Now a discussion on Workforce Diversity in the Cyber Security industry posted by new america. It is one hour and a half. Es this is an hour and a half. [inaudible conversations] hello. Welcome and good morning. Thank you. We are happy to see this morning. Im laura bates and i work on Development Issues at the Cyber Security initiative. It is my pleasure to thank you all for being here this morning. I know for any friday morning, particularly friday morning in the middle of summer, were thrilled to see this level of turnout. I think it speaks for itself, the level of interest in the topic. I also want to say a particular thank you to palo alto came with us the original idea and provided the breakfast with is critical to success for a friday morning. [laughter] here at new america we spent a lot of time talking about workforce to bowman and how to increase the pipeline of workers in the industry. Of course a critical part of that is expanding the number of people in the types of people we think of as fit in the industry. We have our humans of cyprus the project online that incorporates individuals and with passthrough and telling their stories and putting into evidence the fact that there are a range of backgrounds and ranges of experiences. We are thrilled to give you the Current Panel and im happy to introduce ian wallace, director of the Cyber Security initiative to moderate. Thank you ian. Thank you very much. Before i start, let me commend to you lauras work on both on diversity and workforce issues with Elizabeth Weingarten and i would encourage you to go on and follow it through. As laura said, the purpose of this event is to potentially challenging times make it a positive take on diversity and Cyber Security. New america one of the things we want to deal with is very important to storytelling. Making Public Policy through listening to people with their stories and their experiences and lessons we can learn from those. We also, however, point to point out the Cyber Security is an emerging field for which there are many parts both in and within. I think listening to some of the stories we will hear today that will get a glimpse of that. We also are a Public Policy think tank and there are some policy issues that sit behind some of these issues. As we go on, i think, given that we have a Statistic Group of women we will have to dig into some of those issues, as well. To introduce the panel briefly i will be brief because i know i tend to talk about their own careers. We are joined by deborah, in her past life was a director of information at the National Security agency and was a Senior Advisor on some of the diversity type issues that we will talk about too busy on the National Security council. Next to deborah we have the Vice President at capital one and fairly recently left the department of Homeland Security where she was Deputy Director of the National Budget Security Communications center and chief Information Security officer for the transportation we dont do acronyms. Affect next to her is the chief Security Officer for japan and palo alto network. Shes had a career that has taken her into the Japanese Ministry in japan. On the end is a senior manager but previous to that on the National Security council where she was the director for the critical infra structure section and a career at the department of energy. As you can tell, we have people who have experienced the private sector and Public Sector but in and a range of roles. I will begin by asking a series of questions to the panelists and i will move into a moderated discussion and then will open it up to the floor. Please have your questions ready. To kick us off. Deborah, how did you get into Server Security . When you hear all of these what is the one thing you can tell that were doing here right now . To you for the invitation to be here. Its my pleasure. I got into Cyber Security because of the foundation of National Security agency where i started my career in the mid 1980s working first as an Intelligence Analyst when cyber was just a dream. No one was much talking about it and moving into the 90s which was when things like y2k hit the airwaves and raised concerns nationwide, worldwide about security and functionality of information systems. It was from their that i did that y2k representational activity at the federal level and came back to nsa and ended up ultimately going to the white house and doing Cyber Security policy. I would say that was the period of time 1998 and 2001 was really the time with things like the i love you virus and some of the early viruses that we began to worry about on a National Level and i happen to be working at the National Security council and working in transnational threats which was, at this time, Cyber Security was happening and being born. Programs like cyber core and i got to stand up and run from the white house. It awesomely brought that explains back to nsa which has a robust and one of the earliest robust cyber admissions from a security perspective but also from. [inaudible] the rest is history. I moved from that system working on the expedition side and ultimately my career on the Security Side serving as the insurance director. The one piece of advice, i think, when people think about Cyber Security i hear from lots of folks particular reports retirement they are asking what kind of certifications do i need, what technical competence do i need, how do i gain those experiences. Thats all really critical and important but i say its ever security we need lots of technical people. We also need lots of folks can think from a policy perspective and thats the message i believe. We need folks can write policy who can envision and think about International Norms and what we might need to do to contribute to the development of those norms in cyberspace and you can lead people and organizations and those who can lead through difficult and exciting and challenging times. That would be the biggest message i would say is that cyber is a lot of Technical Work to be done and theres a lot of work to be done on the policy and even on the legal side. How did you get to where you are now and what is your advice . Ill pick up in the middle of where debbie was speaking. My story is more one of timing. Right place, right time with the background that matched. I majored in criminal justice and Computer Science was my minor the