Michelle Drolet: Hard Work Goes a Long Way

The 10 Most Innovative CEOs of the Year 2022

Discipline is an attribute of a successful leader, especially when you are an aspiring entrepreneur embarking upon a solo venture. 21 years ago, Michelle Drolet was driven by a disciplined mind and a heart of service that led to the founding of Towerwall, Inc. With a vision to create unique solution for information security, Michelle entered the security industry with years of industrial experience at her disposal. She was confident about her knowledge and today, Towerwall, Inc. is one of the leading companies in security services. We appreciate her hard work and congratulate her for the success she has achieved over the years. Here’s an exclusive interview with Michelle where she has shares inspiring insights of her success journey.

What were your dreams and aspirations while growing up? What led to the foundation of Towerwall, Inc.?

Growing up in a military family taught me the twin values of service and following the rule of law and order. Earning a degree in Political Science and Criminal Justice put me on the path to get there. A career with the FBI was an early dream of mine – fighting the bad guys.   Instead of hand-to-hand combat I saw what was happening when the PC revolution hit, immediately followed by Trojan viruses and malware. I saw vast opportunity in applying forensics, mitigation and security services to desktops, networks and people, leading to my founding of Towerwall in 1999.  The rest is history.

What were the initial challenges and setbacks that you faced and how did you overcome it?

When I started the company in 1999, I needed an experienced CTO to run the technology and services side. At the time, my husband Larry was the CIO of a biotech firm. I wrote him an offer letter, kind of tongue-in-cheek, but I was serious because I knew Larry would make a great addition to our team.

I put the letter on his pillow and didn’t say a word. I was asking him to quit his job, take a pay cut, and be subordinate to his wife. On top of that, I added, “Some days I won’t be able to pay you because we have to make payroll for employees first.” And that actually came to pass, more times than I care to remember. I tapped him on the back and said, “Hey, you’re not getting paid this month.”

We are fortunate those days are long behind us, but it taught me the importance of resiliency and staying strong in the face of adversity. What truly stuck out was our team of individuals who share our common passion and ideals. Looking back, having my spouse as CTO provided a stalwart technology foundation.

Tell us in brief about the services of Towerwall

We have a built a comprehensive solution set that ranges from setting up a formal information security program plan to company-wide security policies for addressing immediate mitigation, vulnerability management, GRC and incident response, including the option of an onsite a virtual Chief Information Security Officer (vCISO).

As you can see, we don’t take a “one-size-fits-all” approach. Our focus is on the preparedness side of an incident and call upon our partners who specialize in other areas, such as forensics. We offer vulnerability management and penetration testing for networks and applications as well as architectural reviews. We help organizations define what their risk tolerance is. We walk them through a security crisis, then together build security strategies and information security management programs.

A great example is a client came to us to help them answer a security questionnaire from one of their customers.  We did just that, but realized they needed to build a sold cybersecurity foundation.  From an information security program plan including strategy, roles and responsibility, awareness, overarching security policy, plus more. From there we have built their incident response plan and helped classify their data. This year we are conducting a tabletop exercise and building their Secure Development Life Cycle plan (SDLC) as well as a penetration test.  Security is a journey not a destination.

Many of our competitors offer a “check list” mentality when tasked with assessing more than one business operation. Towerwall applies a proven methodology for assessing risk, coupled with extensive experience to provide actionable and repeatable programs. (For example; Incident Response Plan)

Towerwall has worked with scores of companies and municipalities in safeguarding their data and leveraging their investment in IT with advanced information security solutions and services.  By utilizing our time-tested methodologies to provide a consistent, repeatable, and measurable approach to information security. We have found that by working together, we can collectively lower the risk and cost of a data breach.

What is the importance and scope of information security services?

Towerwall has developed what we call our “4E methodology” — Evaluate, Establish, Educate, Enforce. This proven strategy is time-tested, providing a consistent, repeatable, and measurable approach to information security. The process begins by understanding the organization’s risk profile followed by the establishment of a security plan that closes security gaps and aligns policies with regulatory requirements. Our 4E approach is ongoing, ensuring your organization keeps current with known threat vectors and the legal environment by conducting regular security assessments and testing, employee training, remediation services, and performance assessments.

We also help organizations determine where they rate on the maturity capability model. Critical to the success of the program is defining roles and responsibilities in a step-by-step process in order to progress the program forward.

How do you define the growth of the company over the past few years? (Can be explained with statistical data too)

Market research projects the cybersecurity market to reach $260 billion by 2025 and we are well positioned to grow and succeed. We see more business entering our doors from the areas of governance, risk and regulatory compliance (GRC), employee awareness programs using phishing simulators, integrated risk management and vulnerability program management, to name a few. We are also making inroads into the billion-dollar “green rush” legal cannabis market, having quickly adopted clients in this highly regulated space. Other trends we see are program development, policy development with implementation, and incident response plans coupled with table-top exercises.

The evolving corporate culture has enabled employees to become more steadily aware and educated in enforcing security standards and best practices.  Other interesting areas involve running technical assessments such as network and application testing.

