publive-image

ScySec is committed to serving all of its clients' needs in the arena of risk management, information security, cybersecurity, and information technology. Some of the specific areas the company can assist with include:

  • Cyber Hygiene Assessments
  • Third-Party Risk Management
  • Governance, Risk, and Compliance (HIPPA, NIST, Sarbanes-Oxley, Various Jurisdictional Requirements)
  • Vulnerability Assessments
  • Penetration Testing
  • Business Continuity Planning
  • Disaster Response Planning
  • Risk Assessments
  • Risk Management
  • IT Security
  • Data Security
  • Virtual Chief Information Security Officer Services
  • Data Breach Management
  • Security Awareness Training

An Experienced Leader with Eventful History

Felice Flake is the CEO of SycSec. Her career began in customer service and insurance licensing, where she quickly worked her way up into supervisory and management roles. Under her leadership, the company experienced an astounding increase in productivity recognized by organizational leadership. Another promotion, this time to a corporate training position, allowed Felice to translate her passion for customer service and technical expertise into proprietary software training classes along with professional development training classes. She then worked as a Microsoft instructor for a private training provider where a national telecom client requested her to be the lead instructor for their corporate-wide operating system migration. Afterward, Felice served as Training Manager with Kerzner International, which provided her the opportunity to work with an international team of professionals.

After devoting several years to being a stay at home mom, Felice accepted a position as a Training Specialist with the Florida Army National Guard Distributed Learning Program. Directorate leadership promoted her to the State Program Manager after one year in the Specialist job. The years spent in this role ignited a passion in her for security and built on her experience with information technology. The Florida Army National Guard Distributed Learning Program evolved into a nationally recognized success, and Felice served as a mentor to other state Program Managers.

Felice’s efforts were recognized nationally by leadership in the Washington, D.C., area as she provided state and national level reporting to all levels of command. She was fortunate to be selected as a member of the 2014 National Guard Bureau Training Integration Systems Working Group to revise and rewrite the Functional Requirements Document for the National Distributed Learning Program. During her tenure in the Program Manager position, Felice was asked to serve as the South-eastern U.S. Regional Chairperson, then National Secretary for Distributed Learning Advisory Council (DLAC). She also served in the capacity of Acting National Chairperson of the DLAC Working Group.

Felice is the President of the Tampa Bay Information Systems Security Association (ISSA) Chapter for the 2017-2019 term. She is also a contributing author to the 2016 book, Women in Security. She is a member of the National CyberWatch Center's Curriculum Standards Panel (NCC-CSP) for the Cybersecurity Foundation Series, as well as an invited member of the University of South Florida Cybersecurity Education Advisory Board, the Tampa Military Spouse Economic Empowerment Zone (MSEEZ) Working Group, and the University of South Florida Cybersecurity for Executives Advisory Committee. Being a member of several organizations continues to offer opportunities to Felice to serve and participate in the local and national community.

Robust Industry Collaboration to Deliver Comprehensive Solutions

ScySec is growing and building on its clients through strategic partnerships with attorneys, information technology companies, and security professionals.

In addition to her duties with ScySec, Felice is working as a Chief Information Security Officer for DataCorps Technology Solutions, Inc. DataCorps is a managed services provider (MSP) who places a premium on security and privacy for their clients. Felice believes offering the best solutions to the clients is based on their needs and requirements along with the joint commitment to best practices in both IT managed services, security, and privacy.

“It is important to reach across the hall, so to speak, and work directly with the IT and network teams to find the best solutions. They are on the front line of daily operations, and they can share insights from the network operations and end-user Help Desk teams that can better inform the security plan for each organization,” she mentioned.

Learning Makes You Versed  

In her early career, Felice had a manager who encouraged her to embrace the leadership component of her personality. When she was very young, the manager promoted her into a position over older and somewhat more experienced employees. However, the passion for learning helped Felice gain the acceptance and respect of the team. If her team were on a deadline, she was sitting next to them and working on finalizing project documents, instead of waiting for them to finish on their own. Learning and understanding what it means to be a leader do not mean the person is no longer part of the team and a willingness to work alongside the team goes a long way to strengthening the group itself.

