How did Arti Lalwani, A-LIGN’s Risk Management and Privacy Knowledge Leader, get her start in cybersecurity? To promote Cybersecurity Awareness Month, we sat down with Arti to learn about her career path and advice she has for anyone trying to break into the industry.
The world of cybersecurity is fast-paced and rapidly evolving. Current events, such as YouRock 2021, The Accellion Supply Chain Attack, and The Colonial Pipeline attack, raised new concerns in the industry. Evolutions in frameworks and national or regional regulations, drive the need for new controls, policies, and procedures. And, of course, the last year has been an especially trying time due to the COVID-19 pandemic and the extra steps organizations had to take to ensure compliance when employees are working remotely.
While exciting and cutting edge, the cybersecurity industry can be challenging to initially break into due to its rapid rise in popularity and necessity. In honor of Cybersecurity Awareness Month, we sat down with Arti Lalwani, A-LIGN’s ISO Practice Lead, to discuss her career path, challenges women face in the industry, and tips to best launch and grow your cybersecurity career.
Getting Started in the Cybersecurity Industry
How did you break into the cybersecurity industry?
“In college, I majored in finance and worked in the financial industry for a few years following graduation. I was then hired into an IT and cybersecurity services company where I learned about hardware systems and asset management. I saw the future of technology moving towards software and compliance and I knew I needed to be on the forefront of this movement. I made a career move and went to a compliance firm where I was able to learn ISO audits and accreditation.”
How did you advance your career throughout the years?
“When I jumped industries, I spent a lot of my free time teaching myself technology to help push me through the industry to the career I wanted. Also, finding a great mentor was so important. You need someone on your side that wants to see you succeed, steer you in the right direction and provide honest feedback.”
What path do you recommend taking to best break into the cyber industry?
“Internships, internships, internships. They are so important in helping you decide what you want to do and more importantly, what you DON’T want to do. In terms of college courses, I recommend taking anything business-focused because when you advance in your career, your job responsibilities ultimately revolve around running a business. When I visit career fairs at colleges, I always look for students who have an MIS background or tons of business-based classes and great internships!”
What attracted you to the service delivery side of business?
“I chose the audit and compliance side of the business because of my upbringing. My parents owned a retail jewelry store and since I was eight years old, I would be in store helping them sell, which greatly developed my communication and people skills. I most enjoy pitching, working with a team, speaking with clients, working on strategy, asking questions and following the guidelines. This is why I was drawn to ISO audits; it is mostly discussion based and less ‘check box’ than many of the other certifications.”
What do you like best about working in the cyber industry?
“The cybersecurity industry is cutting edge and always on the forefront of change. For example, the tech industry figured out how to successfully work remotely before any other industry.
“On a personal level, I most enjoy the ‘privacy’ aspect of the industry. When a person submits their information online, what options and rights do they have? How is your PII protected across international borders? Learning a company’s posture based on their policies and procedures, security settings and compliance standards. I find the entire process to be fascinating!”
Career Advancement and Working for A-LIGN
Can you tell me about your role as A-LIGN’s ISO Practice Lead?
“I manage a team of over 20 auditors that conduct management system compliance audits. Organizations hire my auditing team to certify them to ISO standards to establish and maintain a proper management system for their organization. As A-LIGN’s Risk Management and Knowledge Leader, I determine the strategic direction of our ISO practice. My role is to keep us in line with our ANAB accreditation and search for ways we can grow as a practice, as well as working each day to move everyone closer to achieving their goals. We were selected as one of the first accredited ISO 27701 certification bodies, expanding into privacy standards as a team and that was exciting to be part of.”
What’s your favorite part about working at A-LIGN?
“The culture, hands down. I’m honored to work with an amazing ISO team who uplifts and motivates each other. Some days I’ll feel burned out and a team member will message me with a genius idea or insight into a problem we’ve been trying to solve and it brings me right back. It’s the team mentality and positive attitude from my manager that trickles down throughout the team.
“I’m proud to be a CLIMBER because A-LIGN has grown a lot in the three years I’ve been here. The ISO practice has more than doubled and I’m proud to be part of a company that continues to grow and do well. When potential and current clients hear the name ‘A-LIGN’ they know it holds value and that in itself is something to be proud of.”
What actions do you take to better yourself professionally and continue learning?
“I’m constantly pushing myself to study for new certifications and stay relevant in the industry. I still get on calls with auditors to understand what new challenges and nuances they are facing. Cybersecurity is an everchanging industry, especially within data privacy. If you feel like you know it all and can stop learning, you’re doing it wrong!”
Elevating Women in the Workplace
Being a woman in a male-dominated industry, what are some challenges you’ve faced?
“As a woman in cybersecurity, I have to work twice as hard as a man. As a minority, I have to work three times as hard. Honestly, I find it most difficult to be sure I have a voice and that I’m being heard. I think self-doubt is a huge issue for many women and we compare ourselves to our male counterparts in the workforce. Oftentimes, women are competitive with each other, ultimately bringing ourselves down. We need to overcome this challenge by working together, supporting each other and building each other up.”
Why do you think young women aren’t showing as much of an interest in the industry?
“Barrier to entry is so high when it comes to this industry that I find young women shy away from it. When I started with A-LIGN three years ago, there was only one other woman in the ISO practice and now we have seven female employees. To encourage women to pursue a career in cyber, I try my best to mentor and provide guidance.”
How does A-LIGN empower and elevate our female CLIMBERS?
“That’s a great question. I think A-LIGN is a great company to work for, and we empower female CLIMBERS by giving them the same opportunities to showcase their skills and listen to their opinions. I believe I have much respect here at A-LIGN and that my voice is heard. Providing those opportunities really empowers women.”
Why does diversity and inclusion matter to you?
“These initiatives are phenomenal because it comes down to finding talented people to join your team. That’s what we’re working towards as a company. I think when you build and nurture an inclusive and welcoming culture, you create a pattern on how the company should act towards everyone.”
Early in your career, what challenges or obstacles did you run into?
“Trying to break into the cybersecurity industry can be more difficult as a woman. My name comes across as male so when it comes to interviews, I get them pretty quickly. But, then I get on the phone or on video and the interviewer is surprised. As a woman, opportunity is always there; it’s up to us to push for equality and respect in a male-dominated industry.”
Advice for Entering the Cybersecurity Industry
Do you have advice for anyone considering a career in cybersecurity?
“Don’t give up. The cybersecurity industry may not be the easiest route you take but it will be worth the work and perseverance. If you’re not happy in your current situation or feel like you haven’t been able to break through, change your current situation but do not give up on the cyber industry.
“For women, I recommend joining Women in Cybersecurity (WiCYS). The group is really helpful in terms of networking, career growth and learning new skillsets. I personally use WiCYS as a resource often!”