Network Security

New Gula Tech Foundation pledges to award millions in grants to cyber nonprofits

Left, Gula Tech Adventures CEO Ron Gula and right, GTA Managing Director Cyndi Gula.

Cybersecurity investment firm Gula Tech Adventures (GTA) has launched a new foundation that will give nonprofit cyber organizations a much-needed financial boost by awarding $1 million in competitive grants several times per year.

For its first round of grants, the Gula Tech Foundation will seek to reward diversity efforts by awarding $500,000, $300,000 and $200,000, respectively, to three nonprofits aimed at increasing African-American engagement in cybersecurity. Future grants will go to nonprofits specializing in other areas such as workforce development, technology, education and policy.

The Columbia, Maryland-based foundation is the brainchild of GTA President Ron Gula, the former CEO and co-founder of cybersecurity company Tenable, and GTA Managing Director Cyndi Gula, formerly vice president of operations at Tenable. The Gulas have assembled a diverse advisory board composed of 29 cyber thought leaders and nonprofit experts who will evaluate grant applications and select the winners.

The application period for the first series of grants is Jan. 4-27, 2021.  The investors invite nonprofit programs that focus on education, training, scholarships, mentorship and professional development of African Americans in cybersecurity to complete a grant request.

In an interview with SC Media, Ron and Cyndi Gula detailed their new foundation’s objectives, and explained why they believe cybersecurity nonprofits have long been overlooked for funding, despite playing a key role in creating a more secure world.

The Gulas have also advocated for the rebranding of cybersecurity as “data care.” An October company blog post by GTA argues that the term cybersecurity "does not invoke the personal sense of responsibility necessary, nor is it as inviting to the majority of the public including minorities, women and young adults who might not seek a career in this field due to lack of exposure of what the term means." But the concept of data care is more relatable to the general public, the post claims.

What is Gula Tech Foundation’s mission?

Ron Gula (RG): It's the same mission statement as Gula Tech Adventures. We're investing in people and technology to defend the nation in cyberspace. Except… it's not really an investment, it's a grant.

Cyndi Gula (CG): We understand cybersecurity as a field is relatively new… so cybersecurity nonprofits are also new. And we're trying to amplify their work.

Your first grant focuses on cybersecurity diversity by targeting non-profits that seek to increase African-Americans’ engagement in cybersecurity. What inspired you to choose this as your first theme?

RG: We just wish there were more African Americans involved in cybersecurity. We think there's a lot of other minorities who could get involved with cybersecurity… it's a good time to get people involved, to get them thinking about joining this career field.

CG: One of the big things I get asked as a woman in cybersecurity is: How do we get more women? And [the answer is]: being directly asked to come in, and to be invited into the organization, or into the community. So if we start pushing “data care” and engage the public, targeting and specifically working with nonprofits that get more African American participation in cybersecurity, that's a great win.

We want to be very direct about the amplification that we do, so that we can get more people invited into the industry. And again, how do you do that? You do it in all different ways. You do it with workforce development, you do it with enterprise conversations.

You’ve hinted at some of the future themes your grants may focus on, including workforce development, education and policy. What strategic thinking was behind some of the themes that you've chosen?

RG: We found that cybersecurity nonprofits are in many ways parallel to cybersecurity venture investing. There's a lot of different verticals, there's a lot of different problems being solved, there's a lot of different stages of nonprofit.

We've done a lot of work already with think tanks, people who are working on policy. We've done a lot of work with election security, both on the campaign side and on the actual election security side. Cyndi and I have done work with veterans… And we found that there's a lot of different folks out there who need help. And it's not just financial help – it's elevating their message and what they're doing. So we want to leverage our Grant Advisory Board to help come up with these new types of endeavors, these “processes” that we're calling them.

You're going to see more focus on the bigger problems: education, getting more diversity. [The next grant] might be more for women. Maybe there are cyber nonprofits that target the elderly. We want to be able to go from process to process and really attack it, and understand it and expose it.

CG: Even targeting regional [non-profits] would be beneficial because… one, we want to get more workforce in general; two, we want to expose the great work that nonprofits are doing; but three, we want people who are currently engaged in the cyber domain to work with these nonprofits… that are closer to them.

You beieve that cybersecurity nonprofits have been left behind when it comes to funding. Why?

RG: Right now, the nation has such an epidemic on its hands. A lot of folks… are out of work… There's been a lack of funding. And then when you look at all of the different nonprofits that are out there: Cyber, including the cyber nonprofits, has taken a step back when it comes to health care. The nation is struggling right now, so we want to be able to not only highlight some of these solutions and these products out there, but also see if we can fund them. 

CG: And engaging the public. I think with a lot of students going online and people working from home, [there’s a] heightened awareness of the need for cyber but… no knowledge of how and what that actually means. That timing is good for propping up and helping places who are trying to give that information to people and get them access.

I think the public does not even understand what cybersecurity means, but they understood when they had their children Zoom bombed that the internet really does need to have some security. And unfortunately, until something bad happens that gets the public's attention, it’s hard to get them to be concerned with security. So now we have the attention.

RG: And we are not going to invest our way out of [cybersecurity risk] just by investing in technology. We are not going to get out of this just by having great policy in the U.S. government. We really need this third leg of the nonprofits... I think if you have [only] great policy and great enterprise tech, you're going to have a whole class of people left out of cybersecurity. So this is why I think now is such a good time to want to start something like this.

What qualities are you looking for in the nonprofits?

RG: We want to approach these nonprofits the same way we approach our cybersecurity investments: What impact are you having? And a lot of times with a nonprofit you get this stereotypical view that they’re just going to raise money and spend it, and the next year they’re going to raise more money.

And you'd be surprised how many nonprofits we meet who don't have the KPIs of what success looks like. How do you measure the results of what you're doing? So we want this to be a very competitive process, but we basically want to get the ones funded who are the most impactful no matter what topic we're attacking.

What do you hope that the grant money will do for its recipients?

RG: A million dollars could be split up [in various ways.] But that is enough money to get somebody who's had some impact to the next level.

So, what's the next level for a mentor association? Or what's the next level for somebody who teaches African-American veterans? It’s going to be a little bit different for everyone. But what we realized is: There really was a lack of grant funding for folks who are at this crossroads. If this was venture capital, this would be like a Series A.

What we're hoping is that these are not perpetual endowments. These are one and done. We're hoping that those people are going to then go to that next level, perhaps then qualify for money from the federal government. You'd be surprised how many people get money from the DHS, from different types of programs out there. But they need to show some traction. We're hoping that we can give folks the ability to hire some folks, make a difference and take their career to the next level. It's going to be unique for every company out there though.

And our advisory board [will] help us navigate why [a particular nonprofit] is important or what we think that mission impact is going to be. I'm really looking forward to having this exact debate with the advisory board, because it's going to help expose more of what that mission means and really help define what we all think is important and will actually push and make a difference in this industry.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.