Women Reshaping The Cybersecurity Industry
May 3, 2023
This article by David Leichner was published on medium.com on May 2, 2023.
The cybersecurity industry has become so essential and exciting. What is coming around the corner? What are the concerns we should keep an eye out for? How does one succeed in the cybersecurity industry? As a part of this interview series, we had the pleasure of interviewing Dr. Ashley Podhradsky.
Dr. Ashley Podhradsky is the Vice President for Research and Economic Development at Dakota State University (DSU) and is a member of the First Bank and Trust Board of Directors. In addition to her academic and professional work, she has a strong passion for increasing gender diversity in cybersecurity. She is the co-founder of CybHER, a cybersecurity outreach program that has reached thousands of people from K-12 to college age and beyond.
Thank you so much for doing this with us! Before we dig in, our readers would like to get to know you a bit. Can you tell us a bit about your backstory and how you grew up?
Growing up in a small town in South Dakota instilled in me a strong sense of competitiveness and drive to succeed. I graduated with a class of approximately 60 students, and throughout school, I actively participated in several extracurricular activities, including the marching and concert bands, softball and basketball teams, track and field, and the computer club.
Is there a particular book, film, or podcast that made a significant impact on you? Can you share a story or explain why it resonated with you so much?
“Code Girls” by Liza Mundy has made a significant impact on me. She tells the story of women who were recruited from colleges and universities across the U.S. during World War II to work as codebreakers, cracking enemy codes to acquire valuable intelligence for the war effort. Their experiences are a testament to the intelligence and perseverance of women and highlight that even if you may be overlooked, you can still make valuable contributions.
Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.
Seeing and experiencing the absence of women in leadership positions in this field was my motivation for earning my master’s degree. I was also inspired by the idea of helping people. I wanted to help others understand not just what was wrong with their computer or system, but why, and the impact of their decisions.
Are you working on any exciting new projects now? How do you think that will help people?
I’m currently working on a project that is analyzing malware with ChatGPT and how people are conducting static analysis. We’re using AI to help analyze and understand the binaries in the malware and understand what it was designed to do.
Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry seems so exciting right now. What are the 3 things in particular that most excite you about the industry? Can you explain or give an example?
Right now, I’m most excited by AI, ethics, and cybersecurity investigations. I’m particularly interested in understanding the implications and outcomes of the combination of the three, specifically the biases that are integrated into AI, machine learning, training, and response.
What are the 3 things that concern you about the Cybersecurity industry? Can you explain? What can be done to address those concerns?
I am as equally concerned as I am excited about AI and ethics. I’m also worried about the speed of technology development and adoption, like Snapchat’s new AI bot and how AI is being integrated to the app.
Another concern is the training and response of AI machine learning. Although it excites me to learn more, this concept can be extremely dangerous. For example, an autonomous vehicle’s data could be poisoned to change the coding and apply acceleration in replacement of the brake. This could be extremely harmful and we’re still researching these implications.
Can you share how you are helping to reshape the cybersecurity industry?
As the founder of CybHER, I am proud to be reshaping the cybersecurity industry by promoting gender diversity and providing opportunities for the next generation of cybersecurity professionals. CybHER is an organization for school-aged girls and young women interested in STEM and technology with the mission of empowering them to pursue careers in the industry and make significant contributions to the field.
Through our work, we have impacted the lives of over 40,000 youth over the last several years by providing them with hands-on experiences and education in cybersecurity. We have also raised significant funds and resources to provide jobs and scholarships to women studying cybersecurity.
It is particularly rewarding to see the progress of students I met while they were in middle school. Many of them are now working women in cybersecurity, and it is inspiring to see how they have taken the knowledge and skills they gained through CybHER and applied them to their professional lives.
As products, devices and vehicles become connected, this is creating a new and emerging threat vector. How do you think manufacturers and their customers should prepare to be as safe as they can be?
To be as safe as possible, data privacy is critical and must be at the forefront. For example, Terms & Conditions should be clearer, and customers must be more aware of tracking ads and super cookies. Additionally, manufacturers need to integrate cybersecurity measures and prioritize cybersecurity above functionality or other operational details.
Can you share a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?
I have ten years of experience in digital forensic investigations and was part of a response team for a nationwide restaurant organization that was attacked by a Russian hacker group. In this situation, data was exfiltrated from the organization’s networks, and customer data was obtained and compromised. The biggest takeaway for me was how our teamwork was essential to stop the breach and prevent others.
As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a layperson can see or look for that might indicate that something might be amiss?
- Reduced Computer Performance: If your computer is running considerably slower than usual, it could be a sign that it has been infected with malware. Malware uses an abundance of system resources that can cause your computer to become sluggish and unresponsive.
- Unusual Account Activity: If you notice that your email or social media accounts are showing signs of unusual activity, like unrecognized logins, changes to account information, or messages being sent from your account, it could be a sign that it has been compromised. To protect against this, ensure you are using two-factor authentication or multi-factor authentication on all your accounts. A password manager is a helpful tool, too.
