In the clear: what it's like working as a woman in the cleared community.
Jennifer Eiben: Thank you for joining us, I am Jennifer Eiben, Senior Producer of the CyberWire’s Podcast Network and Director of our Women in Cybersecurity Initiative. We're excited to bring you a new, special edition podcast today. Due to the pandemic we were unable to hold our annual networking event, but we still wanted a way to elevate the voices of women in the industry. In addition, making a podcast that's focused on women in cybersecurity is something I always really wanted to do. We are joined today by our partner, Northrop Grumman, who's been a long time supporter of the CyberWire's Women in Cyber events. Their talented diverse work force shows that their commitment to diversity extends well beyond the supportive events, it is evident in how they conduct their business. Northrop Grumman has many examples of women who excel and lead innovation in the cyber and technology arena, and we're excited to share the stories of three of those women today who are thriving.
Jennifer Eiben: On that note, I would like to introduce you to those who are joining me today. Kathleen Smith is a long time friend of the CyberWire, and especially our Women in Cybersecurity reception. She was there at the very beginning with me in 2014 when we held our very first event. Kathleen is the chief marketing officer for ClearedJobs.net, a veteran owned career site and job fair company for professionals seeking careers in the defense, intelligence and cybersecurity communities. Kathleen is serving as our moderator today.
Jennifer Eiben: We are also joined by three women from the front lines of cyber at Northrop Grumman, who will make up our panel. Ashley, an AI engineer, Lauren, a software engineer manager and Priyanka, a cyber software engineer. They will all share their experiences as women working in the cleared space at a global aerospace and technology company. And with that I'll turn things over to Kathleen.
Kathleen Smith: Jennifer, it's always great to be on a CyberWire podcast, and I join you in being very excited about having another opportunity to elevate the voices of women who are in cybersecurity, and women who are being innovative and taking on the leadership role to let people know that women can do anything in this world. I'm really excited about the fact that we are actually talking about women who are in cybersecurity careers that are also mission oriented, those careers that require security clearance.
Kathleen Smith: So, we're going to kick it off with our first question, which is, I would like each one of our panelists to share a bit about their career, and what inspired them to take the path that they did. So, first, I'd really like to kick it off with Priyanka. Priyanka, thank you for joining us this afternoon, tell us a little bit about your career and what inspired you to take the path you did?
Priyanka: Yes, thank you so much Kathleen. So, hi everyone, my name is Priyanka, and I just wanted to start off by saying that I am very, very excited to be here today, because I am a complete CyberWire fan girl. I have been following you guys for years, listening to your podcasts, reading your blogs, so it's actually very, very cool to be on the other side today.
Priyanka: As far as my background goes, I wasn't always this enthusiast who reads CyberWire daily briefings every morning as I sip my coffee, I was actually, quite honestly, the opposite for the majority of my life. So, throughout my childhood, as well as partially through high school, I was always geared towards subjects such as English Literature, Criminal Justice and Philosophy. So that kind of combination of subjects actually led me to want to pursue law for the majority of my life, and, really, my first real introduction to cybersecurity was actually through a small debate competition at my high school. They actually gave us a topic surrounding cyber-espionage, and I just remember being so fascinated by the topic, completely intrigued, and I would genuinely get excited to research the topic even months after that event had occurred. And, if anything, that genuine, newfound interest really led me to pursue cybersecurity in college as well.
Priyanka: So, when I'd gone to college I went to the University of Maryland, Baltimore County, and I ended up actually joining the Cyber Scholars Program at UMBC, which is a merit based scholarship, actually funded by Northrop Grumman. And its goal is to actually encourage students from all different kinds of backgrounds to join the field of cybersecurity. So that program, of course, gave me so many opportunities in cyber. I got to explore very many different areas of cyber, I got to meet so many professionals working at different kinds of corporations, still in the cybersecurity field. And one profound opportunity that the scholarship gave me was actually a foot in the door of Northrop Grumman. So my first ever cybersecurity role was a cyber-strategy intern at Northrop Grumman. I spent the summer looking at a lot of policy issues surrounding cybersecurity, and simultaneously I was actually working as a researcher in an AI and cybersecurity lab at school.
