You are currently viewing Small Business Strength: Helen Hazer Thomas’ Path to Cybersecurity Awareness and Empowerment
Helen Hazer Thomas | Director of Governance | Risk and Compliance at Digital Beachhead

Small Business Strength: Helen Hazer Thomas’ Path to Cybersecurity Awareness and Empowerment

Today’s digital landscape is a sprawling web of interconnected devices and data flows. Every keystroke, every transaction, and every piece of data is constantly vulnerable to a barrage of cyberattacks. Therefore, safeguarding sensitive information and maintaining regulatory compliance is crucial for businesses of all sizes. However, the responsibility doesn’t fall solely on technical teams. Leaders play a critical role in fostering a culture of cybersecurity awareness and prioritizing data protection across the organization.

This is where a pioneering individual like Helen Hazer Thomas steps in, bridging the gap between technical expertise and organizational leadership. After twelve years as a senior electrical engineer, designing software and hardware for continuous monitoring systems, Helen made a pivotal career shift to join cybersecurity.

Driven by a passion to combat cyber threats and assisting companies in navigating compliance requirements, she now serves as the Director of Governance, Risk and Compliance at Digital Beachhead. Through her efforts, she ensures that businesses meet regulatory standards and empowers them to proactively defend against cyber threats.

With a robust educational background, including a Master of Science in Electrical Engineering, a master’s in Management Information Systems, and an MBA from UNLV, Helen brings a wealth of expertise to her role. Beyond her professional pursuits, she finds solace in leisurely rounds of golf and exploring new destinations.

Helen’s fluency in French and Persian, along with her proficiency in Spanish, reflects her global perspective and ability to connect with diverse audiences. At Digital Beachhead, she leads the charge of providing cyber compliance audits, policy development and cyber awareness training, ensuring that organizations are equipped to navigate emerging cybersecurity issues with confidence.

Empowered by Education

Helen’s journey into cybersecurity began during the rigors of pursuing a dual MBA/MIS degree while managing her small business. Immersed in academia, she seized every opportunity to glean insights from industry experts who graced her classrooms. It was during her MIS program that she stumbled upon the National Cyber League (NCL) competition—a challenging arena facilitated by Cyber Skyline. “Participating in NCL was an invaluable experience,” Helen reflects, “it allowed me to refine my cybersecurity skills, from pen-testing to Open-Source Intelligence (OSINT), in a simulated real-world environment.”

Post-graduation, Helen embarked on a mission to bolster her expertise further, and enrolled in additional graduate courses encompassing computer forensics, data management and app development. Her tenacity led her to craft a retirement calculator app using Swift, showcasing her burgeoning skills. However, despite her qualifications, entry-level job opportunities in cybersecurity remained elusive due to the prerequisite of field experience.

Undeterred, Helen stumbled upon a lifeline on LinkedIn—a 10-month remote cybersecurity boot camp offered by UNLV in collaboration with ThriveDX.

She notes, “The boot camp bridged the experience gap with seasoned instructors offering invaluable industry insights and networking opportunities.” Early in the program, she crossed paths with Mike Crandall, CEO of Digital Beachhead, who extended her an internship offer. This serendipitous encounter laid the foundation for her subsequent role as a cybersecurity analyst, a position she continues to excel in today.

Guided by Mentorship

Guided by mentors like Professor Greg Moody from UNLV and Mike Crandall, Helen navigated the labyrinthine realm of cybersecurity with untiring resolve. She acknowledges, “Their guidance was instrumental but none of it would have been possible without the firm support of my husband, Johnny.” Helen’s journey stands as a reflection of the adage that success isn’t merely a solitary pursuit but a collaborative effort fueled by perseverance and staunch support.

Today, as the Director of GRC at Digital Beachhead, Helen leverages her expertise to assist clients in navigating the complex landscape of cybersecurity. From risk management to CMMC compliance, her team provides tailored solutions that prioritize each client’s unique needs and budgetary constraints.

Empowering Against Digital Threats

The increase in cybersecurity incidents and ransomware made me want to learn more about ways to protect ourselves,” reflects Helen, echoing the sentiments of many amidst the rising tide of digital threats. Motivated by a sense of duty, she eagerly entered the fray against cyber-attacks and recognized the pervasive impact they have on individuals as well as organizations alike.

With cyberattacks affecting virtually everyone in some capacity, Helen acknowledges the pressing need for skilled cybersecurity professionals. The Cyber Seek site underscores this demand by revealing a stark talent gap where job openings outnumber qualified candidates. This revelation stresses the vital importance of continuous education in the field, a commitment Helen upholds in accordance with Phi Kappa Phi’s ethos—Let the love of learning rule humanity.

Staying abreast of new tools and technologies is imperative to thwart potential threats effectively in the cybersecurity realm. Helen’s journey exemplifies the proactive approach required to safeguard digital assets in an increasingly perilous cyber terrain.

Small Business, Big Risks

Helen confronts some of her most challenging projects when small businesses seek assistance following a breach or unusual incident. She shares that it’s difficult to witness their reaction, knowing that with basic cybersecurity practices, the incident could have been prevented further potentially saving their business.

Lamentably, many small businesses underestimate their susceptibility to cyber threats, leaving them ill-prepared for malicious attacks. Helen emphasizes the importance of implementing security awareness and education to thwart cybercriminals. Without proactive measures in place, businesses inadvertently facilitate the work of threat actors.

