CyberWire Daily - In the clear: what it's like working as a woman in the cleared community. [Special Edition]
Episode Date: February 7, 2021This special edition podcast highlights three women, Priyanka, Ashley and Lauren, who chose to focus their careers in cybersecurity for the mission-based organization Northrop Grumman. Kathleen Smith ...from ClearedJobs.Net joins us as our panel moderator. The CyberWire's Jennifer Eiben hosts the event. We are excited to share this look into the world of women in cybersecurity. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
Calling all sellers.
Salesforce is hiring account executives to join us on the cutting edge of technology.
Here, innovation isn't a buzzword.
It's a way of life.
You'll be solving customer challenges faster with agents, winning with purpose,
and showing the world what AI was meant to be. Let's create the agent-first future together.
Head to salesforce.com slash careers to learn more.
Thank you for joining us.
I'm Jennifer Ivan, senior producer of the CyberWire's podcast network and director of our Women in Cybersecurity initiative.
We're excited to bring you a new special edition podcast today.
Due to the pandemic, we were unable to hold our annual networking event,
but we still wanted a way to elevate the voices of women in the industry.
In addition, making a podcast that's focused on women in cybersecurity is something I always
really wanted to do. We are joined today by our partner, Northrop Grumman, who's been a longtime
supporter of the CyberWire's Women in Cyber events. Their talented and diverse workforce
shows that their commitment to diversity extends well beyond the support of events. It is evident in how they conduct their business. Northrop Grumman has many examples of
women who excel and lead innovation in the cyber and technology arena, and we're excited to share
the stories of three of those women today who are thriving. On that note, I would like to introduce
you to those who are joining me today.
Kathleen Smith is a longtime friend of the Cyber Wire and especially our Women in Cybersecurity reception.
She was there at the very beginning with me in 2014 when we held our very first event. a veteran-owned career site and job fair company for professionals seeking careers in the defense,
intelligence, and cybersecurity communities. Kathleen is serving as our moderator today.
We are also joined by three women from the front lines of cyber at Northrop Grumman,
who will make up our panel. Ashley, an AI engineer, Lauren, a software engineer manager, and Priyanka, a cyber software engineer. They will all share their experiences as women working in the cleared space at a global
aerospace and technology company. And with that, I'll turn things over to Kathleen.
Jennifer, it's always great to be on a Cyber Wire podcast. And I join you in being very excited about having another opportunity to elevate the voices of women who are in cybersecurity and women who are being innovative and taking on the leadership role to let people know that women can do anything in this world.
I'm really excited about the fact that we are actually talking about women who are
in cybersecurity careers that are also mission-oriented, those careers that require
security clearance. So we're going to kick it off with our first question, which is,
I would like each one of our panelists to share a bit about their career and what inspired them
to take the path that they did. So first, I'd really like to kick it off with Priyanka.
Priyanka, thank you for joining us this afternoon.
Tell us a little bit about your career and what inspired you to take the path you did.
Yeah, yeah.
Thank you so much, Kathleen.
So hi, everyone.
My name is Priyanka.
And I just wanted to start off by saying that I am very, very excited to be here today because
I am a complete
CyberWire fangirl. I have been following you guys for years, listening to your podcast,
reading your blogs. So it's actually very, very cool to be on the other side today.
But as far as my background goes, I wasn't always this enthusiast who reads Cyber Wire daily briefings
every morning as I sip my coffee.
It was actually quite honestly the opposite for the majority of my life.
So throughout my childhood, as well as partially through high school, I was always geared towards
subjects such as English literature, criminal justice, philosophy.
So, you know, that kind of combination of subjects actually led me to want to pursue law for the majority of my life.
And really, my first real introduction to cybersecurity was actually through a small debate competition at my high school.
So they actually gave us a topic surrounding cyber espionage.
And I just remember being so fascinated by the topic, completely intrigued.
And I would genuinely get excited to research the topic even months after that event had occurred.
