CyberWire Daily - Hannah Kenney: Focused on people. [Risk] [Career Notes]
Episode Date: December 12, 2021Manager in BARR Advisory's Cyber Risk Advisory Practice, Hannah Kenney, shares her journey from never considering technology as a career to having it click in an informations systems class in college.... After noticing she was the only one in the room who enjoyed the lecture, Hannah knew she wanted to go down the technology route. In talking about her work, Hannah describes it as creative problem solving. She hopes "people see me as someone who viewed cybersecurity and risk as something that is focused on people first and foremost." We thank Hannah for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
My name is Hannah Kenney.
I am a manager in Bar Advisory's Cyber Risk Advisory Practice.
I always have been extremely curious.
I'm always someone who has wanted to know how things work. I'm the kind of person who will spend a few hours researching something that I just learned about for the first time.
But when I was a kid, I was very interested in other people and really just interacting with others. I thought maybe I
wanted to be a doctor or a nurse at one point. I thought maybe I wanted to be an actress so I
could speak to lots of people at the same time and thought I might want to be an artist.
I had a lot of ideas about what it was I wanted to do. None of them involved technology or cybersecurity in the slightest.
I think it's really unfortunate, actually,
that no one ever brought it up,
that that was something that I could even do.
And it wasn't until I was in college
where I was in an information systems entry-level course
and I was really into the lecture that was happening.
And at the end of the lecture, I remember everyone getting up and saying, man, that was so boring.
That went on forever. I thought, huh, I actually really, I really enjoyed that. I liked that a lot.
And so I think that was when I knew that that was a route that I wanted to go down.
a route that I wanted to go down.
So I started off by trying to be really open to any possibilities. I applied to a variety of positions and it wasn't until I applied for a job that I'm now working at that I felt a sense of
this is something I really want to do, which is work in cybersecurity and risk advisory.
I was offered the job and took it and haven't looked back since.
It's not super clear what cyber risk advisory is, so it very much depends on the person who I'm talking to. But I typically like to tell
people that we look at people's technology or information systems that they have as a whole,
and we say, what are the real risks here? We look at all of the different ways that there could be
possibilities for risk or that things might go wrong.
And we essentially tell them, here's how to avoid that.
A lot of my days are actually creative problem solving.
A lot of the time I'm talking to other people on my team who have a weird situation that they haven't ride across and who need some perspective on what are the potential risks and what things
can you do to meet that risk.
So I think I'm kind of pulled in a lot of different directions.
But the most exciting thing and the reason why I love this job so much is it is so much
creative problem solving and trying to think about things from many different angles when it comes to risk. It is such a great place for
curious people and for people who are always wanting to learn and who are open to kind of
thinking about things in a new light. So that's one of the reasons why I love doing this so much.
I come from a long line of teachers.
Almost everyone in my family is a teacher.
And I think that that sense of wanting to help people
is really strong in me.
And that's what makes me feel satisfied at the end of the day.
So whether I'm talking to a coworker and I'm helping to give them perspective or advice on
how to solve an issue, or I'm talking to clients directly and we've come up with a solution that
would be potentially helpful for them. It's that feeling of helping people in some way,
even if it's small on a given day, that really brings me satisfaction.
I would say, especially to young women, you truly are capable of more than you believe.
You don't need to have confidence in yourself in a given moment. You don't need to immediately feel like,
I've got this, I understand this, I'm going to excel at this.
All you have to do is know that you will work hard and you are curious
and that eventually you will be where you want to be.
So I would just highly suggest that people have faith in your ability to learn and grow,
which will eventually get you where you
want to go. I am truly a product of all of the people who have helped me along the way. I have
one mentor who really means a lot to me, who has been able to support my confidence when I felt
like I wasn't able to do that for myself, which is why I feel so passionately now about trying to foster that sense of confidence in other people.
If I hadn't been in that lecture, I don't think I ever would have considered doing this.
And I still remember that feeling of ending the lecture and being the only person in the room who
seemed to be interested.
And that was when I thought, maybe there's something here.
I hope that people think that I was focused on the people first and foremost.
Cyber security is thought of as being a technical profession, and it obviously is.
But at the end of the day, it really is about the people. There's no point in doing what we do if it isn't in support of others. So I hope
at the end of my career, people see me as someone who viewed cybersecurity and risk
as something that is focused on people first and foremost.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default
deny approach can keep your company safe and compliant.