George Washington university. That was my fathers influence was an it executive recruiter said do something in Computer Science because thats the future and thats where it will go. I wasnt the best programmer so i made it my minor and it served me well. Given that Technical Foundation to be able to go after a brandnew field where cyber didnt exist back when i graduated. It was it and Information Assurance and security, cyber wasnt in the lexicon. While i was pursuing my masters degree in Computer Fraud investigation i approached professor it was a masters degree designed the working professional so i did it on weekends and i approached professor about working parttime and i got a job at fannie mae as an intern in the Risk Management division which will talk more about this later but i truly believe that cyber is all about Risk Management from the technical sense, for the policy sense, in every sense of it. If you have that underline Risk Management it will take you far. Its understanding how to enable in a risk appropriate way without their risk there is no cyber. Thats a big lesson ive learned along the way. From there i thought areas i got into government right away i was working at the contractor after fannie mae into my client called me up and said would you be interested in my position and i encourage you to apply. Thats how i started in government. What separated me on the path was always looking for areas where the biggest challenge was. Every boss i had, what is your weakest challenge and where can i help thats what set me apart. Also medications. That would be the biggest piece of advice that i have. Technical credentials are necessary, policy piece of it is critically important, the ability to communicate in every way imaginable, up, down, acro across, that will separate you from those that cant. There are many who just are not comfortable with it and i encourage, if you are one of those and it resonates to practice. Step out of your comfort zone, take the class, learn how to speak and learn how to communicate what it is you are trying to say because then you will become that go to person and you will open up doors for yourself that you might have known were there. You build your career out of the United States. You have similarly focused and taken you from government can you talk about how you got where you are and what advice you might have . Thank you so much for this opportunity. Im so excited about talking about innovation in diversity and Cyber Security. I came to walk in the Cyber Security was because i happened to work on Cyber Security when i was in the government and ministry of defense. I got out to my masters degree in washington dc on fulbright and back in 2009 Cyber Security was not as hot as it is today. I dont think we use cyber scary back then but i didnt care so much about security for people because its foundation was right. One of my classmates asked to be im looking for someone who can write about china on Cyber Security. I didnt know that what she wanted and i thought i could do that. My piece was, as you say, train yourself to get out of your comfort zones to take the challenge to do something different. Im a foreigner im not a us citizen and it was the first time for me to publish something in english about Cyber Security. It was again, i didnt know if i wanted to do Cyber Security because it wasnt there yet. It actually helped me a lot afterward like, hey, i have something in english peerreviewed and one of my classmates started to work for a Cyber Security company in washington dc and. [inaudible] he said hey, i know youre interested in east asia and securities and maybe not with Cyber Security but maybe you want to talk to. I had coffee with him and on the. [inaudible] even though i was not able to get a job there but i started to send english summaries of what is going on in japan for cyber securities for a year. That commitment helped me to recognize to be organized and say she can do this. I was not able to work in the United States after my degree here but it helped me to get a job in japan. My piece of advice is try to show your values to people around you and find those champions will endorse you. And also to be a good communicator. Cyber security is about everything. Its about it touches on every Risk Management and you never know who wants to help you or needs your help. You have to be flexible and ambitious and trying to be a great teammate for everyone around you. Mara, the question. How did you get to where you are and given that what you think other people can learn from your experience . Sure. Again, thank you as well for inviting me to participate. I will start out with my first piece of advice and that is to follow your passions and interests. That is what has brought me along in my career. In high school i was motivated by my coach to go into engineering. I did so and i found it interesting that that was mid 90s and i realized this thing called information was popping up. I was interested so i dont do that. That really has led me along the way. It started out doing work within it and throughout my career i was going back and forth which was working in the it field in the Cyber Security field and as i moved along in my years i realized they are the same field doing work securely is the way we should be looking at them separately and its not the way to go. Now as we have heard we do security so we can enable some functions from business and you dont do security as a means of itself. So, finishing college similar to your story there wasnt a Cyber Security program and i have an undergrad in accounting and information system. I got in internship the late 90s doing enterprise where the industry was starting to look at Risk Management and how heaters and systems could be manipulated to have a negative impact on a company. Thats where i got my feet wet and because it was so new that i had so many opportunities to try different fields because it was new for everyone. There was no need to hold myself back because there was no experts in the field. My advice really is to go for it, learn as you go, the official learner but dont hold your back because you dont know. Guess what was there someone else who is ambitious and will go for it. We all might as go in and work collectively toward the cause. In doing consulting i was asked to go on board and i did so thinking sure, ill try this