Priyanka: So, simultaneously both of those experiences kind of made me understand that I was really interested and felt the most comfortable on the engineering and science side of cybersecurity. So, from there, that's kind of where I am today, you know, I really wear three hats in the cybersecurity field today. The first, I'm a cyber software engineer at Northrop Grumman. Second I am also a PhD student in computer science at UMBC and the third, I am very, very passionate about cyber education. And, because of that, I am really lucky to have the opportunity to be a visiting lecturer at the University of Maryland College Park, teaching Internet of Things Security. Thank you.
Kathleen Smith: Wonderful, thank you so much, Priyanka. I always love hearing that people who get involved in cybersecurity come from a very different background, so I'm really glad that we kicked off with you first, because a lot of people think that they have to have a very technical background before they get into cybersecurity, when, in actuality, having diverse thought, having diverse experience, really adds a lot of value to our overall thinking process with cybersecurity, since it's actually changing on a daily, hourly basis.
Kathleen Smith: So, Lauren, thank you for joining us. I'm so sorry that your camera's not working, but I know we're going to hear some wonderful things from you. So, Lauren, tell us a little bit about you, and please share with us your career path and what inspired you to take the path that you did?
Lauren: Yes, thank you so much for having me. I'm Lauren, I'm a cyber, or a software engineering manager in Northrop Grumman, and I'm honored to be here talking with everyone today to share my journey as a cyber professional, what got me started and how that's launched into my own, personal passion of helping inspire and encourage other women to pursue this path as well. Our nation is in dire need of cyber professionals, there's simply not enough qualified cyber professionals to fill the pipeline, so I'm hoping I can shed some light on the fairly new career path and the importance of diversity to our overall success in the cyber domain.
Lauren: So, for me, growing up, I always had a passion for math, and I wasn't necessarily the student that got top marks in math every time, but I was a student that tried to solve every problem that I could in the textbook. I enjoyed the challenge of using what I was taught in class and applying that to solve more complex problems. So, when I first got to college I thought I was going to become a math professor or a math teacher. And, when when of the requirements as a math major is to take computer science, I had no experience and wasn't sure what to expect. But, I was very fortunate and I had a very passionate, female professor who was engaging, motivating and ultimately inspired me to pursue computer science in addition to math as a full time major. And from then on I was hooked.
Lauren: Later on I took a computer ethics course where I first learned about cybersecurity, and I was later accepted into the Cyber Scholars Program at UMBC that Priyanka also mentioned. The Scholar's Program is primarily funded by Northrop Grumman Foundation which enables success and promotes success for women in cybersecurity. And, from there, I was able to put my newfound skills and interests to work as a forensic analyst in UMBC's Department of IT, and that was my first time getting hands on experience with cybersecurity, where I was able to pass through logs, detect different illegally downloaded softwares on campus, and I was able to trace through and really get that cyber experience.
Lauren: From then I pursued different internships that would continue to give me experience and skill sets within the cyber workforce. I graduated and accepted a full time job as a cyber software engineer at Northrop. And, while at Northrop, I had opportunities to rotate to various programs so I could see how cyber applied to different missions and different domains. And, as I worked as a cyber software engineer, I also had the opportunity to lead and demonstrate a cyber offensive and defensive capability demonstration, and I recently transitioned to a software engineering manager for a space program.
Lauren: So, that's a little bit about me, but I'm looking forward to the conversation and the different questions and topics that we'll be talking about.
Kathleen Smith: Wonderful, thank you so much, Lauren, it was really great to hear your perspective on how you got into the career. Now, Ashley, tell us a little bit about you? I am very in awe that you did physics in college, because that is the one class that I failed at, miserably, and had to take it a second time. So, please tell us a little bit more about your career path and what inspired you to take the path that you did?