And I think that genuine newfound interest really led me to
pursue cybersecurity in college as well. You know, so when I had gone to college,
I went to the University of Maryland, Baltimore County, and I ended up actually joining the Cyber
Scholars Program at UMBC, which is a merit-based scholarship actually funded by Northrop Grumman.
And its goal is to actually encourage students from all different kinds of backgrounds to join the field of cybersecurity.
So that program, of course, gave me so many opportunities in cyber.
I got to explore very many different areas of cyber.
I got to meet so many professionals working at
different kinds of corporations still in the cybersecurity field. And one profound opportunity
that the scholarship gave me was actually a foot in the door at Northrop Grumman. So my first
ever cybersecurity role was a cyber strategy intern at Northrop Grumman. I spent the summer looking at a lot of policy
issues surrounding cybersecurity. And simultaneously, I was actually working as a researcher in
an AI and cybersecurity lab at school. So simultaneously, you know, both of those experiences
kind of made me understand that I was really interested and felt the most comfortable
on the engineering and science side of cybersecurity. So from there, that's kind of
where I am today. I really wear three hats in the cybersecurity field today. The first,
I'm a cyber software engineer. I'm Arthur Grumman. Second, I am also a PhD student in computer science at UMBC.
And the third, I am very, very passionate about cyber education. And because of that, I am really
lucky to have the opportunity to be a visiting lecturer at the University of Maryland College
Park, teaching Internet of Things security. So thank you. You're wonderful. Thank you so much, Priyanka.
I always love hearing that people who get involved in cybersecurity come from a very
different background. So I'm really glad that we kicked off with you first because
a lot of people think that they have to have a very technical background before they get into
cybersecurity when in actuality,
having diverse thought, having diverse experience really adds a lot of value to our overall thinking process with cybersecurity since it's actually changing on a daily, hourly basis.
So Lauren, thank you for joining us. I'm so sorry that your camera is not working,
but I know we're going to hear some wonderful things from you.
So, Lauren, tell us a little bit about you and please share with us your career path and what inspired you to take the path that you did.
Yes, thank you so much for having me. I'm Lauren. I'm a cyber or software engineering manager at Northrop Grumman.
or software engineering manager at Northrop Grumman. And I'm honored to be here talking with everyone today to share my journey as a cyber professional, what got me started and how that's
launched into my own personal passion of helping inspire and encourage other women
to pursue this path as well. Our nation is in dire need of cyber professionals. There's simply
not enough qualified cyber professionals to fill the pipeline.
So I'm hoping I can shed some light on the fairly new career path and the importance of diversity to our overall success in the cyber domain. So for me growing up, I always had a passion for math
and I wasn't necessarily the student that got top marks in math every time, but I was a student that
tried to solve every problem that I could in the textbook.
I enjoyed the challenge of using what I was taught in class and applying that to solve more complex problems. So when I first got to college, I thought I was going to become a math professor
or a math teacher. And when one of the requirements as a math major is to take computer science,
I had no experience and wasn't sure what to expect.
But I was very fortunate and I had a very passionate female professor who was engaging,
motivating, and ultimately inspired me to pursue computer science in addition to math
as a full-time major. And from then on, I was hooked. Later on, I took a computer ethics course
where I first learned about cybersecurity.
And I was later accepted into the Cyber Scholars Program at UMBC that Priyanka also mentioned.
The Scholars Program is primarily funded by Northrop Grumman Foundation, which enables success and promotes success for women in cybersecurity.
And from there, I was able to put my new found skills and interest to work as a forensic analyst in UMBC's Department of IT.
And that was my first time getting hands-on experience with cybersecurity, where I was able to parse through logs, detect different illegally downloaded softwares on campus. And I was able to trace through and really get that cyber experience.
Transat presents a couple trying to beat the winter blues.
We could try hot yoga.
Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes, yes, yes.
With savings of up to 40% on Transat South packages,
it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply.
Air Transat. Travel moves us.
Cyber threats are evolving every second,
and staying ahead is more than just a challenge.
It's a necessity. That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted
by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total
control, stopping unauthorized applications, securing sensitive data, and ensuring your
organization runs smoothly and securely. Visit ThreatLocker.com
today to see how a default deny approach can keep your company safe and compliant.