for a little while. What i learned in my experience is that a little while turned into ten years and i absolutely loved my government service. I got so much exposure in the fertility because i was willing to step out there. Then i hit a point where i had wonderful opportunities and multiple departments and had a wonderful opportunity to serve as part of the National Security council in the white house and after that decided to go into the private sector and had a wonderful opportunity to work for exelon, one of our nations Largest Energy providers. Im really enjoying now been able to apply those Technical Skills both in it and security in the policy and Program Management. These fields ever stop and she may have to jump out at some point. Dont be surprised if she steps off the stage. She will hopefully join us later when we have the one thing i picked up of a common theme is there are great jobs of their which you have come to through different places but come to love. Yet, if you look at the statistics for women and minorities in Cyber Security, workforce at large is pretty difficult. The figures are terrible. Low double digits. Two questions which relate to each other. In terms of the people coming in, is it just those in the schools and universities simply not getting the advice, the message, the opportunities that you had . Or is it that employers arent seeing the benefit from having highly qualified women come through and how do we go about changing . I dont think its the latter that theyre not seen the benefit at all. Thats never been my experience. I agree, right. Theres very few women and minorities that cannot tell you how many tables have sat around that lack of diversity in any way imaginable. I dont know that theres always an awareness of it until it comes up in terms of diversity, inclusion efforts that nearly every Government Agency and every corporation has. That is becoming a bigger and bigger field, those in public and private sector now that i have significant private sector and seen it much more prevalently than i did in the government. This is really great to see. I do think that both government and industry can do a better job in funneling to the universities where the Technical Expertise is coming and then can make a pitch to include all genders, diverse cultures and backgrounds and go after them. I think there are some Government Agencies that do this better than others and partner with some of the local universities here. I know george mason has a program to get people in government, gw recruits quite heavily some of the agencies and industry is starting to do this as well. Thats absolutely critical especially in cyber to build off of what samara was saying in the 90s when this was new. Id argue that cyber is a continually new field in whatever skills you had ten years ago may not apply today. Those skills evolve faster than imaginable. The actual curiosity in targeting that new talent is coming out that is up to speed they skills is absolutely key. I think thats one of the things that we can do to both encourage the university, the college pursuit and funnel that right into the hiring process. I would say that the discussion about lack of capacity, diversity and gender perspective Cyber Security is not a whole lot different from the same discussions we were having years ago about women in math and about women pewter science. What makes it so much more compelling today is that we need so much more capacity in Cyber Security that we have ever needed in math or in traditional Computer Science. That makes the business case. If we simply look at demographic trends it doesnt take a smart person to see that there will be a lot more women available in the workplace and a lot more people in the color available in the workplace. Its a nobrainer that we need to know how to leverage that capacity in this critical field where we as a nation have a significant deficit capacity. While i agree with randy, we have to work more closely with politicians and universities to recruit targeted recruiting universities that have capacity in the area of women and minorities. It has to start much earlier than that. We have to go into the cake as well. The kids were in school today arent better than many of us in using their devices. Its natural for them. Its not been eating and its even exciting but we have to entice them and excite them and make it such that its not a regular and Regulatory Burden for them in a place to work but exciting and challenging area of discovery and using their Technical Expertise to make the world a better place for all of us. I would say weve got to get into the schools, high schools, middle schools, elementary schools, much earlier. You got to targeted recruiting colleges and universities that have the capacity. It defies logic. Trying to decrease diversity that we would aim our recruiting efforts at the university that is not diverse. It doesnt mean that you dont go there but it means that if youre trying to get a diverse population you make sure you also go to places where there are diverse campuses. The only 11 of Cyber Security force today is women. [inaudible] still see samara. My Company Works on First National Cyber Security for girl scouts in the United States a couple months ago. We were so excited to foster young girl scouts on people to raise Cyber Security awareness. [inaudible] due to my the ratio of women or minorities are so low in Cyber Security . It is because men give up learning about. [inaudible] to make sure that you have to reach the potential of Cyber Security. [inaudible] to encourage young girls that hey, this is cool. This is fascinating and this is an opportunity and you can do anything with it. Things will change but only for women and minorities but we have to talk to the leadership, the management because leadership is important girls and minorities need encouragement. This is the chance to go for it. Then we will see more women inclusiveness and diversity of Cyber Security. Id like to highlight a different dimension to the same question. That is there is an existing workforce out there and i have repeatedly run into individuals who are mid into their career and want to shift into Cyber Security and find it challenging. I think having an open mind to not just develop the pipeline which is very important but also where there opportunities to leverage Prior Experience that