Ashley: Sure. Honestly, whenever at school I would tell people that I was a physics major, the reaction was generally something along the lines of, "Oh, I'm sorry that's happening to you," basically. But I loved it, and people didn't get me down, so if anyone's listening out there who is a physics major, keep at it, it's super-important. So, anyway, my name is Ashley, my current title is AI Systems Engineer here at Northrop Grumman, as Kathleen already alluded to I was a physics major. In college, all throughout high school, I always loved physics, I really excelled in my physics classes, and so when I was applying to colleges it really wasn't a question of what major I was going to have, I always put physics. But, I actually went to a liberal arts college, and so, we didn't have a lot of the same engineering CS kinds of opportunities that I know UMBC does. But I still stuck with physics, there was about six people in my class that graduated physics majors with me.
Ashley: Because we're a liberal arts school we have the option of actually doing a transfer and pursuing an engineering degree, after three years at our school, at a different school, and I actually adamantly did not want to do engineering, I specifically wanted to stay physics. I had some friends who transferred, and transferred to engineering, but I just adamantly stayed with physics, so I had never even considered being an engineer through any of my life. But then, I didn't really have something else in mind, and I happened to know someone who works at Northrop Grumman on the business side and she just encouraged me to apply to Northrop Grumman. She didn't have too much experience with the technical at all, but she thought it was a really great company just from the personality perspective and the company culture, and so she encouraged me to apply. So, my junior summer I did have an internship as a systems engineering intern with Northrop Grumman, and they offered me a full time position after that. I had really loved my experience with the company, especially that company culture aspect, and kind of getting my toes wet in that mission oriented kind of job, job culture, so I really liked it and I accepted the full time offer.
Ashley: I did start off at Northrop in a new hire rotational program that we have, which is called Pathways, and so my internship had been in systems engineering. My first rotation for the Pathways program was actually in hardware engineering in our sensors and payloads group, and it was kind of a more physics based group that designed some atomic based navigation sensors and I really had a fun time learning about that. But, the hardware in the lab was not necessarily the most comfortable thing for me. So, I ended up rotating into a group that is more on the data analytics side, a lot of people in my group are physics PhDs, and so kind of they accepted me in as a young physics bachelor student, or a graduate I guess. But yeah, really got into the data science aspect and really found that that was where I fit a lot better.
Ashley: Northrop Grumman actually has really started to push into the artificial intelligence realm. One of the things they have available to us now is called the AI Academy, and so I was one of the really early students as part of the Northrop Grumman AI Academy, and we got to take some classes online, and apply some of those techniques to things in our job. So I did go through that program, and also had the opportunity to work with some machine learning concepts on my programs. So after a while of kind of going through all of that, I did have the job switch from systems engineer to Artificial Intelligence engineer.
Ashley: So, that's where I am now and I am excited to see what else we talk about on the podcast today.
Kathleen Smith: Sounds great. So, audience, you can see I've had a lot of fun talking to these three amazing women and their career paths. I mean, yes, I took physics, I did biochemistry, but my career has been very different, and it's always great to see what people are doing nowadays to inspire their career.
Kathleen Smith: So, this is one of our first podcasts that really goes into careers that are cybersecurity that also require a security clearance. When we talk about cybersecurity, frequently we're only talking about the commercial component and not really about the mission oriented component, so, I really want our panelists to share with us why they considered having a career that required a security clearance. So, Lauren, can you kick that off for us?
Lauren: Sure. So, as I started to take more and more classes and learn more and more about cybersecurity, at the same time I was also meeting with cyber professionals. I realized that cybersecurity was for me, that's what I wanted to do. And with that, I understood that a majority of those positions would require a security clearance. But, because cyber threat is a new type of adversary that's extremely complex and ever-evolving, it was something exciting to me that I knew even if I had to get a security clearance for, it's something that I wanted my career to be in. So, going back to my roots and the girl that wanted to solve every math problem in the book, I knew I wanted to find a career that was just as challenging and engaging, and would help me solve even more complex problems, in fact, the nation's most complex cyber problems, and that was the dream for me.
