I got into cyber – serendipitously, stemming from a 25-year career in IT consulting. About a decade into my career, I faced an unexpected challenge: describing the cybersecurity capabilities of an information system. At the time, my knowledge of securing systems was limited, but the critical nature and complexity of the task immediately intrigued me. This moment marked a pivotal shift in my focus towards the key pillars of cybersecurity. I began with digital identity, exploring how identities could serve as the first perimeter of access. Today, my focus has expanded to encompass a comprehensive approach to cybersecurity risk management.
For me, a positive cyber mindset is – recognizing that threats are persistent and often hidden, demanding a vigilant and occasionally cautious approach. It’s about seeing beyond the routine of checklists and high compliance scores and building out a positive cyber mindset that focuses on the understanding that new threats and opportunities constantly emerge, which may lower our organizational scores but also heighten our sensitivity and awareness. It’s not about chasing a high score but developing a deep, thorough perspective that enables a dynamic and continuous response to the evolving threat landscape.
The biggest influencer in my career is – my older brother Bobby, who started his career in IT and taught much of the foundation I have today. He first taught me what a firewall was over 20 years ago when I set up my entire office network on public addresses that led actors in a foreign nation to take over my server. While the exercise to rebuild the network behind a firewall was my first in cyber, it wasn’t until years later that my focus completely shifted.
What I thought I wanted to be when I grew up – I was always up for a good debate and thought I wanted to be a lawyer when I grew up. While reading is a part of any profession, I didn’t find the legal material nearly as exciting as information technology and cybersecurity. The ability to build a capability attracted my attention and piqued my interest.
What I most want to be remembered for is – someone who solved some of our nation’s most complex cybersecurity challenges. Historically, I’ve succeeded in isolated and targeted areas. Today, I support a portfolio of cybersecurity projects, enabling me to get strategic, view the problem space in macro terms, and focus my energy where we can make significant and meaningful impacts for our clients.