From then, I pursued different internships that would continue to give me experience and skill sets within the cyber workforce.
I graduated and accepted a full-time job as a cyber software engineer at Northrop.
And while at Northrop, I had opportunities to rotate to various programs so I could see how cyber applied to different missions and different domains.
domains. And as I worked as a cyber software engineer, I also had the opportunity to lead and demonstrate a cyber offensive and defensive capability demonstration. And I recently transitioned
to a software engineering manager for a space program. So that's a little bit about me,
but I'm looking forward to the conversation and the different questions and topics that
we'll be talking about. Wonderful. Thank you so much, Lauren. It was
really great to hear your perspective on how you got into the career. Now, Ashley,
tell us a little bit about you. And I am very in awe that you did physics in college because
that is the one class that I failed at miserably and had to take it a second
time. So please tell us a little bit more about your career path and what inspired you to take
the path that you did. Sure. Yeah, honestly, whenever I tell people or at school, I would
tell people that I was a physics major. The reaction was generally something along the lines of, oh, I'm sorry that that's happening to you, basically. So, but I loved it and people
didn't get me down. So if anyone's listening out there who is a physics major, keep at it.
Super important. Yeah. So anyways, my name is Ashley. My current title is AI Systems Engineer here at Northrop
Grumman. As Kathleen already alluded to, I was a physics major in college. All throughout high
school, I always loved physics. I really excelled in my physics classes. And so when I was applying
to colleges, it really wasn't a question of what major I was going to have. I always put physics, but I actually went to a liberal arts
college. And so we didn't have a lot of the same engineering CS kinds of opportunities that I know
UMBC does, but I still stuck with physics. There was about six people in my class that graduated
physics majors with me. Because we're a liberal arts school, we have the
option of actually doing a transfer and pursuing an engineering degree after three years at our
school at a different school. And I actually adamantly did not want to do engineering. I
specifically wanted to stay physics. I had some friends who, you know, transferred and transferred
to engineering. But yeah, I just adamantly stayed with physics. So I had never even considered being an engineer, um, through
any of my life, but then, uh, I didn't really have something else in mind. Um, and I happened
to know someone, uh, who works at Northrop Grumman on the business side, and she just
encouraged me to apply to Northrop Grumman. She didn't, uh, have too much experience with the
technical at all, but she thought it was a really great company just from the person, encouraged me to apply to Northrop Grumman. She didn't have too much experience with the technical
at all, but she thought it was a really great company just from the personality perspective
and the company culture. And so she encouraged me to apply. So my junior summer, I did have an
internship as a systems engineering intern with Northrop Grumman, and they offered me a full-time
position after that. And I had really loved my experience with the company, especially that company culture aspect, um, and kind of getting, getting my toes, uh,
wet in that, uh, mission oriented kind of job, job culture. And so I really liked it and I
accepted the full-time offer. Um, I did, um, start off at Northrop in a new higher rotational program that we have, which is called Pathways.
And so my internship had been in systems engineering. My first rotation for the
Pathways program was actually in hardware engineering in our sensors and payloads
group. And it was kind of a more physics-based group that designed some atomic based navigation sensors. And I really had a fun time
learning about that. But kind of the hardware in the lab was not necessarily the most comfortable
thing for me. So I ended up rotating into a group that is more on the data analytics side. So we
actually also had a lot of physics. A lot of people in my group are physics PhDs. And so kind of they, you know,
accepted me in as a young physics bachelor student or a graduate, I guess. But yeah,
I really got into the data science aspect and really found that that was where I fit a lot
better. And Northrop Grumman actually has really started to push into the artificial intelligence
realm. And one of the things they have available to started to push into the artificial intelligence realm. And one
of the things they have available to us now is called the AI Academy. And so I was one of the
really early students as part of the Northrop Grumman AI Academy. And we got to take some
classes online and apply some of those techniques to things in our job. So I did go through that
program and also had the opportunity to work with
some machine learning concepts on my programs. And so after a while of kind of going through
all of that, I did have the job switch from systems engineer to artificial intelligence
engineer. So that's where I am now. And I'm excited to see what else we talk about on the podcast today.
