Women in IT Security, Cyber veterans

KeyCaliber’s Roselle Safran: Figuring out how to automate the Crown Jewels

Roselle Safran broke into the security industry in 2004 after seeing a job posting for a computer crime investigator position, which entailed computer forensics and internet investigations.

“I had no background in any of that, but the job sounded fascinating,” said Safan during an interview from her home in the nation’s capital. “So I applied and, amazingly enough, I was able to convince the hiring manager that I would learn on the job, and that worked.”

This was at a time before there was even a field known as “cybersecurity,” she noted. She soon earned an end-case computer forensic certification and added a CISSP shortly thereafter. 

Click here for full coverage of the 2022 Women in IT Security.

Safran went down the cybersecurity path after working at the Department of Homeland Security’s Computer Emergency Readiness Team (US-CERT), now part of CISA, leading the malware forensic analysis teams before leading cybersecurity operations for the Obama White House.

Learning from those experiences in the public sector prompted her to switch to the entrepreneurial side to address the gaps she saw.

Fast forward to the summer of 2022, and Safran was pitching the security startup she founded at the Black Hat hacker convention in Las Vegas, where KeyCaliber was among four finalists in the Innovation Spotlight competition. 

KeyCaliber helps firms identify their critical assets — their “Crown Jewels” — by using the customer’s cybersecurity telemetry and KeyCaliber’s machine-learning models to automate the assessment. 

In the cybersecurity field, Safran said having a lot of data doesn’t necessarily lead to better decisions unless there’s context around the data. The challenge, she continued, is turning the data into intelligence.

“That’s why I wanted to focus on this side of essentially creating internal intelligence.”

In a field where women make up about one-quarter of the workforce, according to a workforce study by (ICS)2, Safran encourages women to join the cybersecurity ranks because diversity of thought leads to new approaches and allows people to grow in new ways. 

While the one-quarter figure is up significantly from the 11% of women in the cybersecurity workforce in 2017, more still needs to be done to encourage the talented women and people of color to enter the field, Safran said.

“There’s plenty of opportunity,” she said. “I think that diversity is absolutely essential to have a high-performing team in any industry.” 

In addition to championing diversity in the industry, Safran said there are even fewer women who go on to start their own companies. Coupled with the fact that women-owned firms receive less than 3% of the venture capital funding, Safran said women entrepreneurs have a tall hurdle to clear.

“I probably know most of the women entrepreneurs in cybersecurity because we’re just so few and far between.”

Despite those hurdles, KeyCaliber secured $2.6 million in seed funding from venture capital firms and cybersecurity entrepreneurs, and is an organization that is 50% women on staff with a majority of women on the leadership team.

While KeyCaliber ultimately didn’t win the Innovation Spotlight competition in Las Vegas, Safran said the conversations and connections made at BlackHat was worthwhile.

“As a founder, you’re in hustle mode all day, every day.”

Stephen Weigand

Stephen Weigand is managing editor and production manager for SC Media. He has worked for news media in Washington, D.C., covering military and defense issues, as well as federal IT. He is based in the Seattle area.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.