See It To Be It Spotlight

I got into cyber…as a byproduct of building software in the early 90s, before personal computers had any security to speak of. I really enjoyed writing encryption software, something I came back to several times in my career. Several years later, I was working on networks where the profound lack of security was more obvious, since systems were now interconnected. I saw quite a lot of chaos on those early networks, but fortunately most of it was more good natured pranks and not malicious.

That all changed when cyber became a true economic and military domain. When Leidos asked me to build our first Zero Trust strategy, I was able to pull from those evolutionary experiences to help imagine the next level of safer, more secure technology.

For me, a positive cyber mindset…mirrors the same vigilance I’d use in the physical world without stifling innovation. I’ve seen how credible the threats are. A healthy dose of skepticism is prescribed, but it’s critical that cyber vigilance does not evolve into debilitating paranoia. I take responsibility for security early in the process (in cyber and physical domains), but it loses purpose if it stands in the way of freedom or progress.

The experience that helped me understand what was possible in the cyber world…was when several of my websites were hacked many years ago. The recovery took a lot of effort, but it was quite a learning experience. I was incredibly frustrated that my own tiny mistake was what gave attackers that first foothold. It puts into perspective the importance of scanning and reviewing code and configurations, because even the best of security training and intentions can result in a small mistake in complex systems.

My recommended read is…The Kill Chain – Defending America in the Future of High-Tech Warfare by Christian Brose. It’s really important to understand how serious the threats are and how cybersecurity is becoming the driving force in physical, emotional, and financial security.

My top tip to those interested in transitioning to a career in cybersecurity is…to spend some time learning about penetration testing or ethical hacking. Understanding how attacks work at a deep technical level helps put things into perspective and forms a good base for cyber defense.