Inspirational Woman: Debra Danielson | CTO & SVP Engineering, Digital Guardian

Debra DanielsonAn experienced senior technology engineering executive and advisor, Debra provides the technical vision and strategic direction for product innovation while overseeing engineering strategy for the Digital Guardian Data Protection Platform.

Debra’s roles also oversees the engineering function including product development, quality assurance, and sustaining engineering operations. Debra has held technical, strategic, operational, and managerial leadership roles over her 25+ year career. An expert in acquisition-focused technology evaluation and technical due diligence, prior to joining Digital Guardian, Debra was a Distinguished Engineer and SVP, Merger and Acquisition Strategy at CA Technologies, where she was responsible for identifying opportunities within emerging technologies, markets, and products. Debra led and managed 20 acquisitions totalling in an aggregate $3B+, managed a globally distributed team of more than 500, and provided consultation to executive leaders on advances in technology, engineering strategy, and domain expertise. In 2006, Debra was named a Distinguished Engineer, a role that recognises the highest level of technical expertise with the greater CA Technologies community.

Debra holds 18 patents in IT management and security disciplines and serves on several technical advisory boards. She holds a Bachelor of Arts in economics and applied mathematics from Boston University.

Tell us a bit about yourself, background and your current role

My background and career path are fairly atypical even though my career started in a fairly traditional way: five years as a developer, ten years of development leadership, and five years of strategic technical leadership. Then, I went lateral for a while. I had an elected position as the head of an internal technical think tank for a global 500 ISV. I did a stint as a strategic relationship manager. I ran engineering operations. I spent ten years doing M&A. Today, I am working as the CTO and SVP for Engineering at Digital Guardian. The really cool part of this progression is that for the ten years prior to DG, I was able to create a blueprint for world-class engineering execution by looking at hundreds of tech companies and digging into their engineering processes and organisational tools. I was also able to identify common characteristics in the most successful tech companies, and the commonalities in those that struggled. Ever since, I’ve been applying that blueprint to engineering here at Digital Guardian – moving from theory to practice! As the weight of the old process is lifted and replaced with best practice, it’s been really satisfying to watch the team transform.

Hire adult professionals and then let them do their jobs, that’s my leadership philosophy. I have many different metrics that I use to monitor and manage the health of the organisation. Change in engineering engagement and satisfaction continues to be my favorite metric. The team understands the value of what we do (protecting the intellectual property of companies whose IP is their lifeblood) and how their daily work contributes to our customers’ businesses. They feel respected and heard by management, and they like where they work.

One of the things I learned from my “Ph.D.” in tech diligence was that while nothing beats great talent to get things done; even great talent can get bogged down in bad processes and high levels of un-remediated (and ignored) tech debt. Seeing teams shed resignation and cynicism so that they can return to their greatness is the greatest feeling and keeps me coming into the (now virtual) office every day ready to win the day.

But my passion lies in increasing the participation and impact of women (and other underrepresented communities) in the tech ecosystem. I’ve volunteered at many levels, from Tech Girls Rock (secondary school girls learning to code) to coaching and mentoring tech founders on how to get access to the capital that they need to grow.

I’m currently working with the CEO of an Australian company that builds software to manage electric vehicle charging. I have gravitated towards the top end of the spectrum because, while many people can coach a middle schooler and be a mentor, the number of people that can work with the c-suite is much more limited. I can, so I do.

I also love the energy and the passion of startup CEOs, particularly women start-up CEOs. Working with them is like a double espresso for the day. They energise me and help me see the opportunity in my own sphere.

Did you ever sit down and plan your career?

Not initially. However, I have learned over the years that having a ten-year goal is important. If you don’t know where you’re going, you’re not going to get there. People sometimes err in their career planning by focusing too much on the next step on the ladder. That’s why I like the ten-year goal. If you’re only looking at the next step, you’re limited in the direction you can go. For example, you can’t have your next job as a physician (assuming you haven’t been to medical school). You’re not qualified, and there’s nothing you can do in the short term to get there. But, if that same goal is your ten-year goal, then you know your next step is to apply to med school.