- Suspicious Emails or Messages: If you receive an unexpected email or message, especially from someone you don’t know, it could be a phishing attempt. Phishing is a type of social engineering attack where the attacker tries to trick you into revealing sensitive information, such as your login credentials or financial information. Remember, your mobile devices are also susceptible.
After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?
- Containment: The first step is to contain the breach and prevent further damage. This involves isolating the impacted systems or networks, disabling compromised accounts, or taking other steps to prevent the attacker from accessing or exfiltrating additional data. Companies should be aware of the data breach notification laws in their state and report the incident to authorities and their state’s consumer protection office.
- Eradication: Companies should investigate the breach to determine the extent of the damage and identify the root cause. This can be accomplished internally or with the help of external partners. Investigations can help with remediation efforts and may also be necessary to comply with breach notification requirements. If companies have cybersecurity insurance, they should contact the provider once they have confirmed an incident. Insurance providers may also require certain conditions to satisfy their policy requirements.
- Recovery: Companies should also take steps to improve their security controls to prevent future breaches. This could involve implementing additional security measures, such as multi-factor authentication or encryption, conducting regular security audits and risk assessments, and providing ongoing cybersecurity training for employees.
- Learn from the Breach: Finally, companies should take the opportunity to learn from the breach and use it as a teachable moment to improve their overall cybersecurity posture. This may involve conducting post-incident reviews, identifying areas for improvement, and implementing changes to prevent future incidents from occurring.
What are the most common data security and cybersecurity mistakes you have seen companies make? What are the essential steps that companies should take to avoid or correct those errors?
- Using Default or Weak Passwords: Many companies make the mistake of using default or weak passwords for their accounts and systems. This can make it easy for attackers to gain unauthorized access and compromise sensitive data all through a simple Google search for default passwords. To mitigate this risk, companies should implement strong password policies, such as requiring complex passwords and enforcing regular password changes. Adopting a company-wide password management tool is also a helpful strategy.
- Forgetting to Remove Accounts with Turnover: Employee turnover is common, and companies must remove accounts and access privileges for employees who have left the organization in a timely manner. Failing to do so creates an opportunity for attackers to gain unauthorized access. Companies should establish a formal account management process that includes regular reviews of access privileges and the removal of unnecessary accounts.
- Not Keeping Systems Patched and Updated: Many companies may fail to keep their systems and software current with the latest security patches and updates. This can leave them vulnerable to known vulnerabilities that attackers can exploit. Implementing a robust patch management program that includes regular patching and testing of critical systems is the most effective way for companies to maintain secure systems.
- Overlooking Vulnerabilities with Remote Access: Companies may also overlook the security risks associated with remote access, such as through VPNs or RDP. To mitigate this risk, companies should implement strong authentication and access control measures for remote access, such as multi-factor authentication and network segmentation. Allowing necessary access is fine, but they should ensure they are logging access to monitor for unusual or atypical patterns. Additionally, since vendors often require temporary access for setting up systems, companies should ensure that access is removed when it is no longer necessary.
- Not Prioritizing Employee Cybersecurity Training: Companies may fail to provide foundational cybersecurity training and awareness programs for their employees. This can leave employees vulnerable to social engineering attacks and other types of phishing attempts. Regular employee cybersecurity training is critical for raising awareness about the latest threats and attack techniques.
Thank you for all of this. Here is the main question of our discussion. What are your “Five Things You Need To Create A Highly Successful Career In The Cybersecurity Industry?
- Communication: Effective communication is important for building relationships, establishing trust, and coordinating efforts to detect and respond to threats. Strong communication skills help convey timely and accurate information to best support an organization’s cybersecurity posture.
- Teamwork: In the cybersecurity industry, effective collaboration with different stakeholders is key, including colleagues from different departments, clients, and vendors,. Developing collaboration skills can help with relationship-building and teamwork, which are essential for tackling challenging cybersecurity issues.
- Curiosity: In cybersecurity investigations, there are few things better than a curious and inquisitive mindset. This way of thinking helps professionals stay ahead of potential threats and vulnerabilities, find the data they are seeking, encourage life-long learning, and help with problem-solving.
- Hands-on Experience: There is no substitute for experience in cybersecurity. Experience helps professionals develop technical skills, problem-solving abilities, and an understanding of real-world threats and vulnerabilities.
- Perspective: There are many things in the cybersecurity field that can cause angst and stress. Successful cybersecurity professionals must remember to be calm, maintain focus, and make effective decisions.
We are very blessed that very prominent leaders read this column. Is there a person in the world, or in the US with whom you would like to have a private breakfast or lunch, and why? He or she might just see this if we tag them :-)
There are so many talented women in cybersecurity, but I would want to have a private dinner with Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA). Jen’s background with the U.S. Army, Morgan Stanley, and National Security Agency (NSA) is remarkable, but what she is doing with CISA is extraordinary. CISA is very forward-looking and nimble to industry needs and moving the needle on partnerships between private companies and the U.S. government.
Thank you so much for these excellent stories and insights. We wish you continued success in your great work!