Presented by Revolution Growth VP Ashley Larson and joined by WilmerHale Partner Stephanie Evans.
Ashley: Thanks for joining us here on Uniting Women in Cyber Podcast. I'm Ashley Larson from Revolution. We're here to talk with one of the featured guests of the Uniting Women in Cyber Symposium, happening March 29th, 2018, at Valo Park. Joining us today is Stephanie Evans, Partner at WilmerHale. We're going to ask Stephanie about her work with WilmerHale and what she'll be talking about at the conference.
Before we get into our conversation with Stephanie, a reminder that the first-ever Uniting Women in Cyber Symposium starts at 12:30 p.m. on March 29th at Valo Park. You can register online at unitingwomenincyber.com. Please join us for this event that brings experts from around the country in cybersecurity, policy, development, business analysis and so much more, together for talks, presentations, and demonstrations. And one such expert is Stephanie from WilmerHale. Thank you for joining us today.
Stephanie: Thank you. Glad to be here.
Ashley: I have to tell you that just reading your bio makes me feel a little sleep deprived. It says that you are both an attorney as well as a former investment banker, so you must be tough as nails. Tell us more about the path that your career has taken and how you found your way into cybersecurity.
Stephanie: Sure. Well, I've been an attorney for over 20 years, believe it or not.
It flies by, and it's been a lot of fun. I've always been doing corporate work. An opportunity arose for me to go to Deutsche Bank and do more investment banking. I remember, at the time, one of my mentors said, "This is a great opportunity for you to learn the business side of what you're doing, instead of just the legal side." With that in mind, I did that for a couple of years in the Technology Investment Banking Group. It was great experience; it was really getting to understand companies and executives, and business plans and technology. I think that background has really helped me as an attorney. Now, I work with companies of all sizes in lots of different industries.
But there's been more of a focus, especially recently, on technology companies and emerging growth companies. And it's super exciting to see entrepreneurs who start off and have some great technology and some great ideas. They put it together. I help them do all of that from a legal perspective, but I think because I had the business perspective, I get to share with them my insights and what I've seen. It's been nice seeing the evolution of my legal career and my business career. There have been more and more companies recently who are targeting cyber. It's been great to learn more and more about what they're doing with their technology. And as you know, it's super exciting cutting-edge technologies that are going to solve real-world problems.
Ashley: Right. And what was it about the cybersecurity industry that piqued your interest and made you shift to this path?
Stephanie: I think it really has to do with who you encounter and who you surround yourself with. For instance, our firm has a very big focus on technology companies. We'll do work with the various universities, for instance, so I'm around technology a lot. I think because of that, I started meeting other people in the industry. Specifically with this event, I've met some great women who are in the technology area, but not only that, they're in cyber within the technology area. I've gotten to know them, help them and learn a lot about the issues in their industry, which is really exciting.
Ashley: One of the really exciting things about the conference is that it's bringing together women from across the ecosystem. Why is that so important to do? And in your opinion, what are the biggest issues facing women today who are trying to rise in the corporate ladder?
Stephanie: That's a really good question because I think that a lot of women just don't know how to go about doing and accomplishing what we want. To your point about the ecosystem, having all facets covered is really important. If I'm an attorney, for instance, but if I then talk to somebody who is on the business side, maybe I have a contact and I can help. I think it's really important for women to go to these symposiums or events where you obviously network, right? You'll network with a lot of fantastic, fascinating women. But I think you'll also find that you can be helpful to them and they can be helpful to you.
Ashley: That's great to hear. That's exactly the type of speakers and folks that we want onboard with us for this symposium. Switching gears a little bit, you have a really unique view of the local M&A market, as well as the financing market, IPO markets, etc. Do you think that we're starting to build momentum for some large, upcoming exits? As an example, PhishMe closed earlier this month and was sold at around $400 million enterprise value, which was the largest cybersecurity exit we've seen in the DMV area since 2013. Zscaler, another local company, is pricing today and is expected to command a market cap of around $1.5 billion. Is this a trend and should we think more good things are to come?
Stephanie: I hope so, right? It definitely does seem like there's more momentum and attention to these types of great companies. The PhishMe example is a good one: starting off as a private company, kind of growing, and then getting acquired and now being part of a bigger platform. I think that we are going to see a lot of the larger companies thinking about, "What are all these great smaller technology companies focused on cyber? How can they help me? How can they help the platform?" Given where we are in the D.C. metro area, it just seems like there's so many great companies that have the government experience, commercial experience, or the technology experience that I do think, hopefully, we'll continue to see more and more of, either on the M&A side or even on the financing side. We were talking earlier about how there's a lot of great emerging growth companies that are getting financed and that are providing them with the capital to grow their business. And I think that we're going to see more and more of that.