Sounds great. So audience, you can see I've had a lot of fun talking to these three amazing women and their career paths. I mean, yes, I took physics, I did biochemistry, but my career has
been very different. And it's always great to see what people are doing nowadays to inspire their career. So this is one of our first podcasts
that really goes into careers that are cybersecurity, but also require security
clearance. When we talk about cybersecurity frequently, we're only talking about the
commercial component and not really about the mission-oriented component. So I really want
our panelists to share with us why they considered
having a career that required a security clearance. So Lauren, can you kick that off for us?
Sure. So as I started to take more and more classes and learn more and more about cybersecurity,
at the same time, I was also meeting with cyber professionals, I realized that cybersecurity was for me. That's what I wanted to do. And with that, I understood that a majority of those
positions would require a security clearance. But because the cyber threat is a new type of
adversary that's extremely complex and ever evolving, it was something exciting to me that
I knew even if I had to get a security clearance for, it's something that I
wanted my career to be in. So going back to my roots and the girl that wanted to solve every
math problem in the book, I knew I wanted to find a career that was just as challenging and engaging
and would help me solve even more complex problems. In fact, the nation's most complex
cyber problems. And that was the dream for me. That's great. Thank you, Lauren. Yes, a lot of people don't understand that. They think that
jobs that require security clearance are actually really boring or they're very rudimentary. But
actually, some of the more difficult challenges that are out there that don't have necessarily
an economic ROI, those are the challenges that are out there that don't have necessarily an economic ROI. Those are the
challenges that are out there that so many people go through having a security clearance to make
sure that they can protect our country. So Ashley, do you want to share with us a little bit about
why you wanted to have a career that required a security clearance? Sure. Yeah. I would say that
I wasn't originally looking for security clearance specifically. But when I started at Northrop as an intern, I was working on an unclassified program, so I did not need the clearance at that time.
and um you know when whenever we're talking about the products that we produce or the programs that we work on you know we have a lot of interaction with the actual war fighters um who use our
products and they really tell us about how how much of a difference it makes for them and how
much that they really couldn't do what they do without uh what we do um we've actually had a
couple of times on our campus where we've had some Blackhawk
helicopters fly to our campus and like land in our grassy area at our campus. And that's been like so
cool to, to have that interaction. And yeah, so that was just one of my big takeaways from being
an intern. And I've actually had some family members who have served in the military. And so
I felt like it was a really cool way for me, even though I
wasn't serving physically, I was serving in another way that's totally essential to the work that the
warfighters are doing. So the mission oriented aspect of all of this was really important to me.
And then, you know, with that does come the security clearance. A lot of times some people,
you know, can work at Northrop Grumman without ever getting one, but for the most part,
A lot of times some people, you know, can work at Northrop Grumman without ever getting one.
But for the most part, it is part of the job.
So I was willing to get one.
And we really appreciate your commitment to supporting the mission.
So Priyanka, you were a little bit more familiar with a career with the security clearance than other people. You want to share with us why you chose a career that required a security clearance?
I have, yeah.
So, you know, just as Kathleen was saying, you know, throughout my childhood, I kind of had just a very limited exposure to what a clearance job could possibly entail.
father has actually been in the defense industry for over 30 years and has had more clearances than I can even count. But, you know, however, I remember growing up and, you know, he couldn't
ever really tell us what he did at work, you know, just apart from what his title was and,
you know, that people's lives actually depended on the technology that he
was building.
And that personally always inspired me.
And that notion of doing really incredible and impactful work, but not even being really
able to talk about it, definitely intrigued me.
And it followed me as I actually went into the industry as well.
And I think it's something that a lot of people can actually relate to if you have a clearance.
Right.