Migrating into the security profession, Felice was incredibly fortunate to work with some of the most experienced and talented information technology professionals. They had tremendous responsibility and managed an extensive network. Ever the learner, and some might say, rabid researcher, she made it her mission to knock the IT team’s door only if every other solution was attempted. It was apparent as there had been people in her department who did not try before to solve problems or challenges but instead took the position of waiting on someone else (the IT team) to solve the problem. Through this process, the hectic IT team learned that if she was standing at their door, she had a good reason to and needed their help. Their support and the strong relationship built with their team remains one of the proudest accomplishments for Felice. There were the male allies that were critical for her to pursue and succeed in a career in security.

According to Felice, the challenges of learning new systems, applications, and hardware are daunting in any position, but in a government and military environment, there are added layers to these tasks. Adhering to the requirements is necessary and being strong enough to understand there will be situations that your position is about holding the team you are working with to the strict requirements of the environment. Thus, she learned to assert herself on behalf of the leadership and so in a manner that while not always the most popular, but it maintained a high level of integrity for the overall organization.

Attributes of an Innovative Leader

On vital attributes, Felice says, “Trust yourself and take risks. Some of the most frightening decisions to risk myself have proven to lead to more success than I could have imagined. Develop or acquire the attribute of strength through humility and remain humble as you achieve and remember to support others as you were supported in your career.” She often refers to herself as a “recovering perfectionist,” and it is the truth. Letting go of perfectionism is one of the challenging but most freeing steps she made in growing her company. Excellence is a much better and realistic attribute to cultivate, encouraging high achievement while also allowing room for the unknown.

Altering Difficulties into Extraordinary Achievements   

Felice feels serving in leadership in security can be daunting, and there are challenges in striking the right balance in being assertive versus aggressive. There are situations where the power dynamic must adjust for the project to be successful, and often, changes are part of an implementation that threatens the internal politics of a group. The commitment to doing the best thing for the project or team must not waiver, even when the power dynamic tests the resolution.

Felice was one of less than five women in her Master’s classes. Demographically, she did not fit the student’s profile, and there were several situations where her skills and experience were underestimated. One of the men was fascinated when he found out Felice was carrying an “A” grade in the course and it helped a great deal to have a sense of humor as he asked, “How do you have such a high grade?” A professor gave a pop quiz in one of the classes, where Felice made the highest score in the exam, as she is the only woman in the room. The professor announced the achievement by saying to the entire course, “She made 100%,” and he was annoyed. There were cultural differences to consider in both of these situations, but they left an impression.

“These situations serve as lessons and reminders to never allow others to define your worth or how much you can accomplish,” Felice said. She encountered other circumstances that are as harmful and demeaning as others have experienced, but it is healthier to put her energy into building ScySec and working hard for the clients.

Offerings That Create Value

ScySec provides the baseline recommendations to clients to look at their current security posture, so the company can assess where they want their companies’ security posture to go. The client may not know where they need to go, so ScySec helps them make that determination based on their products, industry, and regulatory requirements.

The technologies suggested are based upon their industry and what works best with their infrastructure. There are tools on the market that can perform many of the same tasks and services, but the companies may have interoperability issues with a client’s current IT systems and applications.

Felice considers the practice of having senior leadership in an organization being visibly supportive of security plans is essential to the success of security initiatives. The rest of the organization sees senior leaders’ engagement in the process and will more willingly participate in their security role within the organization.

The defense-in-depth model can complement with the zero-trust network modeling — verify then trust. ScySec has been following this model in some manner in the last several years, but being able to speak about the concepts in a more palatable way helps to gain end-user and employee buy-in to updates and changes.

Security-Defined Future

The industry will continue to grow, and there must be increased communication with the business side of organizations on how to solve the skills gap challenges. Some people want to follow the “more technology, fewer security professionals” model, but Felice does not think this is realistic.

She emphasizes, “Security is more than tools and applications – trained security professionals lend themselves to an organizations’ active security program. We need to invite Human Resources professionals to the discussion regarding job descriptions and requirements on open positions. Again, and again, we see ludicrous requirements for entry-level positions in a Security Operations Center (SOC). The cybersecurity and IT leaders need to partner with HR to recalibrate the conversation about how to attract talent while also budgeting for robust training once the employees are on board.”

Words of Wisdom to Budding Leaders

Felice advices emerging leaders to seek out challenges that they are passionate about and learn as much as they can while going through each experience. “Volunteer to serve in security-focused associations like ISSA, ISC2, and ISACA, there are so many great organizations that need volunteers. Also, find a way to volunteer in the community — does a small business need help with their IT or security needs? Share your expertise and knowledge locally to help the local security communities feel like they can ask questions about cybersecurity and privacy and that their presence is welcoming and supportive,” she asserts.