So, pick your ten-year goal, then figure out what’s preventing you from getting it. Your next step(s) should help you fill those gaps. Throughout my career, I’ve taken the less usual roles for just this purpose.

But although planning is good, you shouldn’t allow your plans to prevent you from capitalising on an unanticipated opportunity. I’ve also learned that sometimes it’s just being awake to an opportunity. You can be agile in your goals and change when the goal no longer fits. It’s ok sometimes to just take a weird leap.

Have you faced any career challenges along the way and how did you overcome these?

Oh. Yeah. Sigh.

Early in my career, I turned down an internal “offer” to relocate and take a new job within the company; the alternative I was given was essentially career purgatory. After a few months, I realised that I had made a terrible mistake, but by then the position was gone and I was stuck. I was returned to a growth path through the assistance of a mentor turned sponsor, who looked out for the next opportunity for me (and I said YES to that one).

A sponsor is a really valuable asset for anyone looking to grow their career. The key characteristics of a good sponsor are:

  • Not in your direct management chain (or at least not your manager)
  • Capable of identifying opportunities and influencing the selection for those positions
  • Has direct and personal experience with you and knows your skills and capabilities well enough to stick their neck out or spend political capital for you. (This doesn’t happen overnight, so you can’t expect to try and find a sponsor when the job opens up!)

Don’t forget also that today’s colleagues and peers can become sponsors – as can previous managers and even previous employees.

What has been your biggest career achievement to date?

The transformation of Digital Guardian engineering. When I arrived at DG, the engineering team was running waterfall methodology and was just about to push out their next major delivery date from beta in a month, to beta in six months. The team was pretty demoralised. The customers were losing faith in our ability to deliver, and other teams no longer trusted what we said. It’s been now sixteen months, and we’ve entirely transitioned to Agile, and are well into modernising our toolchain and infrastructure. We’ve constructed an effective quality strategy that’s really showing results. More importantly, the team believes again. They believe in themselves; they believe in the company; they believe in our mission – to protect the world’s most valuable intellectual property. Woo ha!

What one thing do you believe has been a major factor in you achieving success? 

Dogged persistence in solving the problem. I am not faint-hearted. When I hit a roadblock personally, professionally, or organisationally, I’m going to find a path through, over or around, or I’m going to figure out a better destination and go there.

I had a lot of people wonder why I stayed at one company for such a long time, particularly when we struggled in so many prolonged ways. My philosophy of dogged persistence is why I stayed. The struggles allowed me to continue learning and growing and to try new and cool things. Whenever I was stalled in growth and ready to go look elsewhere, a new opportunity emerged that was pretty much exactly what I was looking to do next. So, I just kept doing new and fun things and growing.

What top tips would you give to an individual who is trying to excel in their career in technology?

Ignore the voice that says that you can’t do “it,” that you’re an impostor. That being said, learn your stuff.

Be prepared.

Be fearless.

If you’re a woman, learn how to interrupt. I heard Madeleine Albright speak once about interrupting, and the essence was captured well in this famous quote of hers: “There will be those who perceive you’re [a b*tch]. But you have to interrupt. At a certain stage, you realise it doesn’t matter what they call you. You have to overcome your personal qualms.”

Do you believe there are still barriers for success for women working in tech, if so, how can these barriers be overcome? 

Of course, there are barriers. Just look at the numbers. Why aren’t men and women equally represented in tech at all levels of the organisation? Either you buy that women just aren’t as smart or aren’t capable of doing tech work, or you believe that women just don’t want good jobs with great pay that are meaningful and powerful; or you are resigned to the fact that there are headwinds that women face (and by the way, women aren’t the only underrepresented community facing headwinds in tech).

The challenge here is that there isn’t a single thing to “fix”, and all will be well. My experience has been a patchwork of things, each of which is “no big deal”. Altogether, it’s a big deal.   Here’s a sampling of some of them:

I’d love to see some research on what happens to the women who do apply with only 60% of the qualifications met. My intuition says that they wouldn’t fare well. Women are smart. We don’t do irrational things. We’re not driven by timidity or lack of confidence. We optimise our outcomes. It’s time to stop putting the onus on women to change a system by being more “confident”, while the system itself biases against assertive women.