may not be directly in Cyber Security but really relate just like i mentioned earlier understanding our business is or what is now than ever. Theres very little the mission that is not list without Cyber Security so if you understand the business you could be key in helping to better secure how that is run and managed. I think this opportunity for us to be innovative and to leverage with the employees as well. Fantastic point. Weve done some work of going into Cyber Security jobs and whether a lot of jobs and capable people who see those jobs but they dont quite know how to get into the. Two questions. One is what is your advice to those women and minorities to encourage them to come into the jobs. Secondly, what do you think can be done to your point to make that. To do your part to get educated in the field and understand it to demonstrate how you can apply that. Book knowledge is important and good but understanding and being able to apply it is all the better. When you show that you understand the business and apply security to that, that is huge. That is powerful. To have a certification alone without the experience is challenging. Really being able to apply so that how do you get to that is connecting and taking the initiative in fighting someone who might be interested in doing and taking advantage of those opportunities, sometimes volunteer opportunities to find those connections and demonstrate that. It is challenging. You brought up a great point because i teach in a graduate school in the Cyber Security program. Many of our students are in their mid career and their pursuing advanced education in Cyber Security and they want to know how do i break in. There is still asking its a difficult challenge because ultimately, at that level, you need an opportunity. You need someone willing to take a chance, to take a risk. My advice is more for those who have the capacity and authority to hire is to take a risk. Willing to pick someone who doesnt look like you. Be willing to give someone an opportunity demonstrated academic compliments but has not had an opportunity to apply that in the workplace and give them an opportunity. Every single one of us would call out that someone reached down and give us a hand. Why should employers take a rest what benefit does it begin to bring to leverage . Why not invest in student groups that have demonstrated capacity may be in a different career field, but successfully in his nose going to make a change and has applied themselves academically to learn what they need in order to do it. Give them an opportunity. Maybe what we gain is the maturity of a person who has some experiences. So, some stability and then the opportunity to invest. I have a couple of thoughts that combine everything. What im hearing a lot from those in stages it is a lot of who you know. Networking is key. If its something trying to break into try to find that specific network and talk to people. It is going to be somebody whos going to give you the chance. If they get to know you, even outside of an office setting, thats what you are looking for. This world still works on who you know. So, if you can find that right person and begin to establish a relationship and some level of trust, thats easier for someone to give you an opportunity and someone who doesnt know you at all. I Second Thought goes back to the communication but also value proposition. If you are in a field that seems unrelated, i challenge you to figure out where the link is and what value you can bring. If youre in a Communications Field thats a nobrainer. Or what about a music field that could apply to cyber. We can go on. We could play with this in any field. By be able to demonstrate with that is and learn that if you come within a company and you know the business side and now you want to break into cyber because its a lucrative field about the smart have to go down, then demonstrate that business value. As a higher hiring manager i can bring in all the technical experts i want, if they dont understand how the business works that is one of my moments of having worked on the it side several times and then going out to visit the field and the users of the it system, how much i did not understand and what their challenges were with the system. I didnt really know what they did until i went to visit them. Having that business perspective is invaluable. I live through that on the other side. Then the willingness to learn, the technical part, great. But make that connection for them. Not everybody will have that experience. Having someone you can go to and as for advices extremely important for anyone, but particularly when you have a different path. On the one hands, can any of you point to organizations or organize networks that can be helpful in second, have you had any advice of mentees looking for mentors or mentors that you feel have an opportunity to help and how they should go about that . Whether any networks that you can tap into . One is the International Consortium of Cyber Security professionals, fairly new, couple of years old great support from the health, really focused on providing opportunities for not minorities in Cyber Security. From entering to provide an opportunity to work on campuses, to get handson experience in touching and manipulating and doing cyber in a realtime way. To pointing folks to fellowships in providing fellowship and scholarship its a great organization. Will mention two, one is the executive womens form. Its not just at the executive level. They work to develop women along their career, not just women help in women, its everyone helping women. Its a diverse group. We went to a conference a few years ago i was blown away by the level of quality of the presentations both professional development and technical. Another is women in industry. In energy another synergy specific that as individuals involved that are along the spectrum of their career. The defense secretary its a Dod Associated nonprofit that chapters all over the world and some chapters in the d. C. Area, networking and operating Awareness Month then Cyber Security of course. They have events and if you go to those events and if you do your homework enough and say okay this speaker is really interesting, the background is to me so you should talk to him or her right after the eve event, dont just go there and come back right after the event. You