CyberWire Daily - Gabriela Smith-Sherman: Thriving in the chaos. [Cyber governance] [Career Notes]
Episode Date: March 5, 2023Gabriela Smith-Sherman, a former Federal agency CISO with over 15 years of experience in leading and implementing comprehensive enterprise cybersecurity programs and initiatives, sits down to share he...r journey. She is a U.S. combat disabled veteran who understands the importance of mission and is dedicated to delivering high-quality results and value to customers through innovative solutions. Gabriela shares about her time in the military and how her being apart of the service was one of the best decisions she made and dedicates all her hard work to her time in the military. She also shares how it was tough getting out of the routine of the military and being a civilian now was a hard transition, but she says that she thrives in the chaos of the IT world and that the military helped her to prepare for the cyber industry. She said "I think my military experience has prepared me, uh, to be in those kind of chaotic positions and be very calm about the approach." We thank Gabriela for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
Hi, my name is Gabriella Smith-Sherman,
and I am the director of the Governance, Risk, and Compliance Department at MindPoint Group. I come from an all-Army family.
My parents met and married in the Army, and it's total family tradition.
So when I was a little girl, all I knew I wanted to do was join the Army,
which I did grow up to do.
I joined right out of high school.
That was, like, my goal and my desire.
I didn't actually pick a specific job with that idea other than I was going to be a soldier.
I joined my senior year, so I was still in high school.
I hung out about a month or so, and then I went straight into basic training.
With going to basic training, they have what they call kind of like the summer surge.
So there's a ton of soldiers all waiting for their basic training to actually start.
And when I got there, maybe a week or two into actual basic training, 9-11 happened.
So I didn't have the opportunity to see anything happen in real time because we're out like on a land nav course.
And it definitely changed what I thought my path for my military experience was going to be like.
So I actually joined the Signal Corps, which is basically communications. For me, I kind of
looked at it as more of an exciting opportunity to go somewhere cool.
And I probably maybe was a little naive, but I think it was a C perspective to kind of go into things not worrying about what happens. Because when you panic, that's when people make mistakes.
And as long as you rely on your training, you have trust in your fellow soldiers,
and you understand your job, you know, you're typically going to be
safe and be able to make the right decisions. And so I think that kind of created the opportunity
for me to be one of those people that thrive in chaos. Believe it or not, I love the crazy.
I think my time in the service was amazing.
My first duty station was in Germany in a small town called Darmstadt.
And I had the opportunity to spend like a lovely year there before actual deployment.
You really kind of develop a different sense of brotherhood, sisterhood,
because you have to have a lot of trust and reliance on the business process, right?
Everything, there is a rhythm and a rhyme and madness.
Everything has a purpose.
And you kind of have to learn to trust the process
and be successful and trust your counterparts.
I think that type of experience creates and cultivates
a lot of opportunities to be successful in non-traditional ways.
It's one of the hardest things ever.
I know so many people that transition out of the military and they struggle in the civilian side
and end up going back because you have kind of grown up in that structure
where you have the rhyme, the reason, and the rules that you follow.
And then when you come into civilian life, it's kind of like the wild, wild west, right? Because you're so used to that frigid structure. For me, I think what made my
transition easy is I got offered a position as a fed civilian working for the Department of the
Army. So I still got to work with soldiers every day. And my first job was an assignment manager.
And essentially what they do is you get
a job specialty and you're responsible for assigning people to go to their next duty station
and keeping them kind of full strength and looking at their human resourcing and staffing and being
able to forecast where people are going from a deployment standpoint, kind of seeing a bigger
picture and understanding a bigger strategy.
I worked on a bunch of federal programs as a government civilian. And now being here on the
contract side, I have so many different customers and different environments that I work with.
While a lot of the challenges that I face are very similar in nature, right?
The requirements are the same.
We're all trying to achieve very similar missions.
The way that people tackle the problems are different. And that gives me the opportunity to see and experience things in a different environment with different people and learn something new every day.
I like the fact that I get to touch so many different programs
and make things a little bit more effective and efficient.
But specifically, my role here at MindPoint,
I oversee both our federal and commercial practices.
And I really enjoy that because I get to kind of straddle both federal and civilian entities
and bringing it all back to cybersecurity policy and being able to be a good advisor.
I think I'm like a little bit of an organized mess.
The thing that I love the most is working with people.
And I think that's also the most difficult aspect of the job, right? The policy, the requirements, they're the same.
But dealing with different people, different personalities who have different interpretations and understanding of technical requirements takes a lot to be able to understand where they're coming from.
What is the vision for the organization that you're trying to support and being able to give good guidance on implementation strategy.
I want to make it a happy experience and I want people to feel comfortable to be able to tell me
anything and everything and know that no matter what, I will be there to be supportive, both
professionally and personally, because being able to kind of take a step back, understand the problem, being able to listen to a person's pain point
under stress and pressure and proposing solutions is like something that I enjoy doing, right? I
like that, that little bit of a challenge. I think my military experience has prepared me
to be in those kind of chaotic positions and be very calm about the approach.
And it's probably the only time I'm super calm about things
is when it is chaotic and overwhelming.
I'm a little bit of a risk taker.
I love to see women in IT, women in cyber, you know,
stepping out and bringing that different type of perspective and different type of experiences.
One of my kind of biggest fears walking into cyber
was that I wasn't technical enough.
I was always nervous about not being technical enough and, you know, being a woman and starting my career in cyber in a non-traditional path.
I didn't necessarily have the formal education.
One thing I would say that a lot of people kind of value is my honesty
and transparency about what I know and what I don't know. But being a hard worker and being
passionate carries you so much further than a lot of people would think.
I hope that people think that I was impactful.
And it doesn't necessarily have to be in the, I left like an amazing cyber legacy,
but I touched people in the work that I do and that I made a mark and made a lasting impression and that people will remember me for my contributions and my dedication to the work that we do. Hey everybody, Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up,
they started removing my personal information
from hundreds of data brokers.
I finally have peace of mind
knowing my data privacy is protected.
Delete.me's team does all the work for you
with detailed reports
so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
Today, get 20% off your Delete.me plan when you go to joindelete.me.com slash N2K and use promo code N2K at checkout. Thank you.