Women are penalised for leadership success unless they exhibit mitigating “communal” behaviours e.g. nurture the organisation. This is the problem of "likability", where women who are not assertive and fit the gender stereotype of a woman as being gentle and caring are liked more, but not considered as leadership material. On the other hand, women who display traditional "masculine" qualities such as assertiveness, forcefulness, and ambition are labeled as "bitchy", unfeminine, and aggressive, and are hence generally disliked. In both cases, women are then less likely to be promoted than a man. Men do not face the same problem, because the traits that are considered "bossy" in a woman are considered leadership qualities in a man.

I remember a call with CA Board Members, Laura Unger, and Kay Koplovitz, where they discussed their personal (and recent) experiences at the board level with this phenomenon. At the time, I was shocked that they didn’t call their male peers out when it happened, and when asked, they answered that the most important thing was that the idea was heard.

They’re only penalised for negotiating for themselves, not for others, or “the team.”

  • Women are still paid less. Promoted less. Hired less.

I could keep going on this. The research out there is massive, and frankly, sometimes overwhelming. It’s hard to carry both the weight of the job and the weight of damaging the chances of other women if you fail. We aren’t there until we stop using “woman” as an adjective in business. I’m not a “woman” CTO.  I’m a CTO. Not a “woman” distinguished engineer. I’m a distinguished engineer. I’m not a “woman” in tech. I’m in tech.

What do you think companies can do to support and progress the careers of women working in technology?

First, if you use the term meritocracy, stop and take a hard look at your numbers. We all have biases, and these societal gender roles are deeply, deeply ingrained into all of us. It’s not just men that discriminate (consciously or unconsciously) against women. Women do it too.

Create a framework identifying established biases backed by empirical science. Shine a light on them so that when subtle (or not so subtle) bias behaviour is exhibited it can be called out.   Enroll men in the calling out process too. Some of the greatest proponents for increasing the participation and success of women in tech have been men. Fathers can be deeply committed allies, as they work to ensure that their daughters get a fair shot at the success they’ve had.

Think about how you change the system to balance the bias. Be really clear that this isn’t giving a “leg up” to a less deserving woman (to the disadvantage of a man), but it is a way to level the field and flatten the “leg down”.

And… stop thinking that there’s something wrong with women that have to be fixed. I cannot tell you how many times I’ve heard that we need to “teach” women how to negotiate, how to speak up/interrupt, how to get a seat at the table, how to ask for the promotion, how to be more assertive, …we behave the way we do because it’s optimal to act this way within the system.  If you have a system that penalises women for negotiating, then don’t try and tell them that they’re underpaid because they didn’t negotiate.

There is currently only 15% of women working in tech if you could wave a magic wand, what is the one thing you would do to accelerate the pace of change for women in the industry?

I’d magically change the distribution of Fortune 500 CEOs and top 100 Venture Capital Firms’ partners to reflect the community. If we can change the image of leadership in tech, then we have a good chance to change the culture – or at least make it explicit.  Digital Guardian has 75% women in the c-suite. We’ve got Strategy/Marketing, Technology, and Finance.   

What resources do you recommend for women working in tech?

I’ve been coaching, mentoring, and guiding women in the industry by supporting and participating in some really great organisations dedicated to leveling the playing field for women in tech, including Springboard Enterprises, Tech Girls Rock, WITI (Women in Technology International), and the Anita Borg Institute. Digital Guardian is also a big supporter of Boston’s STEM program.

I also love Amy Cuddy’s TED Talk “Your body language may shape who you are”.

If you haven’t had a chance to go to the Grace Hopper Celebration of Women in Computing, this is your year. It’s gone virtual. But do try and make it in person sometime. The impact of 26,000 (mostly) women in tech in one place is an experience. I really recommend that men attend too. The technical sessions are outstanding, but it’s even more valuable to experience being the only one in the room.