Recognizing the limitations of reactive measures, Helen and her team focus on enhancing the cybersecurity posture of small businesses. By considering their budget constraints and risk factors, they tailor solutions to fortify defenses and recommend actionable plans. Additionally, they collaborate with clients to develop robust incident response strategies, enabling swift recovery and resilience in the face of future threats.

The Tech Savvy Guardian

Drawing from her electrical engineering career, Helen possesses an adeptness with software and hardware that accelerates her grasp of cybersecurity tools. While not all cybersecurity domains demand coding expertise, Helen finds her object-oriented programming knowledge invaluable.

Coupled with her MIS and business acumen, she navigates project management, data handling, and risk mitigation with finesse. From secure user interfaces to application development, Helen’s multifaceted skill set equips her to tackle diverse challenges in the cybersecurity domain.

Adapting to Regulatory Changes

It is critical to keep up to date with changes in rules and regulations, from domestic ones like HIPPA and CMMC to global ones like GDRP,” Helen advises. Understanding each client’s unique circumstances is crucial for crafting cost-effective compliance strategies tailored to their needs.

However, constraints such as time, budget, or technological limitations often pose challenges. “Small businesses face a scarcity of cybersecurity tools customized to their scale,” she highlights the need for innovative solutions. Helen and her team employ creative approaches to navigate these obstacles ensuring small businesses meet their compliance obligations efficiently.

Strength in Adversity

In my journey through electrical engineering and Management Information Systems, I’ve encountered few women,” reflects Helen. Despite predominantly male-dominated work environments, she remains undeterred. “I’m used to it,” she acknowledges, drawing strength from her father’s wisdom to believe in herself and silence doubts from others.

Amidst challenges, Helen maintains composure, guided by her father’s advice to navigate obstacles methodically. Her resilience and firm self-belief propel her forward, proving her capabilities in every endeavor.

It Starts at the Top

Stressing the vital role of leadership commitment, Helen asserts, “The stakeholders and executives must be on board to improve cybersecurity posture.” In today’s landscape, where cyber threats loom large, mitigating risks is imperative for organizational survival. Convincing decision-makers of the importance of allocating resources to cybersecurity is principal.

It starts with security awareness training,” she emphasizes, citing it as a cost-effective yet powerful measure. With leadership buy-in and strategic investment, organizations can fortify their defenses against evolving cyber threats safeguarding their operations and reputation in an increasingly digital world.

Preventing Breaches

Cybersecurity must be integral to product development,” insists Helen, accentuating proactive measures over-reactive fixes. The rush to market and budget constraints often sideline security considerations further risking user data. Thorough third-party pen-testing is essential to preempt vulnerabilities pre-launch.

On the other hand, emerging technologies like quantum computing necessitate continual adaptation of encryption methods for robust security. By embedding cybersecurity into every stage of development and staying abreast of technological advancements, organizations can safeguard against evolving threats and protect both their products and users.

Empathy and Expertise

Helen starts with, “Some of our clients are very small companies with large responsibilities. As a small business owner, I understand the challenges our clients face.” She acknowledges the myriad responsibilities they juggle. From accounting to sales, product development, and marketing, the burden can be overwhelming.

Drawing from her own experiences, Helen lends a compassionate ear to client concerns, even when they struggle to articulate them. This empathetic approach fosters trust and enables her to provide tailored solutions that address each client’s unique needs. In the unfolding panorama of small business ownership, Helen’s understanding and support are invaluable resources for her clients’ success.

AI’s Double-Edged Sword

Highlighting AI’s potential to revolutionize threat detection and prevention, Helen asserts, “AI will play a great role in cybersecurity by improving threat detection tools that are proactive in alerting and preventing attacks.” With its capacity to analyze vast amounts of data and pinpoint anomalies, AI-driven tools offer proactive defense against cyberattacks, mitigating risks at an early stage. Yet, she cautions that threat actors also harness AI for nefarious purposes posing new dangers such as deep fakes and sophisticated phishing campaigns.

Concerned by the underrepresentation of women in cybersecurity, Helen is committed to fostering diversity in the field. Teaching cybersecurity alongside Mike at various universities, she endeavors to inspire and empower the next generation of professionals, particularly women. At Digital Beachhead, internships are offered to students, providing valuable experience and paving the way for future employment opportunities.

Helen’s dedication to cultivating a diverse and skilled workforce accentuates her vision for a more inclusive and resilient cybersecurity landscape.

Investing in Your Cyber Future

For some—it’s a four-year degree, for others—it’s a boot camp, for me—it was a combination of both,” explains Helen, emphasizing the diverse paths into cybersecurity. Acquiring a solid foundation in cybersecurity fundamentals is key, enabling individuals to discern their niche within the field. “Investing in yourself will pay for itself,” she advises, highlighting the value of continuous learning and certification, with CompTIA Security+ as a pivotal starting point.

Persistence is key in navigating the competitive job market, Helen underscores. Entry-level roles like internships or help desk positions offer invaluable experience, paving the way for career advancement. She stresses that networking is essential to advocating for active participation in professional associations like ISSA and engagement with peers via platforms like LinkedIn.

Furthermore, Helen encourages women to seek mentorship and support through women-centric associations such as WSC and WiCyS. “Connecting with other women in the field can be empowering,” she affirms highlighting the importance of camaraderie and inspiration in forging a successful career in cybersecurity.