Kathleen Smith: That's great, thank you Lauren, yes, a lot of people don't understand that, they think that jobs that require security clearance are actually really boring, or they're very rudimentary. But, actually, some of the more difficult challenges that are out there that don't have necessarily an economic ROI, those are the challenges that are out there that so many people go through having the security clearance to make sure that they can protect our country.
Kathleen Smith: So, Ashley, do you want to share with us a little bit about why you wanted to have a career that required a security clearance?
Ashley: Sure, yeah. I would say that I wasn't originally, you know, looking for security clearance specifically, but, when I started at Northrop as an intern, we were working on an unclassified program, so I did not need the clearance at that time. But, one of the things that I just really loved about the Northrop company culture was that connection to the mission, and whenever we're talking about the products that we produce or the programs that we work on, you know, we have a lot of interaction with the actual war fighters who use our products, and they really tell us about how much of a difference it makes for them and how much that they really couldn't do what they do without what we do.
Ashley: We've actually had a couple of times on our campus where we've had some Black Hawk helicopters fly to our campus and, like, land in our grassy area on our campus, and that's been, like, so cool, to have that interaction. So that was just one of my big take aways from being an intern, and I've actually had some family members who have served in the military, and so, I felt like it was a really cool way for me, even though I wasn't serving physically, I was serving in another way that's totally essential to the work that the war fighters are doing. So, the mission oriented aspect of all of this was really important to me and then, you know, with that does come the security clearance. A lot of times some people can work at Northrop Grumman without ever getting one, but for the most part it is part of the job. So, I was willing to get one.
Kathleen Smith: And we really appreciate your commitment to supporting the mission. So, Priyanka, you were a little bit more familiar with a career with a security clearance than other people. You want to share with us why you chose a career that required a security clearance?
Priyanka: I have, yes. So, I mean, just as Kathleen was saying, you know, throughout my childhood I had just a very limited exposure to what a clearance job could possibly entail. My father has actually been in the defense industry for over 30 years and has had more clearances than I can even count. But I remember growing up and he couldn't ever really tell us what he did at work, just apart from what his title was and that people's lives actually depended on the technology that he was building. And that, personally, always inspired me and that notion of doing really incredible and impactful work, but not even being really able to talk about it, definitely intrigued me, and it followed me as I actually went into the industry as well. And I think it's something that a lot of people can actually relate to if you have a clearance, right.
Priyanka: I think it was when I could actually tangibly experience what that culture felt like first hand, during my first role, that I knew that I wanted to stick with a clearance job. And although you have certain restrictions, like, of course, not being able to talk about the work that you love, and are super passionate about doing every day, you actually realize that it is quite an honor to be able to be put in that situation. I really do think people with clearances are part of the few people who actually define the saying, "Not all heroes wear capes," because it really is a special feeling to know that the technology that you develop in some remote, dark skiff actually has the potential to impact millions of people, all kinds of people, in this country, and even globally as well.
Priyanka: So, definitely you're impacting people from the war fighter to the special agent and to even potentially your small community at home. When you're in cybersecurity, particularly a clearance career, you really are protecting millions of people just behind a computer screen, which is just super fascinating for me.
Kathleen Smith: Well thank you. And thank you to all three of you for going through what you had to to get your security clearance and for taking on the mantle of mission oriented work. Not many young people are considering it, I can say young since I'm a little older than you all. It really is, it's a different culture, it is a different way of living your life and it is a different way of working your career. But, as you all three have said, it's a high honor and it's definitely something that you feel like you're committing to doing something to protect our nation's security. So thank you.
Kathleen Smith: So, obviously all three of you have some fantastic skills and education and experience and you could have gone into the commercial world. And, you know, we've touched on this a little bit with our previous questions, but let's delve a little bit deeper into it. What was it about the mission oriented work that excited you about selecting this career path? So, Ashley, when you and I were talking you were talking about how intrigued you were with some of the systems that you were working with, so, you want to tell us a little bit more about why you selected mission oriented work?