An area in which we have seen exponential growth is vendor risk management.  In order to conduct business with their customers and vendors, organizations are now mandated to accurately answer hundreds of information security questionnaires as well as verify compliance. This can create added strain. Towerwall steps in and alleviates the pain.

What is your vision for the company?

We want to serve our customers by helping deploy solid and repeatable processes when building cybersecurity program plans. Towerwall first asks Why and then helps our customers tackle the How, while continuously delivering excellence – never excuses. We respect each other always – there is no I in TEAM.

The rapid growth of the cyber-security industry requires us to continuously innovate, automate and improve our processes to successfully battle against the bad guys. We innovate by providing our customers with bundled security solutions to help move the ball forward faster. We introduce AI and ML, providing our clients with greater insight into critical threat intelligence data.  Towerwall also introduces the 4 E’s methodology and repeatable processes for ongoing cyber security awareness and remediation.

We’re excited about an innovative “Virtual CISO” offering for organizations seeking to fill the gaps within their security team in order to strengthen and mature their security posture. As the name implies, the vCISO fills in for the Chief Information Security Officer as needed. As such, many of our clients have leveraged a Towerwall vCISO with great success.

Towerwall continues to engage closely with our customers in building out robust information security program plans designed to help our clients adhere to regulatory and compliance mandates, while ensuring the continued security of their critical data.

Is the security industry a competitive one? How do you deal with this competition?

Highly competitive. Towerwall often competes and wins against the “big guys” because our team has “a run through the wall” attitude when taking care of our customers.  Our team is highly experienced and versed, having been in the CIO/CISO/ISO role and understand the challenges faced daily.  We have succeeded by taking an applied services role, not competing with the universe of software vendors. We have aligned our service offerings by partnering with the industry’s most recognized brands.

Many of our competitors offer a singular approach by deploying off the shelf solutions. As a comparison, Towerwall brings a holistic, big picture perspective to the table by offering a customized approach to effectively address the needs and requirements of our customers.   In this business, a one-size-fits-all approach only spells disaster.

What drives Towerwall and greatly benefits our clients is our 4E methodology (mentioned above): Evaluate, Establish, Educate, Enforce. Our 4E strategy truly sets us apart and is an important factor in how Towerwall wins against the competitors.

Give us a brief of your life before Towerwall

Before founding Towerwall (formerly ConQwest) in 1993, I ran the US operation of CDG Technologies, growing the IT consulting business exponentially before selling it to a public company.  I stayed with the new company, but grew disenchanted by the direction, so I decided to buy back the company and make it mine! That was my proudest moment in business.

Tell us about your roles and responsibilities as the CEO of Towerwall and how does it make you feel?

Setting the vision and tone. I feel fortunate to lead a team of dedicated professionals with a shared commitment of excellence. Part of our corporate culture is “giving back”.  We continue to run fund raisers for ESL (English as a Second Language) programs. We are active with local food pantries. We sit on local foundations and serve on the board of advisors for MassBay Community College supporting a Cybersecurity Associate Degree.

We have also been involved with the school-to-Career program, the Women’s Independent Network, Young Women and Minorities in Science and Technology, and a girl’s mentorship program.

On a personal level, I have been blessed the past few years in being awarded the 2018 WBJ Woman of the Year; in 2019, the Top 25 Women in Cyber Security from Cyber Defense Magazine, and the Athena award.

What are your greatest achievements?

I’m proud of founding the annual Information Security Summit hosted by MassBay Community College, now in its 8th year.  We have donated nearly $50,000 in “Cyber Scholarships,” enabling young people to pursue promising careers in cyber-security.

Towerwall offers internships to students, helping them traverse all the opportunities available in information security as well as to educate them on the ins and outs of how a business is run.

How do you manage to balance your personal and professional life? Describe yourself in one word and tell us what inspires you?

Our company culture is strongly pro-family with an emphasis on personal and professional life balance. I would say the one word that defines me is “integrity”. Would I have done things differently? No, not really. Everything happens for a reason. If it were easy, everyone would do it. Sometimes I took steps forward, sometimes I went backwards. Sometimes I took steps sideways. I believe in keeping a positive attitude. Never looking at the negative but seeing the positives even in a failure. Because nobody can win all the time, but we always try.

What keeps you and your employees motivated?

We try to create fun in all our endeavors. As an independent, women-owned company, we support diversity and inclusion which helps with recruitment and retention of talent.

We demand excellence and hold each other accountable.  We are all committed to our mission of helping our customers protect themselves from bad actors/cyber criminals.

What does the future of Towerwall look like, globally? How do you plan to widespread the company services?

The bad guys are getting “badder” and we are helping our customers build repeatable processes to protect themselves.  In addition to our corporate headquarters in Massachusetts, we operate throughout North America and Caribbean countries. Our service set continues to evolve and adapt to changing market conditions and the regulatory framework.

We are growing organically as well as through partnerships to better help our customers.  Our run through the wall attitude will take us a long way.

Indeed, Towerwall has come a long way and has a long, glorious journey ahead of them as they continue in the same vision with Michelle. “Work hard, work smart, and be good to yourself”, with this motivating thought, Michelle and her team are geared up for a bright future.