WeAreTechWomen has a back catalogue of thousands of Inspirational Woman interviews, including Professor Sue Black OBE, Debbie Forster MBE, Jacqueline de Rojas CBE, Dr Anne-Marie Imafidon MBE and many more. You can read about all our amazing women here


Chief Risk Officer, risk in business, risk management

Don't risk it - the emerging role of the Chief Risk Officer

Chief Risk Officer, risk in business, risk management

By Jan van Vliet, EMEA VP and GM at Digital Guardian

Today organisations are faced with a record number of internal and external threats.

From malicious hackers to disgruntled employees, businesses need to be prepared and their systems fortified against anyone who might want to attack them. To address this challenge business are turning to an emerging role, the Chief Risk Officer (CRO); an executive-level employee tasked with identifying as many of these ‘risks’ as possible and putting processes in place to mitigate their potential impact.

So what exactly is this new role, and how do you know if your business requires a CRO?

The role of a CRO

As a c-suite executive a CRO is responsible for identifying, analysing and mitigating any and all risks, from cyber threats and fraud prevention to auditing and regulatory compliance, that could negatively impact the business.

An important part of protecting against all threats is having the right procedures in place. A large part of a CRO’s role is to monitor existing internal and external business procedures that may expose the business to risk. For example, if the business collects sensitive data from its customers it is the CRO’s responsibility to ensure every aspect of that process has been assessed from a risk perspective to make sure that data remains confidential at all times. This also includes the due diligence of any partners or third parties that are also involved, as well as the business’ own systems.

Another consideration for CROs is the physical risks that employees could be exposed to. For example, if an employee is required to travel to, or work in a hazardous environment the CRO must ensure the correct policies and procedures are in place to keep them safe.

With new risks emerging every day, the role of the CRO is undoubtedly a challenging one. However, many businesses now rightly see risk management as an intrinsic part of operations, which is why it’s becoming increasingly common to see a CRO at the executive table.

Choosing between a CRO and a Risk Committee

It is common practise for modern businesses to choose between employing a dedicated CRO or installing a wider committee that oversees risk as a group.

Having a CRO at the executive table sends a clear message both internally and externally that the business is serious about risk management. It also centralises all risk-based activity through a single executive, therefore eliminating any confusion and creating a single point of contact.

On the other hand, if organisations aren’t careful, the scope of responsibility involved can easily overwhelm even the most capable executive, turning them into a bottleneck and severely impacting their ability to do the job effectively.

A Risk Committee takes the same responsibilities of a CRO but spreads them out over a group of senior employees who then work together. This spreads the workload and provides an opportunity for executives from across the business to collaborate closely.

However, the additional coordination necessary, and without a clear leader, it can lead to a fragmented approach and often company politics get involved.

It doesn’t have not one or the other - many businesses opt for a blend of the two to get the best of both, with a CRO heading up the efforts of a larger Risk Committee.

What to look for when hiring a CRO

A successful CRO candidate should demonstrate several specific skillsets. First and foremost, they need the analytical skills, quantification skills and requisite expertise to identify and assess risks, then combat them effectively. This is vital – they simply cannot perform the job without these skills.

People and leadership skills also need to be outstanding. A major part of a CRO’s role is to properly educate employees and key stakeholders, while also facilitating communication between different groups across the business, so these skills will be essential.

A CRO is still a technical role and so a detailed knowledge of technology, networks and systems has also become a key requirement, especially with so much organisational risk now associated with online activity and e-commerce.

Finally, ideal candidates should possess a postgraduate degree (preferably in business administration) and have at least two decades of experience in economics, science, law, or accountancy.

The questions businesses should now be asking are: is its risk being managed properly and does it need to consider hiring a CRO?

Jan van Vliet, EMEA VP and GM Digital GuardianAbout the author

Jan van Vliet is Vice President and General Manager, EMEA at Digital Guardian

Jan is a seasoned senior executive with a proven track record of success in both emerging and mature markets. He is responsible for expanding Digital Guardian’s business and market share throughout EMEA, driving strategy and overseeing operations in both regions.

Jan holds a Bachelor and Master of Science degree in Computer Science from the Delft University of Technology. Currently Jan is shareholder and serves on the advisory board of Nochii Online Marketing B.V., an online marketing company in the Netherlands.