Leading with Purpose: Kelsey Cunningham on Education, Community, and Cybersecurity 

In line with Echelon’s value of People with Personality, we are excited to continue our Cybersecurity Champion series, where we spotlight the incredible individuals who make up our team. Each month, we share the stories of professionals whose talent, dedication, and unique perspectives help keep organizations secure. 

Meet Kelsey Cunnigham, a Cybersecurity Manager at Echelon Cyber + Risk, whose journey into cybersecurity is shaped by curiosity, education, and a strong commitment to supporting others. From her early career in consulting and engineering to earning her master’s in cybersecurity and mentoring the next generation, Kelsey’s path reflects the importance of adaptability, thoughtful leadership, and giving back to the cybersecurity community.
 

1. What initially drew you to cybersecurity, and how did that lead you to Echelon? 

   I started my career in consulting, helping clients with a range of initiatives like systems implementations, training, and change management. Eventually, I worked internally for a large consulting firm on their ventures and acquisitions team, especially around third-party risk. I’ve always cared deeply about education, and I saw how cybersecurity wasn’t just about technology; it was about making sure people understood how to protect data. That led me to pursue my master’s degree in cybersecurity while working full-time. It took just under three years to complete. 

   When I was trying to break into the cybersecurity field, I began networking in the Pittsburgh area. A family friend connected me with Dan Desko before Echelon even existed. He took the time to get to know me, my strengths, and my weaknesses, and offered guidance as I explored opportunities in cybersecurity. We stayed in touch, and when he founded Echelon and began growing the team, I was ready for a new challenge; that’s how I joined. 

    

2. Are there any cybersecurity trends or emerging technologies that you're particularly excited (or concerned) about, and why?

   Artificial intelligence is the topic on everyone’s mind right now. There’s so much potential; AI can automate processes and make life easier. But you really have to be mindful of the data you’re feeding into these tools. Are they open source? How is the data stored? Who could potentially gain access to it? 

   Before organizations start using AI for sensitive or internal data, they need to understand how those tools work and make sure they’re not putting information into systems that could be misused by threat actors. I’m a big proponent of AI, but I think understanding both the pros and cons is critical.
    

3. What's one piece of advice you'd give to someone aspiring to get into cybersecurity today?

   I didn’t start in cybersecurity, and I think that’s important to say. People often assume cybersecurity is only about technical roles, penetration testing, hacking, and coding, but there are so many ways to support cybersecurity efforts.  
    
   You can work in compliance, legal, privacy laws, governance, HR practices, or auditing. Cybersecurity really requires organization-wide involvement. My advice is to really understand what interests you have about cybersecurity and how you want to contribute. It doesn’t have to look one specific way.
    

4. Are there any specific resources, books, blogs, websites, or communities that have been particularly helpful or inspiring in your cybersecurity journey?

   My favorite podcast is Darket Diaries. It explains cybersecurity in a way that’s accessible, even if you don’t have a technical background. The host talks to hackers, penetration testers, and people involved in real incidents, and breaks it all down in an easy-to-understand way. It covers such a wide range of topics and really highlights risk in a relatable way.

    

5. You began your career in chemical engineering. How has that background influenced how you think about risk and security today?

   Engineering taught me how to think outside the box. There’s rarely just one solution to a problem; you have to look at it from multiple angles and determine what works best for a specific organization. That mindset applies perfectly to cybersecurity and risk. 

   Every client is different. What works for one organization may not work for another. You really have to understand what problem they’re trying to solve, their risk tolerance, and where they want to go. It takes creativity, flexibility, and almost an entrepreneurial mindset to find the right solution.

    

6. You spend a lot of time giving back to the cybersecurity community. Can you share why that matters to you and how those experiences have shaped you as a leader?

   When I was trying to break into cybersecurity, so many people offered their time, advice, and guidance without expecting anything in return. That meant a lot to me. 

   Now, I try to do the same, whether that’s speaking at local conferences, participating in ISACA events, or having one-on-one conversations with people trying to enter the field. If I can share even a small piece of the wisdom that was given to me, I feel like that’s the least I can do. 
    

7. You were recently named a Rising Star of the Profession in Excellence in Leadership by Consulting Magazine . What lessons or strategies helped you continue growing your cybersecurity career while managing leadership responsibilities and family life?

   Time management has been the biggest learning curve. When I’m at work, I try to be fully present, supporting my team, delivering value to clients, and helping build out Echelon’s practices. When I’m with my kids, I try to truly disconnect and focus on family time. Learning often happens after my kids go to bed; that’s how I studied for my CISSP certification. It’s about planning your time, limiting distractions, and focusing fully on whatever you’re doing in that moment. It’s not easy, but it’s necessary.
    

8. What’s something you’ve really come to appreciate about being part of Echelon?

   The people. Everyone here is genuinely kind, motivated, and willing to help. No matter who you go to, there’s always someone ready to listen or offer support. The sense of community we’ve built at Echelon is incredibly special, and it’s something I truly value every day.
    

9. Outside of work, how do you like spending your time? Any hobbies or interests that you’re passionate about?

   Spending time with my family is important to me. My kids are one and a half and three and a half, so we spend a lot of time outside chasing after them. I also love reading, traveling, and staying active. I’ve been trying to prioritize taking care of myself, working out in the mornings, and making sure I don’t always put myself last. It’s easy to do when you’re busy, but it’s important.
   
    

10. What does being a Cybersecurity Champion mean to you?

    It means supporting people in whatever way they need, at work and beyond. It’s about mentoring, educating, giving back, and making sure people don’t burn themselves out. Cybersecurity can be demanding, and it’s important to remind people that it’s okay to say no and to take time for themselves. Being a Cybersecurity Champion is about appreciating where you came from, supporting others, and helping build a healthier, more sustainable industry.