Caroline Wong

Caroline Wong

Caroline Wong

Chief Strategy Officer, Cobalt

Caroline Wong is an infosec community advocate whose career-long obsession with knowledge sharing dates back to her first textbook, Security Metrics: A Beginner’s Guide. Today that obsession is apparent in her hosting duties for the Humans of Infosec podcast, the dozens of security conferences where she speaks each year, her LinkedIn Learning coursework, and her latest published work: The PtaaS Book.

When she isn’t evangelizing Pentest as a Service for the masses or pushing for more women in tech, Caroline focuses on her role as Chief Strategy Officer at Cobalt, a fully remote cybersecurity startup with a mission to modernize traditional pentesting via a SaaS platform coupled with an exclusive community of vetted, highly skilled testers. At Cobalt, Caroline champions a cultural blend of innovation and grit while putting into practice her experience with communications, leadership, and delivering global security programs at scale.

After fleeing the toxic mimosas-in-the-morning grind of Silicon Valley in 2014 Caroline moved to a ranch in Portland, Oregon, where she now lives with her family. She has never looked back.

Presentation Abstract

Caroline Wong - Cutting through the noise: how pentesting as a service can help determine security priorities

Cobalt executives have spent years talking with cybersecurity leaders, learning about their struggles. Time and again, these people ask “is what I’m doing as effective and as efficient as it could be?” They voice frustrations about noise overload, and feelings of being overwhelmed. They believe that traditional security testing contributes to the chaos of daily work. Senior security leaders and CISOs are bombarded with requests that demand their attention, whether it’s a security tool or a team member, the noise can be overwhelming. This session will explore the drivers behind this unfortunate reality, and why Pentest as a Service (PtaaS) has emerged as a solution to overwhelming, ineffective, and inefficient security testing. According to Gartner’s Hype Cycle for Security Operations: Due to the increase in attack surface based on the changes in the use of digital systems, such as new hybrid work, accelerating use of public cloud and expansion of public-facing digital assets, it is imperative for organizations to identify their security vulnerabilities, prioritize and treat them in an even more timely fashion … PtaaS helps to engage in a pentesting exercise to both meet their compliance and risk management objectives. It’s not always apparent how to proceed in a way that increases the effectiveness and efficiency of a security testing program. Join Chief Strategy Officer, Caroline Wong from Cobalt to talk about how your experiences compare to those of industry peers, the real-world strategies that have helped other businesses declutter their security programs, and why PtaaS isn’t just the latest industry buzzword.