So I think it was when I could actually tangibly, you know, experience what that culture felt
like firsthand during my first role that I knew that I wanted to, you know, stick with
a clearance job. And, you know, although you have certain restrictions, like, of course, not being
able to talk about the work that you love and are super passionate about doing every day, you
actually realize that it is quite an honor to be able to be put in that situation. I really do think people with clearances are part
of the few people who actually define the saying, not all heroes wear capes, because it really is
a special feeling, you know, to know that the technology that you develop in some remote dark
skiff actually has the potential to impact millions of people, all kinds of people in this country
and even globally as well.
So definitely, you're impacting people
from the warfighter to the special agent,
to even potentially your small community at home.
So you really, when you're in cybersecurity,
particularly a clearance career,
you really are protecting millions of people just behind a computer screen, which is just super fascinating for me.
Well, thank you.
And thank you to all three of you for going through what you had to to get your security clearance and for taking on the mantle of mission-oriented work.
Not many young people are considering it.
I can say young since I'm a little
older than you all. It really is. It's a different culture. It is a different way of living your life
and it is a different way of working your career. But as you all three have said, it's a high honor
and it's definitely something that you feel like you're committing to doing something to
protect our nation's security. So thank you. So obviously all three of you have some fantastic
skills and education and experience and you could have gone into the commercial world and you know
we've touched on this a little bit with our previous questions, but let's delve a little bit deeper into it. What was it about the mission-oriented work that excited you
about selecting this career path? So Ashley, when you and I were talking, you were talking about how
intrigued you were with some of the systems that you were working with. So you want to tell us a
little bit more about why you selected mission-oriented work?
Sure. Yeah. Something that's just really different about these kinds of mission-oriented
systems versus the commercial systems is that they really do have to last for a long time.
In a lot of the commercial world, they're replacing products every year. And if you
have to totally redo something to make something that much better, it's kind of no big
deal. And everyone buys a new phone every year, you know, and it's not, not that big of a deal.
And there's some really great innovation that can go on in that kind of realm,
but there's also a different kind of innovation that has to go on in the realm where, you know,
that has to go on in the realm where, you know, we have these systems have to last for years.
And they're in really, you know, dire circumstances sometimes and they have to last.
And you can't just replace an entire airplane every year. And so you really have some constraints with that. But I think that it does lead to a lot of innovation that you just don't have to
think about in the commercial world. So even though there are perhaps more restrictions in
that way, I still, I think that it leads to a lot of really cool innovation and kind of seeing how
to combine new techniques with those old, older techniques. And I actually truly believe that you can get the
best possible system when you are willing to kind of use the best of traditional methods and the
best of new methods. So I find that concept to be really exciting. And I like working on these
systems that I know are going to have a lasting impact for years to come. So yes, you and I were talking about,
you're a little bit more of a scientist MacGyver kind of thing, trying to figure out how to figure
out these systems. I was also thinking about the movie Apollo 13, where they had to sort of figure
out how to save everybody with just certain amount of duct work and wires and things like that.
So, you know, as you said, we have systems that have been put in place for years, for 20, 30, 40 years.
And, you know, the taxpayers don't want us to just sort of wipe it clean and start new.
We have to take what systems we have and be, you know, super creative and innovative.
And I really, you know really commend you for doing that. Priyanka, you actually
had the opportunity to interview with some of the big names in the commercial world.
What was the difference between interviewing with a commercial company versus a government
contractor? And why did you, after all of those interviews, really decide to move on into mission-oriented work?
Yeah, yeah.
So, I mean, I really do love this question because I do think that it communicates a very big and common misconception that a lot of people have about cybersecurity.
And that is that a lot of people think that cyber, the cyber field is the same as the defense field.
But, you know, that's definitely not the case.
You know, people who have been in the industry
are very familiar with cybersecurity,
understand that every single industry
that you can think of today
is impacted in some way or another by cybersecurity, right?
So you can literally have a cybersecurity job
in any kind of industry.