Ashley: Something that's just really different about these kinds of mission oriented systems versus the commercial systems is that they really do have to last for a long time in that in a lot of the commercial world they're replacing products every year, and if you have to totally redo something to make something that much better, it's kind of no big deal. Everyone buys a new phone every year and it's not that big of a deal and there's some really great innovation that can go on in that kind of realm. But, there's also a different kind of innovation that has to go on in the realm where these systems have to last for years and they're in really dire circumstances sometimes and they still have to last. Fore example, you can't just replace an entire airplane every year so you really have some constraints with that. But I think that it does lead to a lot of innovation that you just don't have to think about in the commercial world.
Ashley: So even though there are perhaps more restrictions in that way, I think that it leads to a lot of really cool innovation in seeing how to combine new techniques with those older techniques. And, I actually truly believe that you can get the best possible system when you are willing to use the best of traditional methods and the best of new methods. So, I find that concept to be really exciting and I like working on these systems that I know are going to have a lasting impact for years to come.
Kathleen Smith: You and I were talking about how you're a little bit more of a scientist, McGyver kind of thing, trying to figure out how to figure out these systems. I was also thinking about the movie Apollo 13, where they had to figure out how to save everybody with just a certain amount of duct work and wires and things like that. So, as you said, we have systems that have been put in place for 20, 30, 40 years, and the tax payers don't want us to just sort of wipe it clean and start new. We have to take what systems we have and be super-creative and innovative and I really commend you for doing that.
Kathleen Smith: Priyanka, you actually had the opportunity to interview with some of the big names in the commercial world. What was the difference between interviewing with a commercial company versus a government contractor? And why did you, after all of those interviews, really decide to move on into mission oriented work?
Priyanka: I really do love this question, because I do think that it communicates a very big and common misconception that a lot of people have about cybersecurity. That is that a lot of people think that the cyber field is the same as the defense field. But, you know, that's definitely not the case. People who have been in the industry are very familiar with cybersecurity, understand that every single industry that you can think of today is impacted in some way or another by cybersecurity. So you can literally have a cybersecurity job in any kind of industry. So leaving college, I knew that I wanted to work on mission oriented work, but I still took the chance and I interviewed at different companies just to see what it was like.
Priyanka: I actually had another small misconception too in that I thought that defense jobs, you were really working with super-old technology, you weren't working on cutting edge, but that is actually not the case, there's different sides of it. Even if you're working on a legacy system, like Ashley is, you could still work on very cutting edge problems, you can still introduce new technologies, but, if not, you know, that's a very different skill set, and, you know, it's still very interesting, it's still a very cutting edge problem. But when I interviewed at different places, like some banks and other technology companies, I actually realized that a lot of the skill sets that you learn about and use as a cyber security professional are actually the same across the board. So, my interviews with a bank, for example, were very, very similar to the cybersecurity interviews that I had at Northrop Grumman.
Priyanka: And, at that point, I really realized that it came down to just the end product, the end customer, and also the mission that you want to serve. I don't think it's enough to say that you want to go into defense specifically because of the quote, unquote, mission. Because when you're dealing with cybersecurity, you're dealing with some kind of mission at the end of the day. Whether you're a cybersecurity professional at a bank or whether you're a cybersecurity professional in the defense industry, the missions differ and I really do think it's what you're passionate about at the end of the day.
Priyanka: For me, personally, I really liked the end customer of the government as a whole, producing products for government contracts. And I also enjoyed and was thoroughly more passionate about the mission in defense rather than the mission of the commercial cyber world because I think the main difference is the mission. In defense you're really focusing on the lives of others on a lot of these programs, whereas if you're looking at the commercial side you're protecting people's personal data and you're preventing fraud. And some people are very passionate about that and that's what I think is great about the industry. But it really does come down to the preference of the mission and the customer at the end of it.