are younger you are trying to shift your career path you have to have a condition in college to take the one step forward to changer greer, to close the gap. The reason why you want to get into it is could you see the gap. I participated in many events as well as a womens form. I to speak highly of them. I will give you little experience for my capital one side. They have a tremendous women in Technology Program that i found, ive only been there about seven weeks. This transition is new to me. One thing i am fascinated with is, there is a Brother Group called the male allies and that comes to all the events with the women in it. The fact that they had named it is fascinating to me. My own personal story most of my mentors are males, and they are the ones that have guided me or given me opportunities along the way. My guess is if we dig into your story, there are men who took a chance that new the value of diversity and were champions of mine to get me to that next level wherever that was. Capital one has named it. They had people from many places within the business so there someone you can go to if youre interested whos willing to at least help you along the way give you an opportunity, whether its detail or of voluntary, so thats still real. My next question, what is your advice to men and particularly white men who want to see the benefits of bringing people into work but doesnt necessarily have the experience of mentoring, particularly wom women . When were talking abo i would say that whenut were talking about diversity, sometimes the discussion only progresses to hitting the number. I think its wrong, because diversity should be inclusion as well. To pay respect to different cultures, backgrounds, minorities and everything. They can bring value to your team or to yourself. So my advice to senior male leadership is, your team so my advice to the male leadership is try to think about what you want to see happen to your daughter or your wife, or your sisters that i want this happening to my daughter my mother. Then, you can say this is something that i can offer these women. Think about those who currently mentor may be done he would call it mentoring but it probably is. Think of those that you pull aside and give advice to or send an email to say i heard a job is opening up. Think about what they look like. And then challenge yourself to get outside of your norm and to pick up someone who does not look like you, someone who does not think like you, someone who comes from a different background. Like the greatest joy from a mentors perspective is that you gain so much from entering someone who doesnt look like you are have your background but is going to take a number of people who look like you having that courage in order to more quickly and sufficiently advanced the number of women and minorities in cyber. There are many out there who are, and so for those i would say speak up to your peers, challenge appears to do the same. When you see things going on around you that maybe you would not have done, dont be quiet. Challenge the community to move forward. This is a constantly evolving space. One of the things they know better than i do is Artificial Intelligence and computers during the work that people have done in the past. That provides an opportunity for those people, what advice are you giving those girls at school or women and other people in the workforce about future careers and making sure theyre going to be in the best paying jobs in the next decade . I was just on the west coast last week through a cyber fellowship having this conversation about the future of cyber. It demystified some of it and it is still math. We are still Programming Computers mathematically. However, even though can learn in the machine has so involved that it can learn on its own, nothing will replace human ingenuity and creativity. We have yet to teach a computer that are mathematically called that. I caution against that everything is going away. I do think the future of is. [inaudible] ive to daughters, one and three, had a conversation with my husband, how do we raise them to be successful in this next generation . Its not going to look like what everyone in this room went through. Theres a few fields, i think the medical field to say from this, i think machines will help in operations in medicine, but i think thats still good. Computers is one of them. So embracing that. Absolutely being able to understand the math and Science Behind what makes Machine Learning and ai move. Higherlevel thinking that will be necessary to steer this in a good direction. If we are cyber professionals in this room we think about the risks involved in Machine Learning can be scary at the same time. Its going to take a generation of responsible thinking youth to move this in the right direction. That being said, stem now becomes imperative. In the background and absolutely a k12. You need that foundational understanding to be able to take the fields into wherever they will go which i dont think we can imagine that today. I find the question interesting because when you talk about how we are advancing technology, all i see is opportunity. So for Cyber Security field with increasingly more important than the way we have done security the last 20 or 30 years may not be the way were doing it into the future. Lets figure that out and be a part of that. One of the things to think about his Cyber Security is an opportunity within the context of some jobs disappear and to build in the space and that one of the real opportunities that weve been exploring is the potential for careers not just in the federal government but local and State Government who increasingly deal with these challenges. Every one of you has spent some time in the private sector even just for a short amount of time. When people come and say where do i get my stuff the private sector, somewhere else . What advice are you giving them . And what to think of the pros and cons of different places of cyber careers . Its a pin. There is not a cookiecutter approach on where to go. Its about what are you interested in . Where do you shine and how do the opportunities match up with what youre looking to do now, or how does this opportunity help you get to where you want to be in five or ten years. So comments really weighing them. I dont know that i would easily say must starting government or industry, its