<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">

Behind the Scenes: A Conversation with Virsec’s New CMO, Jennifer Leggio

We’re continually looking to expand our achievements and capabilities as an organization, and over the past few months, we’ve had the opportunity to welcome some fantastic people to our team. Today, we’re excited to announce our newest addition, Chief Marketing Officer, Jennifer Leggio.

Jennifer is an experienced leader and executive with more than 20 years of security marketing, communications, business strategy, and operations experience. She has held leadership roles at many groundbreaking cybersecurity companies, and her extensive background and proven success will be an incredible asset at Virsec as we continue to experience hyper-growth. Jennifer will play an instrumental role in increasing both awareness and demand for Virsec solutions across our target audiences. 

So, what are her views on the current state of cybersecurity, and what made her attracted to the opportunity with Virsec? We chatted with her to find out the answers to all these questions and more.

What attracted you to the opportunity with Virsec?


Virsec has all the indicators of a company poised for extraordinary success: an innovative technology offering and a skilled team, a high-growth market opportunity, and an impressive portfolio of global customers. The game has changed, really. Evasive cyberattacks that target application workloads at runtime are now the new normal. And they’re successful because the industry does not have adequate tools to defend against these techniques. I don’t know anyone who wasn’t affected in some way or another from the recent SolarWinds and Microsoft Exchange server hacks.

Virsec is approaching security from a completely different vantage point. We have figured out that you need to protect the application code itself as it executes at runtime, and you must do that at the host, web, and memory layers. We have figured out how to stop attacks by protecting the software itself, immediately identifying and stopping malicious code as it attempts to execute.

I’ve also not seen a company with such a strong backing from advisors such as John Chambers and Jim Routh. I had the honor of working on several security projects with Chambers when Sourcefire was acquired by Cisco, and I know well that if he is putting his time into something, it is going to be a phenomenal success. 

What do you see are the biggest challenges in cybersecurity today?


The most insidious attack techniques are executing undetected at runtime. You need security control that has deep enough visibility in runtime to map and monitor the intended execution of software code, and then be able to immediately identify and stop any deviation. We need to be able to stop attacks the moment they attempt to execute – not identify them after the fact.

We must admit that our current tools are no longer adequate because frankly, they’re fighting yesterday’s battle. Perimeters are now so porous that NIST has told us to assume that the attackers are already present inside the environment. So, that’s where we need to begin. If the attackers are already inside the network, we need to have a means to protect the software itself.

Bottom line, until organizations can account for every execution of every bit of software and application code at runtime deep in the memory layer, they cannot consider themselves protected.


You have significant experience in the cybersecurity market. How did you get started in this field, and what makes you stay?

My first job in marketing was at a boutique public relations firm that specialized in cybersecurity startups; many emerging from stealth into the market. I learned a lot during that time about what it takes to build a brand, develop a market, and eventually expanded my skills to broader marketing. Security is always changing, and I might be biased, but I believe some of the smartest people in the world work on solving these critical problems. 

I’ve thought about moving into other industries, but it’s the mission of cybersecurity, especially that of Virsec’s, that keeps me involved. What we do matters. Protecting people, data, networks, and so much more, is imperative, and it’s something I can be proud to stand behind.

I’ve also made many friends in this industry, specifically in the security research community, who have been instrumental in educating me as a marketer on the importance of ethics in security marketing and always looking to reduce harm, practice coordinated disclosure, and protect the integrity of security research.


Cybersecurity is a crowded marketplace. What are marketers in this space doing well right now, and what do you think can be improved?


Marketers overall are very misunderstood creatures, especially in cybersecurity. I can’t say what others are doing right or wrong, but I will say that in my experience the best marketers are the ones who understand the customer impact of all their actions, and always operate with the mindset of a defender when they take information out to the market.

In general, great marketers have the brains of both maniacal creatives and operational powerhouses. No matter your role in a marketing organization, you need to read data like it’s a story, use that to boost your narrative, and then get bold (yet truthful) in telling that story.

As for being better, sometimes the onus for that is on other business leaders. Marketing is one of those crafts that everyone thinks they know, but only those who have really done it, in the weeds, with the dirt and the grit, know it. Business leaders need to trust their marketing experts to make the right decisions for their company. Yes, collaboration with subject matter experts and other leaders is key, but I can point to too many examples of where a company tilted because it went against marketing best practices.

Similarly, we often see businesses changing the positioning of their company to react to a new threat or risks to gain mindshare. You must play your own game and follow your own unique mission to ensure long-term awareness and growth. In the cybersecurity world, where risks can change daily, this can be difficult for marketers to understand, but I believe it’s the basis for a more robust long-term success strategy.