Kathleen Smith: Wonderful, thank you Priyanka. So, Lauren, with your math background, I'm sure there were many people who wanted to talk to you, as Priyanka was saying, the finance industry and various different industries. What was it about the mission oriented work that really impacted the career you selected, going into a career that required a security clearance?
Lauren: Yes, so, I guess a little history with me is that I've always been one that loves giving back. So, when I was little I was, even then, trying to figure out ways that I could collect goods to donate to the homeless or other groups and organizations, I was part of girl scouts leading those activities, I was just always looking for different things that was giving back and I found extremely rewarding. So, with cybersecurity, for me, working on things that impact, like Priyanka has mentioned, everyone's lives in different ways, from analysts to operators to just common communities of people. Having that impact in cybersecurity was really what inspired me and made me want to go into that work force instead of commercial.
Lauren: So, for me and my team, I know we come in every single day knowing how important the work that we're doing is, and that motivates us, and, at the same time, it's just such an awesome, rewarding feeling that you get knowing that you're protecting people from everyday hackers to adversaries that are impacting military operations. So, when I chose to go into the work force, I chose that mission and that reason for what I wanted to do and focused on that for my career path.
Kathleen Smith: Wonderful, thank you so much Lauren. So, what I have found interesting over the last nine years that I have been working specifically in the cybersecurity community, that we started out with cybersecurity being just one aspect of our community and it all of a sudden exploded into a whole different variety of ways that cybersecurity impacted retail, to hotels, to shopping, to defense, to a whole variety of things. So, what's interesting is that when we look at career paths that are cybersecurity, sometimes we're not really quite sure, is it a cybersecurity job or is it not. So, Lauren, can you tell us a little bit more, do you consider your job to be cybersecurity? Or is it a different discipline that just gets lumped into cybersecurity?
Lauren: So, this is my favorite question, and this is the hot question of the day. When I first started in my career, I thought you were only doing cybersecurity if you were actively researching in cyber exploits or reverse engineering malware. But, I've come to realize that there's so much more to that. So, from creating the infrastructure that cyber-analysts are using, to develop new softwares, tools and techniques for automated analysis, on the other side, supporting data management and also information security, there's just so many different skill sets and job titles that go along with that, that, for me, at first I wouldn't have considered that cybersecurity, but, as I'm growing along in my career path and understanding more and more about cyber, I consider that to be under the umbrella of cyber security.
Kathleen Smith: Wonderful, thank you. Now, Ashley, how about you? I mean, as you and I were chatting earlier, are you really doing cybersecurity? Or is it just something that's sort of just brushed underneath the umbrella of cybersecurity? What's your view point on it?
Ashley: Sure, yes, so, as I've said already, my title is AI Systems Engineer, and I do think that there's a lot of misconceptions about what, quote, AI is and I think people should widen their view of kind of what that means. I personally don't consider myself to be in a cybersecurity specific role, but I use a lot of the skill sets and the types of code and techniques that an AI engineer might use on a cyber platform or something more specific like that. But I don't personally consider all of AI to necessarily be related to cyber.
Ashley: The way that I ended up in the AI track is that I think that my physics background, and trying to just really understand the firm first principles of what is going on, is a really important mindset to have when thinking about AI. And rather than just saying, oh, we trained a network and this is what it said and we're going to move on now, we actually want to try to think about what's happening and just figure out why you're seeing what you're seeing, what did you expect to see, how do we explain it more. So I think that that physics mind set kind of brought me into AI from that end goal. I know different people are coming into AI from different angles. Anyway, that was maybe a little more confusing than it needed to be. So I think that it's just a wide umbrella of all this stuff that people might think.
Kathleen Smith: Yes, I'm really glad that you're defining exactly how you're integrating cybersecurity into what you're doing, and how they're complimentary, how it can be integrated, how it can support, because, I think as we grow in our careers we're going to find that cybersecurity just is prevalent wherever we are. And it's really great that we're bringing in all of these disciplines, English Literature and Physics and Math into forming how we handle and how we tackle these challenges. So speaking of careers and career challenges, there's a vast array of types of technical engineering and security types of jobs that didn't even exist five years ago because career paths are changing constantly. How do you keep on top of all the advances to keep current with your job? Ashley, you want to kick it off for us?