really about what aligns with your interest in your passion at that time. What are the pros and cons of first of all times have changed. We will likely have very few like me with 31 years in government. That time is probably past. Instead, well have folks moving in and out of government. I think that is a scenario because government gets the benefit of experience one would gain in the private sector would get the experience coming back and forth. Folks come to me and say the of government stability and the opportunity to work on the most challenging part problems and the opportunity to serve a nation and not having to worry about hours in lines but you dont make the pay. So that really is the balance on the private sector side you can make more money, as far as working hard i think both can challenge you significantly. Depending on where you might land. So i think you have an opportunity to work harder harder because youre on the side of private industry. Opportunity to travel determined by where you go. Its easy to say you get paid more in the private sector unless in government, but its much deeper than that. Government i had midcareer folks come out a private sector into government because they werent ready to have a family. They needed a lot of leave. They needed the stability that provided. Thats a legitimate reason to come in. After you have raised your family a bit you can go into the private sector where you have more personal flexibility. I will tell you about my story and some of what i appreciate about the government. I agree with what you said. Theres no answer for this. All experiences get you to where you are. Hopefully bill to where you want to go. When i appreciated about the government is a tremendous emphasis on leadership development. Theres opportunity and training galore in the space. Its not just reading a book its person training, its fellowship torque among groups and peers. These people that you evolve within your crew that you may diverge and i have a person another agency or private sector that you can call upon because you have some experience. Ive been through some of those i tell people all the time and they pick up the phone and you pick up where you left off. There is a time in my career when i actually stepped out of cyber. I have been doing compliance and started having nightmares. I decided there is more to life than these regular charts. I look for good leader in government. I asked him what his biggest challenge was. It turned out to be lawenforcement technology initiative. He needed help in communications and outreach. I did that laterally. The government is one unique place where you can change career fields and not have to start all the way back over. I didnt have to take a pay cut or go back to school. He was willing to leverage my confidence, the skills that i have built in my project and Program Management skills and apply it in a new area. That intellectual curiosity that i can do that. So from there, i became the chief of staff of that program filled out my business portfolio. I learned about acquisition, budget, training, and hr. Thats an cyber started to take a boom. I came back in. I had this really nice robust portfolio of not just the technical background but the business elements as well. That i stepped into this role and created a functioning organization that included all those pieces. It was a risk to step out. Somebody had to give me a chance. It was knowing where i needed to fill out my portfolio to be successful at higher level which is where i wanted to be. The government afforded me that opportunity. Maybe the private sector would two. At the private sector they move faster. It takes a while with government to implement a system. The private sector in seven weeks ive seen one stand up, weve identified a need and have the money for it. That is energizing and that wouldve taken at least six months to a year in government. I know some are going faster but its still difficult in the government. Thats exciting and can be energizing to know that everything you know about project management you can do in a week and it still works. The japanese governments in the japanese industry and american industry, theres opportunities you see in the values you want to bring in. Its all about timing. I can share a little bit about my experiences. Beauty to walkin academia you can have a neutral position and also have a greater freedom of speech. You can publish a lot. You can also afford events like this to reach out to the Larger Population he would never think of in the government or the industry. If you are for private sector you will look at the special deal the company. But if you are in a think tank it can be more creative. Im not saying the government or private sector not creative but you have more freedom to come up with the project want to reach out this is about innovation and diversity in Cyber Security. Its easier for think tanks to do this. I want to open this up on the floor. Many people here who have really great questions. Im going to preempt that with a final question for myself. This conversation doesnt happen enough. But when it does, sometimes it goes well sometimes it doesnt. My final question is, what really bothers you about the diversity inside the conversations. What are we getting wrong and how can we address that. It bothers me that its a thing. In general. Maybe its because im a woman and i come with a different perspective that i just want the best person for the job. Im in a cast a wide net to find that, whatever the job may be. Im going to be deliberate in making it ever screw and in my experience ever scripts are more successful. The me be clear, when i say that what i look for diversity im not always looking for certain jobs that need Technical Skills. What makes a Good Organization is the people. You take care of your people, if you put together high functioning team where you have an introvert and extroverted that compare and bring the best out of each other, bring the introvert out and tamed extrovert time. But its true you need to balance the team. Im looking for skills both technically and soft skills that i want to balance out my team im in a bring in the things differently for me. Again, that is sort of been my experience the environments that i have been in they had some lack of leadership at the top to take that chance. So i made up my