Kiersten Todt: Hi, my name is Kiersten Todt, and I'm the managing director of the Cyber Readiness Institute.
Kiersten Todt: One of the things that was both exhilarating and created some awareness for me was the power of people to make change at the state level. And, you know, when I came to work in the federal government, I think what always struck me as well, particularly when I was working on the Hill, was that, again, it was the choices and the decisions of individuals that have impact.
Kiersten Todt: I went up to the Hill to work for Senator Lieberman as his economic policy adviser at the time. And the Governmental Affairs Committee at the time was truthfully one of the more boring committees who did post office namings, some appointments of positions that you're not really familiar with. And it was this very interesting point of gut where, you know, on the on paper, it didn't look interesting to me. And I had actually just been offered a job in the private sector on urban development, which I love. But something in my gut said to take it. And my first assignment for him was to do a hearing on critical infrastructure protection that was scheduled for September 12th, 2001.
Kiersten Todt: So 9/11 happened on that Tuesday, and we got on the phone. Senator Lieberman, his staff director, and a couple of us who are working on the hearing and he said, I want to go through with it. And so we were the only hearing on the Hill on September 12th.
Kiersten Todt: And it was a very different hearing because we were supposed to have witnesses flying in and we just had two witnesses who could get to the get to the Capitol. And in that hearing, Senator Lieberman turned to two of us and said, we need to look at having a Department of Homeland Security, which does not sound as foreign now as it certainly did then. No one was even using the word homeland. Long before the TV series, long before anybody was looking at it. And so I ended up working on the legislation to create DHS from September of 01 to November of 02, right up until President Bush came out with a counter to the DHS proposal in June 02. And then I began working with them and collaborating on that legislation and worked on drafting the cybersecurity infrastructure protection, bioterror and R&D directorates for DHS.
Kiersten Todt: So working on that legislation, I became involved in cybersecurity and risk management and emergency preparedness. And I moved out to California and worked with the governor's office on that and then began getting more involved in cybersecurity as the intersection with physical security. So as I was looking at risk management and emergency management and homeland security from a physical side that quickly merged in over a couple of years with the inextricable link between cyber security and physical security. From there, I started my own company looking at cyber and risk management and was brought in to work on the NIST cybersecurity framework and then in 2016 was asked by President Obama to run his Commission on Enhancing National Cybersecurity.
Kiersten Todt: And following that work, several of the commissioners and myself launched a nonprofit called the Cyber Readiness Institute, the mission of which is to convene senior leaders of global companies to provide free tools and resources for small businesses. And so that is what is currently taking up my day to day is being able to provide tools to small businesses in cybersecurity, recognizing that they are components and critical components of global value chains, and we have to do more to help them.I think what's important to remember about cybersecurity and policy and where these issues are is that the two critical elements to them are it's about problem solving and building solutions. And what that means is that's a pretty interdisciplinary field. And so what I would encourage individuals who are interested in this space to look at for themselves is recognize that there are a lot of skillsets and capabilities that are relevant to cybersecurity. And historically, we haven't done a great job of attracting the diversity of skillset. We tend to think it's about, you know, science and technology and engineering, but sociology, psychology, history, politics, all of these aptitudes are really critical to cybersecurity. And so being honest with yourself about what your aptitudes are and then being able to feature them and position them as opportunities for building out innovation in this space. I would always encourage everybody to any individual to to go after what you really want to do. Don't waste time going after what you think you can get because you're worried about rejection or not being able to achieve it. I think what I have learned I'm I'm a big fan of cold calling. I'm not sure that it still is an effective tool. But I've gotten some of the most interesting jobs by picking up the phone and cold calling. As long as you can handle the word "no," it's always worth going after what you want. Because I think that in and of itself creates enthusiasm and interest and energy in yourself to figure out what makes sense. And I think sometimes as humans, we tend to self select ourselves out of opportunities. But I would encourage everyone to any person to really go after what they're most interested in or at a minimum, talk to the people who have the roles that you aspire to have or to achieve.