Um, you know, so going out of college, I knew that I wanted to work on mission oriented work,
but I still took the chance and I interviewed at different companies, you know, just to see
what it was like, you know, I actually had, um, you know, I had another small misconception too,
in that I thought that defense jobs, you were really working with
super old technology, you know, you weren't working on cutting edge, but that is actually
not the case. You know, there's different sides of it. You know, even if you're working on a legacy
system like Ashley is, you could still work on very cutting edge problems. You can still introduce
new technologies. But if not, you know, that's a very different skill set. And, you know, it's
still very interesting. It's still a very cutting edge problem, right? But, you know, when I
interviewed at different places, like some banks and, you know, other technology companies,
I actually realized that a lot of the skill sets that you learn about and use as a cybersecurity
professional are actually the same across
the board. So my interviews with a bank, for example, were very, very similar to the cybersecurity
interviews that I had at Northrop Grumman. And at that point, I really realized that it came down
to just the end product, the end customer, and also the mission that you want to serve, right? I don't
think it's enough to say that you want to go into defense specifically because of the quote-unquote
mission, right? Because when you're dealing with cybersecurity, you're dealing with some kind of
mission at the end of the day. You know, whether you're a cybersecurity professional at a bank
or whether you're a cybersecurity professional in the defense industry. You know, the missions differ, right? And I really do think it's what you're passionate
about at the end of the day. You know, for me personally, I really liked the end customer
of the government as a whole, producing products for government contracts. And I also enjoyed and
was thoroughly more passionate about the mission in defense rather than the mission of the commercial cyber world. You know, like I think the main difference is the mission in
defense. You're really focusing on the lives of others, you know, and on a lot of these programs.
Whereas if you're looking at the commercial side, you're protecting like people's personal data
and you're preventing fraud. And some people are very passionate about that. And that's what I
think is great about the industry, but it really does come down to the preference of the mission
and the customer at the end of it. Wonderful. Thanks, Priyanka. So Lauren,
with your math background, I'm sure there were many people who wanted to talk to you as Priyanka
was saying, the finance industry and various different industries. What was it about the mission
oriented work that really impacted the career you selected going into a career that required
a security clearance? Yeah. So I guess a little history with me is that I've always been one that
loves giving back. So when I was little, I was even then trying to figure out ways that I've always been one that loves giving back. So when I was little, I was even then trying to
figure out ways that I could collect goods to donate to the homeless or other groups and
organizations. I was part of Girl Scouts leading those activities. I was just always looking for
different things, but it was giving back and I found extremely rewarding. So with cybersecurity,
for me, working on things that impact, like Priyanka has mentioned, everyone's lives in different ways from analysts to operators to just common communities of people.
Having that impact in cybersecurity was really what inspired me and made me want to go into that workforce instead of commercial.
inspired me and made me want to go into that workforce instead of commercial.
So for me and my team, I know we come in every single day knowing how important the work that we're doing is and that motivates us. And at the same time, it's just such an awesome, rewarding feeling that you get knowing that you're protecting people from everyday hackers to adversaries that are impacting military operations.
So when I chose to go into the workforce, I chose that mission and that reason for what I wanted to
do and focused on that for my career path. Wonderful. Thank you so much, Lauren. So what
I have found interesting over the last nine years that I have been working specifically in the cybersecurity community,
that we started out with cybersecurity being just one aspect of our community.
And it all of a sudden exploded into a whole different variety of ways that cybersecurity impacted retail, to hotels, to shopping, to defense, to a whole variety of things. So what's interesting
is that when we look at career paths that are cybersecurity, sometimes we're not really quite
sure, is it a cybersecurity job or is it not? So Lauren, can you tell us a little bit more,
do you consider your job to be cybersecurity or is it a different discipline that just gets lumped into
cybersecurity? So this is my favorite question and this is the hot question of the day.
When I first started in my career, I thought you were only doing cybersecurity if you were
actively researching cyber exploits or reverse engineering malware. But I've come to realize that there's so much more to that.
So from creating the infrastructure that cyber analysts are using to develop new softwares, tools and techniques for automated analysis.
On the other side, supporting data management and also information security.