Ashley: That's great to hear. Given that your experience is pretty broad within technology, are there elements to companies that you're working within cybersecurity that require certain differences or changes in either the drafting process or the negotiation process? What are specific things that, if I'm a cybersecurity CEO and I'm looking at potentially exiting my company, I should be thinking about?
Stephanie: I would say, from a legal perspective, everybody is focused on cybersecurity diligence. And a lot of times, companies don't really understand how specialized that can be, as well as how in depth that can be. Almost every single buyer that's out there, for instance, will be focused on PII, Personally Identifiable Information. They're going to want to know, "Well, have you been hacked? How are you protecting your data?" And so I think that, particularly, if you're talking to and thinking about a cybersecurity company, it's almost like you have to be the gold star, right?
Stephanie: I think just making sure that your products are great, your services are great, but also your internal housekeeping, is great. There's a lot that goes into it, but I think more and more, companies that are recognizing that cyber is part of the checklist in terms of all of their diligence and what they need to do.
Ashley: Interesting. With this event being in Washington, we're going to have some great folks from the policy arena joining us. And I'm guessing there's going to be a lot of discussion on why there are differing opinions on what is or isn't effective from a strategy, policy, and tech perspective. What are your thoughts around that?
Stephanie: You're so right; we live in this unique area that brings together all of the various kind of groups. I think that there's going to have to be cooperation and active dialog in terms of what the issues are, how we attack them, and what makes sense. Trying to just have one group go off and do what they think might be the best, without coordination with others, will make things more difficult.
We might see info sharing to a certain degree in certain industries. For instance, financial institutions are very, obviously, focused on cyber and data breaches. I think that having trade organizations or having groups where they go around and they say, "Hey, you know what? We're seeing this. We're seeing this. What can we do to coalesce and say, 'Hey, what about this, here's proposed solution, does it make sense?'" And really engaging with the governments, such as the local government, the state government, the federal government, whatever it is. It can manifest itself in different ways, such as having laws that are imposed. A lot of people are seeing the EU, right? They're very, very strict on data protection. Having that coordination across various constituencies, I think, is important.
Ashley: Right. One question that I've been thinking about a lot is whether the industry has developed in ways that are naturally siloed. For example, a lot of the folks who come out and start and found these companies come from governmental organizations like the NSA or the CIA. They're trained to be naturally siloed and private with a lot of their information and to only rely on the utmost trusted parties, rather than kind of broad, cross-functional collaboration with folks who may be slightly competitive or folks that are in tangential sectors. Do you think that plays a role at all?
Stephanie: Yeah. That's a very good point, right? I mean, you've got the specific individuals and their backgrounds, right? If they come from government, for instance, how they're going to view things: "Oh, well, I think it's important for us to make sure that we have proper regulation, for instance, or proper ways of cooperation. But at the same time, I don't want to reveal my crown jewels or my secret sauce."
Stephanie: So there is that dynamic as well, you're absolutely right. You have to consider all aspects of what we're trying to solve.
Ashley: So lastly, as we're wrapping up here, what are you most looking forward to seeing or doing when you're at the Uniting Women in Cyber discussions?
Stephanie: I'm super excited about it. It's just a great opportunity to bring all of these fantastic women to this event. I actually am involved. I'm on the board of "STEM for HER," which is a local organization. And I just love seeing the enthusiasm of women and girls and getting us out there and really being able to be in an environment where we're just supporting each other. It's just very energetic. I'm just so delighted to be a part of it.
Ashley: Well, your energy is infectious. Where can we find you on Twitter?
Stephanie: My firm's Twitter is @wilmerhale. Ashley: Perfect. Well, I'm hoping people follow you before March 29th. You can find me @ashleylarsonvc. You can also keep an eye on the conference on Twitter @UWICsymposium. And again, please go to unitingwomenincyber.com to register for the first ever Uniting Women in Cyber conference, that starts at 12:30 p.m. on March 29th at Valo Park. Those of you who join us will get to meet amazing people like Stephanie. Thank you, again, for joining us today.
Stephanie: Thank you. Ashley: This is Ashley Larson. See everyone at Valo Park on March 29th for the Uniting Women in Cybersecurity Symposium.