Vickie Miller serves as CISO at FICO. Her scope of responsibilities includes cyber analytics, governance, risk and compliance, operations and incident response, audit, and privacy. She has 15 years of experience in information security, leading audit, compliance, and security operations as well as incorporating cyber intelligence, threat and vulnerability management into security programs.
How has your life experience made you the leader you are today?
I'm not certain of the overall alchemy, but my family has taught me many lessons that are important for leadership. I'm from a matriarchal tribe of hard-working pragmatists. The women in my family are farmers and ranchers, teachers, and health care professionals. One of my grandmothers was a "Wendy the Welder" in WWII and continued to repair farm implements for her neighbors after the war. These vocations involve resiliency, empathy, and the absolute need for a sense of humor.
How has your previous employment experience aided your tenure at FICO?
Boredom is deadly. I've always worked in fast-paced, high-stress jobs that have created a great foundation for the CISO role where things can suddenly go terribly wrong for hundreds of reasons. Forethought, camaraderie and working towards a shared goal with a noble purpose have been common themes in my life.
What have the highlights and challenges been during your tenure at FICO?
Until very recently, cyber security has been a siloed, technical/IT function that wasn't high on the agenda of the c-suite. Security is now one of the hottest topics in the boardroom, although it has been a challenge getting to this point. Today, there is a technical component that spans the entire organization, and the accountability of the CISO includes governance and reputational risk. Analytics is a new solution to this complex space and not many organizations today use analytics for security. At FICO, with our heritage of analytic science, I get to work with the best scientists and mathematicians in the trade. This has certainly been a highlight.
What advice can you offer to women who are looking for a career in your industry?
First of all, wherever you are in your current path, start researching security careers now! We need more analysts, researchers, testers, defenders, coders, and makers. The SANS Institute is a good place to learn about the different security domains and what skills you need to develop or how to match your existing skills with jobs. Second, bet on yourself. Trust that you know what you're doing and, if you don't, you will figure it out and be successful.
How do you maintain a work/life balance?
My family helps out quite a bit. They understand that I might not make it to all the school programs. And if my travel schedule gets crazy, we use technology to stay in touch.
What do you think is the biggest issue for women in the workplace?
Parental leave and the cost of childcare when a woman returns to work are issues for many. There is a profound difference between parental leave laws in the U.S. and other countries.
How has mentorship made a difference in your professional and personal life?
I've always sought out mentors. Getting good advice is critical, and it's important to have someone who will hold up a mirror for you. My advice is to get a mentor and, just as importantly, be a mentor. Keep in mind that this doesn't have to be a formal or necessarily nurturing relationship. Seek out women who challenge and inspire you.
Which other female leaders do you admire and why?
Dr. Doris Taylor is Director of Regenerative Medicine Research and Director of the Center for Cell and Organ Biotechnology at the Texas Heart Institute in Houston. She has pioneered tissue engineering with adult human stem cells. She is brilliant, tenacious, and a visionary who will be successful in unlocking the ability to engineer entire new organs. When I think of Doris, I think of the Gandhi quote on her desk: "First they ignore you, then they laugh at you, then they fight you, then you win."
What do you want FICO to accomplish in the next year?
I want FICO to continue its bold work in applying analytics to transform the detection of breaches. That would be tremendously satisfying.