personal decision to break down those barriers. Thats not a gold nancy are looking for one of the things i want to get to is how do we and improve the quality of the dialogue that we contribute anybody else want to chip in before we open it up. Sit. So i sometimes feel frustrated Cyber Security is not just about Cyber Security, there are also crucial but we also need a strategists, lawyers and National Security intelligence so, because of the every aspect of our daily lives and National Security touches on it you have to understand that everything around to im a beer title doesnt say Cyber Security or something or it. [inaudible] ive been helping to close the gap. I am confident that ive been it into this field to take a job with Cyber Security. Because it is also helpful for your potential employers and actually you are right. So, this is all about closing the gap in teambuilding. If you have a question please raise your hand to tell us who you are and where you are from. We will start over here. My colleague has the microphone. So please speak into the microphone. Hello, im kathy. My question is, one of the things i have found is that ive worked my entire career as a contractor for the government. The last two summers we have had some amazing interns working for us. I have nieces and nephews, dont have children of my own. I was talking to the interns and trying to understand what it was they did assess them apart from other people that got them into internships. I made my nephew come in and meet the interns so they could talk to him about what is it that makes you somebody we want to have within our organization. What can we do to help these kids understand . Im excited about the girl stats for the usa. Im a girl scout of my niece got her gold award that helped her get into college. My nephews have both gotten their ego award, there is girl scout, that help them get into college. What is it that we can do from an Organization Perspective to help young kids understand what it is they need to do to set themselves aside so theyre more noticeable in this community. Is that they can get these internship opportunities. Most interns we had we find them, so how do we find these kids . Cut we work with them and grow them . Public schools would welcome entering. Mentoring. I know because i have done this since i have been retired with open arms still look at how in your local community have an impact by investing with programs and camps or some bird summer opportunities or internships to give kids and vice coolers a chance. There are Many Companies that value involvement in the local community. So we are involved a lot with the schools. We have big offices in richmond. So as you are raising children that may have some programs you can get involved in one is the associates speakers programs those students fresh shot a School Literally rotate to form that mentality lets try a few things to figure out what we want as opposed to committing to something and then figure that out in a harder way. That is the way where the community is adjusting and they do rotate through cyber. The girls that code those program is an area to target i have done some events with them and there are great opportunities at that level. When you are looking for interns . What sort of options . Internships are one thing but one thing is the lack of experience. And to see what they do in the future with a conference or even sit in your local community of those who are right next to you so maybe they would see that that they have some contact to share with you to be a mentor. Also the person with a microphone is one of our fantastic and turns. Of an security and internet policy i am on the job currently so my question is i found the jobs that our technical so is there a capacity deficit on the Security Side . For someone who is not american. I do believe there is a deficit particularly with because many of those folks today is particularly with governance grew up with a career another paid places then transitioned so bad experiences outside of government rather academia or the think tank for private sector so that is a need for capacity on the policy side so were you come from having demonstrated success the you have had some opportunities to learn and you can articulate that you have to be able to communicate in their present yourself and tell your story because anytime you spend a couple of minutes with someone that might be all you have. Then take the vantage of those Networking Opportunities for those big conferences. For a thousand people is a lot. But so many great opportunities are there to make contact and schedule opportunities with that potential. I used to be a student in washington d. C. And there are some differences but that the same time i was told to think how could i get a job . And i have to find a job. So okay i really need to get a job. So then i think i went to those many conferences. Because there was a student so i try to understand the agenda i raise my hand for every single competition. Because otherwise you are nobody. I am so impressed. You can do bad but if you ask a very good question then you could start a conversation or they may not be able to give you a job right now but may be in the future it is a better opportunity. The only additional and vice i would offer is get out there and write and talk one of the vintages of technology there are lot of avenues and given the majority of the space where there are opportunities to provide your voice quickly putting yourself in to that person certainly speaking for someone who is with a thinktank that there is a lot of people that concern the subjects learning how to write and it is much more challenging but if you can conclude that you are halfway there. And basically have name recognition but in some way if you are coming from a different background you have the opportunity for cybersecurity policy work ahead with the Internet International development. So to come in with that expertise you can be different from everyone else. I with a nonprofit based here working for the glow will technology team. So how do you, that these stereotypes . I am the only woman or at the conference is to break out to the security grew by of the only woman but with the open source developer world that imbalances even worse so any advise how to deal with that it is increasingly frustrating when it happens so often