Ashley: So, I'm speaking specifically in the area of AI, but we have two things probably at work that have helped me most to kind of stay as much on top as I can. As you said, it's really impossible to read every single new study that's out. For one, our group does a every other week machine learning algorithms reading club, where someone will suggest an AI paper to read and everyone will read it, and then we have a group discussion. So this gets people from all different kinds of backgrounds at work, whether it's physics, CS, electrical engineering, software, coming together. All these different people suggest different articles to read and it really helps all of us keep more appraised at what's going on and what is going on in the areas that we might not specifically be involved in ourselves.
Ashley: The second thing, so we've got all UMBC on the call today and I actually have a research collaboration project with some faculty and students at the University of Maryland County, Baltimore County, and they have been really great to work with. I really enjoyed talking to them and they have really helped me be aware of a lot of the new technology coming out and a lot of the papers and methods that are coming.Then the challenge then for me is to think, okay, here are all these new things coming out, some really great ideas, but how do I apply it in a mission oriented situation where perhaps the restraints aren't the same or the exact goals aren't they same? How do we take these new ideas and kind of switch them around so that we can apply them in the work that we do? And that's what I've been working on with them for the last almost two years now. So that's been a really awesome opportunity to collaborate and learn from people in the academic world as well.
Kathleen Smith: That's really great, it's really nice to have those partnerships that are out there. So, Priyanka, I know you shared earlier that you're a fan girl, but what are some of the other ways, given that there are so many different jobs that are out there, technical engineering, security, it's really hard to keep up. How do you keep up and stay current with your job?
Priyanka: So it's definitely something that we all struggle with. I definitely resonate with what Ashley was just saying right now, in that there is just so much out there, it's literally impossible to keep up-to-date with every single new innovation, every single technology that's being impacted by the industry. So, one thing that I really like to do I love CyberWire and I've been listening to CyberWire for years now, and I read the daily briefing. I also look at Krebs on Security, which is a very popular resource if you are interested in security, learning more about it, they post nearly daily. You can learn about different exploits, you can learn about policy issues in the field currently and that general knowledge is actually really, really beneficial. I would even argue that sometimes it's even more beneficial than keeping up with some of the technical skill sets, to a certain extent, because as a PhD student and a cyber software engineer, I obviously have to make sure that my skill set is continuously sharpened.
Priyanka: But, what I really do is I make sure to keep up with the general news and if there's anything particularly interesting or specifically relates to my job, I'll go and try to see if that malware that they were talking about, if that code is available publicly. I'll make sure to look at it, I'll make sure to learn about things that I'm actually working on, or that I'm interested in working on in the future. But I really do think keeping up and reading these blog posts every day, or listening to podcasts like CyberWire, that knowledge, that education, builds over time. You may not feel it the first few days you're reading an article, but, I kid you not, I would be at work sometimes, completely unrelated to some article I read maybe months ago and it'll just come back to me as part of the conversation and it'll be a key element in solving the problem.
Priyanka: And it's not like I had like a technical expertise in that area, but I had read several articles on it in the past. And by no means do I have an amazing, impeccable memory, but I think you train your mind over time and I think reading is just a really great way. So that is my number one tip.
Kathleen Smith: So, one thing that I've really enjoyed in the security community is the number of conferences that are out there that are just community based. I mentioned in my conversations with all of you that I also volunteer at several Security BSides conferences where practitioners get together and share their latest exploits and share how they overcome challenges. I really think that that's one thing that I love about the security community, is that there is this sharing of information, there is this supporting of each other becoming better at our job. So I really commend you all for keeping up on that.
