After joining Cofense in 2018 as a strategic advisor, Tonia Dudley currently serves as the VP, Chief Information Security Officer (CISO) for the organization.
With over 15 years of cybersecurity experience, Tonia has managed programs in incident response, security awareness, and IT compliance for large, global organizations such as Honeywell and Charles Schwab. Tonia has served on the National Cybersecurity Alliance board since 2018, holding roles on the Executive Committee as the current Secretary and MarCom committee lead.
Get to know Tonia Dudley
Our board members are well-known and competitive within the marketplace. How does NCA’s mission create an environment where board members are unified?
While we may be competitive outside of the National Cyber Security Alliance, we all have the same goal to bring everyone together for the common understanding of the threats that impact organizations, as well as the consumer.
Having this unified message allows us to collaborate with great vision to protect organizations, as well as individuals, and defend against the changing threat landscape.
How do Cofense’s cybersecurity interests align with our mission?
Cofense, by its very existence, embodies the mission of the National Cyber Security Alliance. From inception, our goal was to educate and empower our customers to stop phishing attacks in their organizations. Our phishing defense products, which includes phishing simulations, help employees readily recognize and report phishing emails, use positive feedback to empower employees. But phishing is not just an enterprise problem – it is prevalent at home as well.
Being educated to recognize phishing emails in their work environment empowers them to carry that to their home environment, thus being more vigilant about their personal email as well.
You seem to have had a diverse career in a few different fields. Can you tell us about that and what made you ultimately choose cybersecurity?
After several years in finance and IT roles, I was ready for something new. I’m always looking for “what’s next” and willing to take a lateral move to expand my capabilities. After holding a role for 5 years doing IT Compliance, I was starting to notice the infosec group in the organization. We had an external hiring freeze at that time, so it allowed me the opportunity to take a role in policies and standards. I figured this was a great way for me to learn more about the various elements of infosec.
I haven’t regretted that move.
It allowed me to really leverage blending all the other disciplines I learned along the way, especially when I took a role managing Security Awareness programs.
Do you have any advice for our readers to prevent phishing attempts at their organizations?
When it comes to defending against phishing threats, it’s important for organizations to use a holistic approach to their program. As threat actors continuously find ways to maneuver their way into the inbox, your users are your best line of defense.
We believe it’s more than just training them on how to identify a suspicious message, but also making it easy to report to the security team. Arming your security team with the indicators found in these messages allows defenders to quickly mitigate and prevent an incident from even taking place. There is value in applying automation, however, this works best when integrated with the human intuition.
We so often hear that people are the weakest link in cybersecurity. However, in your published work, “Users Are An Intelligence Source”, you wrote that “users are a built-in army of cyber defenders”. Can you explain why you feel that way.
While we can implement layers of controls and detection mechanisms, at the end of the day it is the user that can review that suspicious message and know something just doesn’t feel right about this and get it off to the security team. They are the ones that know the CEO doesn’t use an iPhone when an email is signed “sent from my iPhone” or the third-party provider doesn’t use email to send invoices. It’s the SOC analyst that can dig a little deeper when their intuition tells them something’s just not right about a suspicious email.
What is a characteristic that security professionals should value more in the industry?
Curiosity and Composure. I’ll start with curiosity. Everyone is built differently and a team is made up of various strengths and capabilities. Team members that are curious are always asking WHY and digging deeper to find the WHY something is happening. These are the individuals that are looking at the big picture or the end to end of a process to see where there’s breakdown.
A curious person isn’t satisfied with putting a band aid on something as a fix, they want to prevent the issue from happening again. This is a characteristic you want in some of your SOC analysts. They are going to look beyond the alerts and have the intuition that something just isn’t right.
Why is composure important? Anyone involved with incident response understands how quickly things happen or new information is discovered leading to quick decisions. In times of crisis – like dealing with a major incident – individuals who have a sense of calmness can navigate the team through an incident and bring order to the team without a sense of chaos.
This is critical for managing the team through the incident, as well as communicating to leadership when necessary.
Can you share a fond memory from serving on the NCA Board of Directors?
One of my favorite events is the Nasdaq event to kick off Cybersecurity Awareness Month. My first year attending was when my oldest son lived in Brooklyn, so he and his wife showed up in time to see us ring the bell.