so any advice you may have. Apologies to the men that go recruit and talk to other women who are interested to pass their resonates around as the hiring manager one day at a time and one higher at a time when we begin to change the shape of that room. It is frustrating and we are not there yet but absolutely we have ownership of the space. Dolby marginalized. Be an equal player and demand it and demand the same lovell and of respect and attention. We will take three questions at a time. I with the state Department Working on communications so my question is about your assessment of the current grand rounds ever security and whether or not that is inhabited to attract students that would not otherwise go into a Computer Science or itt or sever security because when you think of those efforts under way then you already get that current pipeline but then in addition to that what role the government could play to support that specifically and this model of apprenticeships. Is that health full or something industry may not immediately jump on . I am working in agriculture projects my question is from one of the questions already raised with calling be a professional with that policy background what is your peace of vice for those Technical Skills or above grows Coatings Program girls Coating Program to provide leverage with cybersecurity. I and assistant professor of media studies at the university of virginia but this is related to my students. We are predominantly female students that understand that very well and i am teaching sever security how could i work in this field . Seven of to give them better vice on specifically how they can leverage their experience with those entrylevel types of positions or different ways to get Technical Training that leverage is their experience to move forward in that career field. So how could i also be a technical professional . So that does raise a second question but to recognize the to get ahead but so what else is available . And with culture and the apprenticeships . I being cyrus security gets of bad rap. Saudia going to tell me you cannot do today . That is where the field started we were not taking that and. And then to enable them from the beginning. So to raise more security aware in then to get out of that mentality. And with that defense side of that is fun and exciting. And thats my opinion on that. From the technical side you need to know enough of those fundamentals for what ever you talk about there is so much open Source Training right now that is the fundamental of how the Computer Systems work i kind of start there not even pursuing a certification but flirting will give you that technical background. From the of media perspective and with that is training with that our reach to speak about cyberand being related to media a little bit and user based training how we talk from that technical perspective in the way they can understand that and those to think different about it. So with federal and private i have seen both. And that is what comes to mind first. Almost every federal large organization. And somebody who could speak technical. No everybody look for the apprenticeships opportunities. With those print media as well as the online media opportunities. I o from dhs then the question that i have there are young people in the room , how do we teach them to be secure internally we talk about confidentiality of information but once they are inside the profession how we teach them to be secure and confident with in that . And they are leaving the field because they dont see people that look like them so what recommendations are to teach them to secure themselves first and they can maintain themselves . Thanks very much for holding this event and one to ask of questions out government service. We have a white house where there are senior officials that our ambivalent about the prospect of non anglo immigration into the United States and boasted about sexual assaults and with that government work force and cyber . But then to encounter the violin to extremism. And added super important so my question is talking about policy people with that policy background was zero. And how popular is the investment . And then to gain certain training. So talking to those Young Students and those who dont necessarily have a background of several security. And it is getting very popular. Has d you get into this field . Le with those nonprofit organizations and you can do that with the cybersecurity and with that trade background in the government and could take advantage and then to look at cybersecurity. So with that it is bought on to publish something and demonstrate your ability. If you send in those rare is a maze or applying the online cyberhas to show up somewhere so put it there or in the title of an article you have done. So maybe you dont have professional accomplishments yet but that will assure you are established and ready to enter the field. And juicy many policy people. And for your question i believe cyberis a nonpartisan issue. And then with the ability to recruit and hire i dont know. Because there is a lot of opportunity in that area where and to have that sureness of applications. We did nazi a decline than those that enable us to hire and i never saw a drop off. With it is saddled special is the official mentor or a leader it can be frustrating. But that doesnt have to be so overwhelming. And and actually began that conversation and there is safety in numbers that way. That is almost everything i would say if you are though one and only. Especially if is a good sense of your personal values. And you surround yourself outside of that environment with those critical assessments of you to help you develop. That is a great note to end so we are very fortunate in our guest will hang around for a little while. And then we will be hanging around for a little while. Also thank you very much to the panel. En touche, chile predict that incidently we just finished a partnership with Florida International university that are increasingly interested in private security and so for those of you who are not aware of it. But that is very much focused women in with that cybersecurity. And also helping with this event. Thank you very much to all of you. Thanks for being a engaged and thank you very much. [applause] [inaudible conversations]. Moy
comparemela.com © 2020. All Rights Reserved.