Kathleen Smith: So, what's interesting is anytime you look at a career study, they will talk about how the technical skills are really important, but there will also be the complimentary how important the soft skills are. As cybersecurity is becoming more of the boardroom, it is more part of the leadership discussions, it is more part of how we operate day to day, we all need our technical skills to be complimented by really good soft skills. So, Lauren, what are the soft skills that you find most important in performing in your position?
Lauren: For me and my team the two most important soft skills are teamwork and communication. I'm not sure who said it, but someone once said, "If you want to go fast go alone, if you want to go far go together." And I think with all of our missions we want to go far and we want to create the best lasting solution with that we possibly can. And for that you need a strong team and you need teamwork. In addition to that you need solid communication between those teams, so making sure that everyone's willing to work with one another in order to find the best solution in the quickest time that you can and get that out so that it's making an impact on other people's lives as soon as possible.
Kathleen Smith: And Priyanka, what about you? You've looked at so many different components of cybersecurity, what are the two soft skills that have really been very important for you?
Priyanka: Similar to Lauren, one is definitely communication, but the other one that I think is also very, very important is open mindedness. And I think, in my experiences, those two go hand in hand. So first with open mindedness, I really do think in cybersecurity you shouldn't limit yourself to, one, what you know, and you shouldn't pass a judgment onto others. You should always be unbiased in your research, your engineering, your skills, to really dive deep and figure out what the root of the problem is. You should be open minded, and not with your own thought process but with others as well, otherwise you can miss a very important, key piece of information that brings you to the root of the problem.
Priyanka: So, as Lauren was saying team work makes the dream work and I think everyone's unique perspective, everyone's research, will come together and you can take all of those helping blocks in order to solve the problem. A lot of times, with these challenging problems that we all work on in a cleared space, it doesn't take one person figuring it out, it takes multiple conversations with your team, even other teams, to really figure out what to do next, what the next steps are. So, communication, open mindedness, definitely go hand in hand together.
Priyanka: The other thing I will say to you is to communicate when you don't know something. That also goes with the open mindedness. Don't assume that you understand the way to solve it, because maybe in the past you solved it a certain way, but maybe your team mate has a better way of doing it. So, be open minded, admit if you don't know something, because you don't want to ruin a mission because you're too embarrassed to communicate that you don't know something or you're too scared to communicate it.
Priyanka: I think the great thing, at least in my experiences in the defense industry, people encourage you to speak up when you don't know something and that reduces a lot of confusion, it reduces a lot of human error, and it ensures that we put forth the mission that we promised to the country. So, definitely those two.
Kathleen Smith: Wonderful. Well, I really want to thank Ashley, Priyanka and Lauren for joining me today for Creating Connections for the Women in Cybersecurity's special edition of the CyberWire podcast. It has been my honor to work with each one of you to learn your stories, to be able to share your stories, and I want to thank CyberWire and Northrop Grumman for bringing these stories to the community. Jen, back to you.
Jennifer Eiben: Thanks Kathleen. I just want to echo your thanks, I want to thank you, Kathleen, for moderating our panel with your thoughtful questions and your meticulous preparation. I want to thank Ashley, Lauren and Priyanka for sharing with us your backgrounds and experiences working in the cybersecurity space at Northrop Grumman. I have a note to share from Northrop Grumman, the cyber landscape is constantly evolving, creating new challenges and opportunities to defend against sophisticated attacks. At Northrop Grumman they solve the toughest problems in space, aeronautics, defense and cyber space to meet he ever evolving needs of their customers worldwide. Everyone is a contributor and every day is an opportunity to help defend our nation and our allies. Their 85,000 employees define possible everyday, using science, technology and engineering to create and deliver advanced systems, products and services. You can visit their careers page at ngc.com to learn more about joining them and these wonderful women that you've met today.
Jennifer Eiben: I want to personally thank everyone who helped us put this together, and I'm going to thank you for spending your time with us. As Priyanka said, please check out the CyberWire's network of podcasts and newsletters, including our Women in Cyber Newsletter, Creating Connections. It's free to subscribe. You can find us at theCyberWire.com. Thank you all so much.