CyberWire Daily - Dwayne Price: Sharing information. [Project Management] [Career Notes]
Episode Date: July 4, 2021Senior technical project manager Dwayne Price takes us on his career journey from databases to project management. Always fascinated with technology and one who appreciates the aspects of the busines...s side of a computer implementations, Dwayne attended UMBC for both his undergraduate and graduate degrees in information systems management. A strong Unix administration background prepared him to understand the relationship between Unix administration and database security. He recommends those interested in cybersecurity check out the NICE Framework as it speaks to all the various different types of roles in cybersecurity, Dwayne prides himself on his communication skills and openness. We thank Dwayne for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
Hello, my name is Dwayne Price.
I'm a senior technical project manager specializing in cybersecurity.
I've always been fascinated by the technology field.
So when I decided my major at undergraduate school at UMBC, it was always information systems management.
I like the aspects of the business side of computer implementations.
A few years later, after obtaining my undergraduate degree, I received an advanced degree in that same specialization. It's always been a part of me, and I just enjoy that the
technology changes, and you can never know enough at any given point in time.
I had an opportunity to do what's known as a cooperative education experience while I was in
college. I really got a chance to sit down with
professionals in the field. And one of the areas that really gravitated to me is around database
security. After understanding what Unix administration was and being trained in that
area, I naturally gravitated to doing database administration. That was kind of, I think,
my foray into security, particularly as it relates to database systems.
That was kind of, I think, my foray into security, particularly as it relates to database systems.
So my first job out of college was at the U.S. House of Representatives in their information systems department.
And I was hired as a programmer.
Due to a reorganization and opportunity became available to me, I was able to move into system administration role. And then from that system administration
role, along with additional programming, I was eventually able to move into Unix administration.
In order to be a great database administrator, understand database security, you have to
understand the platform that it sits on. And back in the day, the primary platform was Unix
administration. So having that strong Unix administration background really prepared me to understand the relationship
between Unix administration and database security.
Day-to-day, it's about projects focused around enhancing or increasing the cybersecurity
capabilities at the company that I work with. For example, right now, many of the projects I focus on focus on data security as it relates
to data loss prevention, database activity monitoring, everything around securing data,
whether it's what's known as data at rest that is sitting or data that is in transit
or data that is in use.
One of the things I try to explain to people, there's this document that was
down by the National Institutes of Standards. It's called the NICE Framework. It speaks to all the
various different types of roles as it relates to cybersecurity, whether you want to be a SOC
analyst, whether you want to do a project manager, whether you want to do threat and vulnerability
management. I tell people to look at that NICE framework and identify what are the roles attracted to you.
And in that document, it speaks to the competencies, the training, any applicable certifications that would be great to earn as you look to specialize in that area.
One of the biggest opportunities that was made available to me was really out of accident. About 10 or 11 years ago, I was having one of these 360 assessments done by a third party where you go to executive education. I can tell you're very good at talking very technical subject topics with technical people. Have you ever thought about being an adjunct professor part time?
And I was like, no, I have not.
But see, you know, that would be very good practice for you to explain technical concepts to people that don't necessarily know what you're talking about.
So move ahead 10 or 15 years.
I've been an adjunct professor part time.
I can turn it on, turn it off.
I think that's really strengthened my communication skills, particularly explaining technical subjects to very non-technical people.
I do have those mentors now, but I think having them sooner, earlier would have propelled me much
faster. So that's definitely something I would tell the younger version of myself,
seek mentors in the industry sooner rather than later.
One example that comes to mind is I was working at this Fortune 500 company and there was this one woman that she taught me the value of understanding your gut.
So I had a feeling about her that she was very approachable.
She was very happy in organization, but I ignored my gut.
And I spoke to her after I left the organization and she actually became a great mentor to me after.
And one of the things great mentor to me after.
And one of the things she explained to me is, Dwayne, you have to understand what your gut is telling you and always go with your gut.
So that's probably one of the great pieces of life is understanding your gut.
One of the things I want to be able to leave, and it's really based on the experience that I had earlier in my career.
When you learn something new about a technology or a capability, no one like to share that information.
I said, you know, if I ever get in a position of being a supervisor or a senior technical person in a field,
I'm going to make it my purpose to share information with people.
Don't keep it to myself. So one of the things I pride myself with is sharing information with people.
And I think it's much appreciated because me sharing it doesn't devalue what I know.
If I can share it with you, it can help the team. It can help the organization. So
just being someone that shares information, whether I go to a conference or I've read a
great book or any, I've read a great article, it's just sharing that with people.
Cyber threats are evolving every second and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach
can keep your company safe and compliant.