Channel Women In Security: Empathy And Leadership In Cybersecurity With Commvault Field CTO Vidya Shankaran
Shankaran reminds us that cybersecurity is not just about protection. It is about enabling innovation, building trust, and supporting the people who keep organizations secure.
Cass Cooper sits down with Vidya Shankaran, field CTO for cloud security and emerging technologies at Commvault, to explore how cloud modernization, AI, and human-centered leadership are reshaping the cybersecurity landscape. With nearly twenty years of global experience, Shankaran brings a rare blend of technical depth, business strategy, and empathy to the conversation. She reminds us that modern cyber resilience demands technical excellence, shared responsibility, and a deep commitment to empathy.
Tell us about your background and your two decades of experience in IT and cybersecurity.
I am the field CTO at Commvault, and I am coming up on my 10-year anniversary here. My career spans nearly 20 years in IT. I actually started as an AS400 developer before moving into pre-sales on digital transformation, cloud security, and AI. I have grown alongside the industry and have seen major shifts in how organizations modernize and secure their environments.
Cloud modernization is evolving fast, and it has reshaped how enterprises think about cybersecurity. How do you see this connecting to risk management today?
If we look back five or six years, many organizations were still testing the waters. Some were mature cloud adopters, but most were experimenting with test and development workloads. The acceleration came quickly after that, especially through the pandemic. Once modernization became unavoidable, organizations had to confront their risk appetite. How much downtime can they tolerate? What level of data loss is acceptable? These questions became central to decision-making and they still influence every modernization plan today.
How does Commvault sit at the center of that modernization and recovery story?
When I talk about risk appetite, most people immediately think about how to de-risk their environments. Whether organizations are on premises, fully in the cloud, or hybrid, the truth is the same. Every environment is vulnerable to cyberattacks. The real question is not if an attack happens. It is how quickly you can recover and how confidently you can prove resilience. Commvault’s value is in helping customers demonstrate that recoverability. We help organizations understand their exposure, reduce complexity, and prepare for a world where cyber resilience is part of everyday business strategy.
Our partners play an important role in guiding customers. What are the top things you want channel partners to understand about risk management and the realities of modern cyber threats?
Partners are essential because customers cannot do this work alone. Just like the shared responsibility model we see with hyperscalers, partners and customers need a clear division of responsibilities. Partners can create frameworks for risk mitigation and governance. They can support threat modeling and guide best practices. Customers hold responsibility for maintaining data quality, meeting regulatory requirements, and ensuring proper ownership. Success requires an ecosystem approach. When partners and customers work together, the shared responsibility model becomes a real advantage.
We cannot have a cybersecurity conversation without touching on AI. How is AI creating new risks for organizations and partners?
AI brings incredible possibilities, but it also comes with inherent risks. Organizations are more cautious than ever as they evaluate AI platforms and AI-embedded products. Responsible AI adoption requires careful due diligence. Partners can help customers build review boards that examine ethics, bias, safety, data leakage concerns, prompt injection risks, and model drift or hallucinations. Without guardrails, the AI landscape becomes the wild west. With the right parameters in place, AI can create immense value without compromising security.
You are a field CTO. What does your style of leadership look like in practice?
Continuous learning is at the center of everything I do. I prioritize listening because our industry evolves too quickly for any single person to have all the answers. Learning and unlearning are equally important today. Another core part of my leadership philosophy is empathy. Technology cannot teach empathy. AI cannot teach empathy. Yet empathy is essential in cybersecurity leadership because the human impact of a cyberattack is real. People walk away from major incidents with PTSD-like symptoms. Some hesitate to return to their roles. Leading with empathy allows teams to recover fully and contribute their lessons back into strategy.
The human cost of cyberattacks is something we do not talk enough about. Can you expand on what happens to teams during and after a breach?
During an attack, teams often spend three or four weeks in a war room without rest. Stress is high and finger pointing is common. Leaders have to shift the focus to outcomes rather than blame because no one person is responsible for a breach. After the attack, many team members feel overwhelmed or hesitant to return to business as usual. They need support and understanding. HR teams are now investing in emotional counseling for employees who have been through these incidents. If organizations do not learn from the people who lived through the attack, they miss out on essential tribal knowledge that should inform future strategy.
Thinking about younger generations entering cybersecurity, what advice would you give your younger self?
Learning never stops. Many young people think that once they finish school, the hard learning is over. In reality, learning continues every day. You learn from people, headlines, technologies, and cultures. It never ends and it should never end. If we stop learning, we stop evolving.
What are you reading right now?
I am rereading “Surely You’re Joking, Mr. Feynman.” Richard Feynman’s approach to simplifying complex concepts has shaped how I explain technology to customers and partners. Breaking things down into bite-sized pieces makes it easier to understand the full picture. It is a book I return to often.
If you found this conversation valuable, share it with someone in your network and continue following Channel Women in Security for more insights from the leaders shaping the future of the IT channel.