With a background in engineering and 20 years of experience, Bindu Sundaresan is a highly driven and resourceful security professional with a track record of creating and supporting successful projects and solutions utilizing a wide range of technologies and industry best practices. She is frequently credited with increasing organizational effectiveness and efficiency through a leadership style that harmonizes the corporate security function, information technology, and business processes to achieve cost savings, accelerate performance, and maintain the organization’s strategic flexibility.
Below are highlights of the interview:
Can you tell us a little about your journey before starting your professional journey?
My experience spans more than 22 years and has been shaped by the opportunity to work with some of the world’s most innovative companies. I have worked with industry frameworks, including NIST/ISO/HITRUST, and regulatory requirements, including PCI, NERC, and HIPAA. I have led dozens of cyber-risk engagements for Fortune 500 clients, from strategy to technology implementation to breach response. I was tapped to lead a complex PCI and HIPAA compliance assessment for a leading global retailer, spearheaded a $1M security assessment, and worked on securing Criminal Justice Information Sharing Networks for a major city in the North East. Before AT&T, I was a Senior Manager with Verisign. Before joining Verisign, I was a Senior Consultant with KPMG and a Senior Network Engineer. My love for teaching and mentoring started with my role as an Adjunct Faculty at the State University of New York (SUNY).
Tell us about your role and responsibility at AT&T Cybersecurity.
I provide strategic and tactical cybersecurity consulting services to customers and specialize in collaborating with clients on cybersecurity, technology transformation, cyber risk, compliance, and data governance initiatives. I lead a team of security professionals responsible for providing consultative services specific to Trusted Advisor engagement, Incident Response, Forensics, Threat/Vulnerability Management services, and compliance assessments. I leverage my extensive technical skills as I advise customers through workshops, speaking engagements, and industry forums. I counsel customers on how to best optimize their business benefits and drive organizational improvements by sustaining security protocols, managing compliance, and mitigating risk. In addition to providing subject matter expert support, I am responsible for defining services across Cybersecurity Consulting based on client-specific security challenges.
What are the company’s extensive security offerings that meet current corporate requirements?
AT&T: As the owner and operator of the largest network in North America, our heritage of secure connectivity is unrivaled. In addition to our expertise in threat intelligence and network security, we collaborate with best-of-breed providers to help businesses safeguard digital assets and innovate confidently. AT&T Cybersecurity consulting has a history of providing expert cybersecurity consulting services to organizations across industries and geographies. AT&T Cybersecurity consultants offer expert insights and practical tools organizations need to establish and maintain security best practices.
How have you integrated some of the more innovative thinking you developed while working for technology-driven companies into your current organization?
With budgets tightening across the board and competition for a limited pool of IT and security talent growing fiercer, cyber as a service provider have become an optimal solution for many companies. Internal security teams can concentrate on their core missions, knowing they can count on their partners to focus on specific vectors. This could be high priority or critical items within security or something outside of security. Cyber Security as a Service (CSaaS) allows the services utilized to change over time and be periodically realigned to ensure the customer’s business needs are being met. I lead this service and help drive the integrated offerings via innovative thinking on an ongoing basis,
Who do you collaborate with the most to drive growth and success?
I collaborate with the stakeholders across the organization both internal to AT&T as well as our customers. Within the C suite, CIO, CTO, CISO, CFO, CRO are all key to help gain commitment to achieving a shared vision . Creating a culture focused on being intellectually stimulated and energized by their surroundings, knowing they are making a valuable contribution as an individual and team member, and being recognized for their performance helps drive growth and success
How do you think about building advanced security team?
Security needs to be a business imperative and should be woven into the fabric of all business decisions, whether that is regarding digital risk, business continuity, or business adaptability. Organizations should review their current state of cybersecurity to understand where there may be red flags or glaring gaps. Be honest and ask difficult questions. Does positive cybersecurity hygiene exist in your organization? Is the company doing enough to raise security awareness? Is there adequate protection in place to allow employees to work remotely? Are the cloud infrastructures being continuously monitored and highly secured? Do all endpoints, including dedicated IoT devices, have security in place? Do we have defenses to help mitigate potential DDoS and other network-based attacks? Can we guarantee that we understand the business’ attack surface? Is security deeply embedded and rooted within the company’s culture? And most importantly, do you have a “security first” mindset?
What does your role look like five years from now?
As cybersecurity thought leader and a trusted advisor to clients, my role would be tasked with driving progress in executing the overall cyber strategy through analysis, stakeholder management, leadership communication, and ideation recommendations on how to implement strategic goals, including Partner with stakeholders to monitor and achieve annual targets. Identify and drive initiatives for process improvement and organizational structure changes.
What are the most important attributes of successful leaders?
When I started in cybersecurity over two decades ago, I was often the only woman and woman of color in the room. Now, more diversity is represented in the industry, ,. Still, making me optimistic about the future for women, not just in cybersecurity but making me confident about the future for women in cybersecurity and STEM.
My fascination with technology, as well as my commitment to diversity and inclusion, drew me in. I wanted to be a part of an industry where I could make a difference in advancing tech and security and revolutionizing the field by bringing a diversity of demographics, skill sets and walks of life. I consider character, competence, collaboration, communication, and curiosity attributes of successful leaders.
What advice would you give to the next generation of female leaders?
My advice for women considering a career in STEM would be to not worry about breaking the norm. If you have an idea or observation, speak up, as the diversity of thoughts is often the key to solving complex problems in the industry. Early on in the journey, find strong mentors you can lean on for career opportunities, professional advice, and expanding your skill set. With a bold mindset and strong allies, you’ll be set up for success in STEM.
Entering a field dominated by people who are different from you can seem intimidating, but that doesn’t mean you won’t find success. While cybersecurity and many other fields have room for improvement regarding representation and fair treatment, change doesn’t happen overnight. The area needs strong women to continue building on the work of those who’ve already started blazing this trail. If you dream it, you can be it.