish, Educate, Enforce.’
The company has paved its path to triumph through sheer enthusiasm and firm teamwork. Michelle and her team believe that teamwork could be the most important factor in information security. “Secure companies are not built by one person or one piece of technology, they rely on building teams and secure cultures,” she explains. “We work shoulder to shoulder with our clients, working through security challenges and seamless implementation of best practices.” Furthermore, she mentions that security is more complex than merely deploying the latest technology. Its proven and integrated approach blends the three key elements to protect its company’s critical assets: people, process, and technology. Towerwall offers cyber security services like NIST, CSF, Risk Assessment, or Penetration Tests. Towerwall has vendor-partners whose technologies offer best-of-breed, frontline security controls. These include the likes of Alert Logic, Varonis, LogRhythm, KnowBe4, Tenable, Sophos, and many other recognized brands. Its goal is simply to keep providing the best hands-on, customized cybersecurity services to its clients. “Cybersecurity is not a destination but a journey, and we are tasked with protecting our customers’ crown jewels,” says Michelle.
The organization prefers to take more effort to deliver top-tier security solutions that are designed to address its entire information infrastructure. This process is also known as ‘programatizing’ information security. It provides a consistent, repeatable, and measurable approach by building internal security cultures where information security is at the core. Moreover, it is a cost-friendly approach for clients who desire to turn their investment in securing their most critical assets into a competitive advantage.
Michelle states that ‘information security is not a destination but a journey.’ It can be difficult to keep up with the ever-expanding list of regulatory mandates and upcoming data privacy laws.
Fixing cybersecurity
Michelle advises every individual who wants to get into the cybersecurity space, to work hard, work smart, and be good to themselves. She asserts that opportunities are in abundance and one must be capable of exploring any opportunities presented to them in cybersecurity. “Not all are ‘coding’ nor pen testing but program building, sales, and support, maybe threat hunting. The sky is the limit,” says Michelle. In Massachusetts, she is involved with the MassBay Community College Cyber Program, Young Women and Minorities in Science and Technology, and Cyber Internship Programs.
Cybersecurity is the tightest labour market ever seen, the largest challenge in this sector is finding enough qualified security professionals. “To meet the high demand for skilled services, we have expanded an innovative service we call “virtual CISO,” a personal service Towerwall provides to take on the responsibilities and duties associated with the Chief Information Security Officer (vCISO), the virtual Data Protection Officer (vDPO), and the virtual Chief Privacy Officer (vCPO),” shares Michelle. She and her team are also developing a comprehensive Managed Compliance Security Service Program to help customers with day-to-day security operations through vendor risk management, Security Awareness Training, Vulnerability Scanning, ongoing Information Security Program Plan development and management. “Unlike when we started out, there is an RIO to cybersecurity today, with cyber insurance in the forefront and vendor risk management as a close 2nd. We aren’t pushing the boulder up the hill anymore; CEOs are finally seeing the value not the expense,” continues Michelle.
Looking forward
Michelle states that ‘information security is not a destination but a journey.’ It can be difficult to keep up with the ever-expanding list of regulatory mandates and upcoming data privacy laws. A good example is a client who approached Michelle for assistance in answering seemingly simple governance, risk, and compliance (GRC) security questions from one of their partners. In doing so, she and her team discovered they needed an entire information security infrastructure to protect not only their intellectual property but their customers as well. “The big challenge was getting a plan in place in short order to ensure they could continue doing business. It’s all about repeatable programs and processes,” says Michelle. She goes on to say that the programmes they’ve created have evolved to meet the pressing security concerns of their clients. Its strategic plan outlines a number of initiatives that will allow it to maintain its leadership in shaping the future of cybersecurity. The regulatory environment has become more complex as a result of new privacy laws. The company’s goal is simply to continue providing the best hands-on, customised cybersecurity services to meet the needs and requirements of its customers
Advice to Rely On
In the year 2011, Michelle founded the annual Information Security Summit, in partnership with Mass Bay Community College. The purpose of the summit is to create an open forum for knowledge sharing between cyber professionals, vendors, and students. Additionally, the Summit serves as a vehicle to raise funds to provide academic scholarships in the field of cybersecurity for MassBay’s students in their Cyber Program. “To date, more than $55,000 has been raised for scholarships,” shares Michelle. “I’m also on the MassBays’ advisory board to continue to help shape the cyber security curriculum.”
Since founding Towerwall, she has been dedicated to community service by being actively involved with organizations including The Women’s Business Alliance (a joint effort between The United Way and MetroWest Chamber of Commerce), Voices Against Violence, Young Women, and Minorities in Science and Technology. Recently, she and her team helped launch the newly introduced Lauro Garner Minority Cybersecurity Scholarship in association with Mercer University.
Michelle advises all aspiring individuals, particularly women, to have a positive attitude, a strong work ethic, and to take unconventional measures. These people can pursue a four-year degree, an associate degree, and/or related certifications. “Finding passion and loving what you do means you never have to do a day of work in your life because it’s not working it’s fun,” says Michelle
