Career Notes 1.17.21
Ep 32 | 1.17.21

Ann Johnson: Trying to make the world safer. [Business Development]


Ann Johnson: Hi, I'm Ann Johnson, I'm the Corporate Vice President of Cybersecurity Business Development at Microsoft.

Ann Johnson: My family would tell you from the time I was very young, I was going to be a lawyer and I went to undergraduate and I ended up with a degree, a dual major in communication and political science with a minor in history, all with the intent of going to law school. I wanted to understand, you know, how the world worked, but I also wanted to make sure I could speak effectively. And somewhere over that summer, I just decided I didn't want to be a lawyer, which was like a shock to everyone, honestly. I said, you know what, I can go work, the magical, I can go work and then I'll go back to school.

Ann Johnson: So I moved to Los Angeles because I thought there would be greater career opportunity there and I really didn't have any idea what I was going to do. So I ended up in technology fairly accidentally. And I've never left, by the way, I walked into a room, at the time, there were computer stores and like retail malls and they were hiring a floor salesperson. And I said, well, I know I can talk to people and I know something about personal computers because I've used one. So I'm sure I can do this job. And literally, that is how the career started. So from there, I realized that I had a deep technical aptitude for technology. I did not go back to formal education, but I took every course and every certification that was available to me. Did some, like Cisco certifications and IBM certifications and Microsoft certifications so that I could learn the technology. Then I went on and ultimately ended up in cybersecurity because I became fascinated with public, public and private key infrastructure with PKI. So I actually started my cybersecurity career as a PKI architect and specialist. And from there it just grew as I learned all of the different things and ultimately ended up spending 14 years at RSA Security.

Ann Johnson: I get up every day and get to solve some of the world's hardest problems, and they don't even know they're being solved, and I work with a team of brilliant professionals for solving some of the world's hardest problems. We're helping make things as straightforward as their online banking transactions safe, right. Everyone can kind of understand that analogy. When I talk about online banking transactions, or I talk about you have your ATM card, it has a pin while we're doing that for all of your online type transactions. Whether you're shopping online, your banking online, we're trying to just make the world safer.

Ann Johnson: A lot of cybersecurity folks like me love to mentor talent that wants to come into the industry. I'll give you one example. Every year I sponsor, I personally sponsor, five people to attend Black Hat. And, I try to look at folks that are new in the industry or career changing or diverse, from some diverse background or transitioning from US military. I had people come to me and apply and then I choose based on those criteria. So find a good mentor. Attend SANS training, Black Hat, the RSA Conference. Try to attend the experiences and cybersecurity is a really broad and vast field. So decide what is interesting to you, Right. And you should develop, you know, you should have a lot of different fundamental knowledge, but develop some type of expertise, whether it's, you know, secure coding, whether it's antifraud, whether it's identity, but decide what it is you want to do and then work with a mentor or work with the entities that you're getting training from to really develop a career path via training.

Ann Johnson: I hope that the impact I have had in the industry is to do a few things. Number 1: bring more diversity to the industry. And like I talked about, for diversity is a broad spectrum. It's not just the man and woman type of diversity, but people from different backgrounds, educational backgrounds, socioeconomic backgrounds, global backgrounds.  Number 1, that's what I want to be known for. Number 2: bringing a human aspect to cybersecurity. Cybersecurity can be a very insular industry. I hope that the work that I've been doing and just changing the language of cybersecurity over the past 18 months is something that will have a long term impact. And the final thing I would say is that really, truly being empathetic to the end user experience, so truly changing the culture of the industry and being one of those change agents for the industry and developing tools and that are easier to use, easier to consume, is one of my big objectives. And that's really if I put it in those three dimensions, if I can accomplish those things, I will feel like I I've had an impact and a legacy that's worthwhile.