Like many of her CFO peers, Karen Walker had an early career that was guided by abundant opportunities surrounding finance-driven decision-making within organizations.
It was a path that often led Walker to engage more closely with sales and operations, as was the case at CNET Networks, where she tells us that she recognized the limitations of embracing a strictly “rules-based” approach in finance.Read More
It was at CNET that she embraced a more transformative perspective—prioritizing the customer’s objectives and challenges. This shift in thinking, emphasizing a customer mind-set, would continue as she advanced in her career.
At PagerDuty, the philosophy became instrumental in addressing the company’s rapid growth challenges. Now, as CFO at Sysdig, Walker tell us that it’s this commitment to understanding customer needs that guides the company’s approach to cloud security. Her journey reflects a progressive integration of customer-centricity into financial leadership, showcasing its adaptability and efficacy in diverse business environments.
Says Walker: “I think that one of the things that I have really learned over the years—and espouse as a philosophy—is that every employee—which includes, of course, finance—should really have a customer mind-set and really put the customer at the center of every decision that is made.”
Made Possible By
The Path to Leadership
- Transition to Industry and Technology Focus:
- Karen transitioned from public accounting to industry, entering in start-up mode by working at a small software company.
- Her career in technology has included roles at Uber Technologies during hypergrowth, Pandora media, and CBS interactive, showcasing a mix of B2C and B2B businesses.
- Leadership Philosophy and Learning Experiences:
- Karen highlighted the importance of not needing to have all of the answers as a leader, as well as the value of learning from the team.
- She emphasized the significance of being fearless while sharing experiences from her role as a controller at Uber, where she faced challenges but learned to take on new responsibilities.
- Career Growth and Strategic Moves:
- Karen’s career has spanned roles in accounting, finance, and operational roles, demonstrating versatility.
- Strategic moves, such as joining Pandora media—where she worked on optimizing the capital structure—and later moving to PagerDuty, have contributed to her diverse skill set.
CFOTL: Tell us about Sysdig … what does this company do, and what are its offerings today?
Walker: Sysdig is a cloud security company. We effectively secure cloud-native applications for companies and help to stop cloud attacks. Before I jump into some of the details and how we are highly differentiated, let me just point out that when you think about on-premise technology, you’re talking about the dwell time for an attacker being multiple days or even multiple weeks. In the cloud, you have 10 minutes or less to actually respond to an attack.Read More
The reasons why companies adopt the cloud are all about time-to-market, speed of innovation, and enabling an agile development cycle.Read More
These are all things that are advantages for companies—but these same advantages are the advantages that attackers have as well. They can move very quickly. The nature of the cloud is very open. Use an analogy like securing your house. When you’re on-prem, it’s pretty easy—well, maybe not easy, but you basically think about who’s coming through the front door and how to secure it, right? In the cloud, though, the reality is that the largest or most common insertion point for an attack is through credentials.
Ninety percent of the access that is granted in the cloud is not actually used—which is pretty interesting—so there’s already an open opportunity there. And, again, the reality is that you can do all of the hardening in the cloud that you want regarding configurations and who has access, but this is just the starting point for prevention.
When you think about it, you understand that with the cloud, ultimately people will come into your house. So it then becomes, What are people doing inside your house? This is something that Sysdig is very uniquely capable of figuring out because of something that we call “runtime insights.” This basically means that we can tell people what of theirs is actually running in the cloud. Many security teams are overwhelmed by trying to understand a long list of vulnerabilities and determining how to address them. We can reduce some of these lists by 85% to 90% by being able to say, “These are the things that are actually in use—these are the things that matter and what you should be focused on.”
We can also take this a step further and actually correlate risk by looking at activity and user behavior. We do this in a dynamic—not static—way. So, while other platforms may have you scanning every 6 hours or so to understand which people with permissions are in the cloud during this snapshot of time—leading you to observe, “Oh, they look okay right now”—very often this snapshotting may happen only every 6 hours. Unfortunately, regardless of what policy you decide on—6 hours, 3 hours, 12 hours, whatever—as I have told you, attacks can happen in 10 minutes or less.
So, we may find out that in between these snapshots, somebody’s permissions have been escalated and they are now a super admin. You go into your own house, and there’s this room that’s never even been there before, and there’s something dangerous in this room. Our difference is that we can basically see these things happening in real time and help teams to get to the most important threats, identify them quickly, understand all of the related risks, and ultimately resolve them. jb