CyberWire Daily - Camille Stewart: Technology becomes more of an equalizer. [Legal] [Career Notes]
Episode Date: November 29, 2020Cybersecurity attorney Camille Stewart shares how her childhood affinity for making contracts pointed to her eventual career as an attorney. Having a computer scientist father contributed to Camille's... technical acumen and desire to include technology in her life's work. Camille has worked various facets of cybersecurity law from the private sector, federal government, on the Hill and in the Executive Branch, and now as part of Big Tech as Head of Security Policy and Election Integrity for Google Play and Android where she creates policy geared towards making sure users are safe on their platform and equipped to make informed decisions.. We thank Camille for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Hi, my name is Camille Stewart, and I'm a cybersecurity attorney.
I used to make my parents sign contracts when I was a kid.
So I always knew I wanted to be an attorney.
They would make promises about grades or anything really.
And I would grab a piece of paper and I'd outline the terms,
make my sister witness it and make them sign it.
So I always knew I wanted to be an attorney.
On the other side of that, my dad's a computer scientist.
So I grew up tinkering with computers and technology
and sitting in the back of his computer science class
that he taught at the local community college.
So I also had an acute interest in technology
and technical acumen pretty early.
So I didn't know how I would put those two things together,
but I knew I had to be an attorney
and I knew technology
would play some kind of role in that. So I went to law school at American University because
I liked the international program, but also I was going to work in the intellectual property
law clinic, or at least I aspired to, which ended up happening. I thought maybe I would protect people's technology if I couldn't actually be technical and be a lawyer. And after law school,
I was recruited to Cyvalence, a cybersecurity company that focuses on open source threat
intelligence. So after I spent five years or so at Cyvalence, I went to the Department of Homeland
Security and the Obama administration in the Cyber Infrastructure and Resilience Policy Office.
And that was a great opportunity to really dive in on more of the international work,
but also a lot of the really pressing issues that had a private sector tie.
So encryption, cyber export controls, healthcare, cybersecurity, and election security.
cyber export controls, healthcare cybersecurity, and election security.
After that, I went to Deloitte so that I could continue the work that I was doing in the department, but from the outside. So I was a consultant. So I was a security and privacy
consultant for DOD and DHS. While working at Deloitte, also I was doing some research for a think tank.
I had spent some time on the Hill
before I started my legal career.
And so I kind of felt like I had done small tech
at Cyvalent, which was like my foreign private sector.
I had done the federal government,
both from a Hill perspective
and an executive branch perspective.
I'd done this research work
and I felt like the last piece of the puzzle to really be able to speak holistically about law and policy issues related to cybersecurity and technology was to go to big tech.
To have a full understanding of how big tech is looking at these issues and as it increasingly becomes a player in even our governance structures and has a say in how many of the issues that
we are looking at, which are so big, privacy, supply chain management, cybersecurity in
general.
I had to understand what these companies were thinking about as they made these decisions, how the expertise was embedded in the organization, etc.
So I started to look at big tech companies to transition to and ultimately decided on Android and Google Play, where I'm the head of security policy and election integrity now, because Google Play and Android seemed like that small tech environment within this broader tech ecosystem.
I represent the user. I create policies and advocate to teams in the best interest of the user internally. So the policies that I write and the strategies that I lead are all geared towards making sure our users are safe on our platform and equipped to make informed decisions.
Create your own lane. Every experience that you've had is valuable and has some bearing on
the work you plan to do and the place you find yourself next. Especially in cyber, it is a
multidisciplinary industry and requires the expertise of folks across the spectrum, whether
it's social sciences or technical acumen, law, policy, etc. All of those things are beneficial,
essential to solving these really complex problems.
So I encourage folks to use all of their skill sets to address these complex issues
and to do the work to bridge the gap on the technology.
That part's easy, but those soft skills you have
or that background expertise are all things
that will help us solve these complex and ever-evolving challenges.
that will help us solve these complex and ever-evolving challenges.
I want folks to look at my work and say, she was able to empower and to create a generation of informed citizens
that can actively engage on their security and privacy.
Understanding how technology works, what its limitations are, how it plays in societies,
how it plays out in the lives of people, and being able to make informed decisions about how you engage is how technology becomes more of an equalizer.
And I just, I want to play a part in making that possible.
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me. I have to say, Delete.me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done.
Take control of your data and keep your private life private
by signing up for Delete.me.
Now at a special discount for our listeners.
Today, get 20% off your Delete Me plan when you go to joindeleteme.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to joindeleteme.com slash N2K and enter code N2K at checkout.
That's joindeleteme.com slash N2K, code N2K at checkout. That's joindelete me.com slash N2K, code N2K.