There's just so many different skill sets and job titles that go along with that,
that for me, at first I wouldn't have considered that cybersecurity, but as I'm growing along in
my career path and understanding more and more about cyber, I consider that to be under the
umbrella of cybersecurity. Wonderful. Thank you. Now, Ashley, how about you about you i mean as you and i were chatting earlier you know
are you really doing cyber security or is it just something that's sort of just
brushed in underneath the umbrella of cyber security what's your viewpoint on it
sure yeah so um as i've said already but my my title is ai systems engineer. And I do think that there's a lot of misconceptions about what quote
AI is, you know, and, um, I think it, it, people should widen their view of kind of what,
what that means. Um, I personally, uh, don't consider myself to be in a cybersecurity specific
role, but I use a lot of the skills sets and the types of code and techniques that an AI
engineer might use on a cyber platform or something more specific like that. But I don't personally
consider all of AI to necessarily be related to cyber. The way that I kind of ended up in the AI
track is that I think, you know, that my physics background and trying to just really understand
like the from first principles, what is going on is a really important mindset to have when
thinking about AI and rather than just saying, oh, we trained a network and this is what it said and we're
going to move on now.
We actually want to try to think about what's happening and kind of trying to, yeah, just
figure out why you're seeing what you're seeing.
What did you expect to see?
How do we explain it more?
And so I think that that physics mindset kind of brought me into AI from that angle. And I know different people are coming into AI from
different angles. So anyways, that was maybe a little more confusing than it needs to be. But
yeah, so I think that there is just a wide umbrella of all this stuff that people might think.
Yes, I'm really glad that you're defining exactly how you're integrating cybersecurity into what you're doing and how they're complementary, how it can be integrated, how it can support.
Because I think as we grow in our careers, we're going to find that cybersecurity just is prevalent wherever we are.
prevalent wherever we are. And it's really great that we're bringing in all of these disciplines,
English, literature, and physics, and math into forming how we handle and how we tackle these challenges. So speaking of careers and career challenges, there's a vast array of types
of technical engineering and security types of jobs that didn't even exist five years ago. I mean,
security types of jobs that didn't even exist five years ago. I mean, career paths are changing constantly. How do you keep on top of all the advances to keep current with your job?
Ashley, you want to kick it off for us? Sure. Yeah. So I'm speaking specifically,
I guess, in the area of AI, but we have two things probably at work that have helped me most
to kind of stay as much on top as I can. As you
said, it's really impossible to read every single new study that's out. But for one, our group does
a by every other week machine learning algorithms reading club where someone will suggest a paper
to read and everyone will read it. And then we have a group discussion. And so kind of getting
people from all different kinds of backgrounds at work, whether it's physics, CS, electrical engineering, software, you know, all these different people coming together to suggest different articles to read really helps all of us kind of keep more appraised at what's going on and what is going on in the areas that we might not specifically be involved in ourselves.
not specifically be involved in ourselves. The second thing, so we got a lot of UMBC on the today. I actually have a research collaboration project with some faculty and students at the
University of Maryland, Baltimore County, and they have been really great to work with. I've
really enjoyed talking to them and they have really helped me be aware of a lot of the new technology
coming out and a lot of the papers and methods that are coming. And so then the challenge then
for me is to think, okay, here are all these new things coming out, some really great ideas,
but how do I apply it in a mission-oriented situation where perhaps the restraints aren't the same or the
exact goals aren't the same? How do we take these new ideas and kind of switch them around so that
we can apply them in the work that we do? And that's what I've been working on with them for
the last almost two years now, I guess. So that's been a really awesome opportunity to collaborate
and learn from people in the academic world as well. That's really great.
It's really nice to have those partnerships that are out there.
So Priyanka, I know you shared earlier that you're a fangirl, but what are some of the
other ways, given that there are so many different jobs that are out there, technical,
engineering, security, it's really hard to keep up.
How do you keep up and stay current with your job?
Yeah, so it's definitely something that we all struggle with. I definitely resonate with what
Ashley was just saying right now, and that there's just so much out there. It's literally impossible
to keep up to date with every single new innovation, every single technology, you know,
that's being impacted by the industry. Right. So one thing that I really like to do, as I was saying before, I love CyberWire.
I've been listening to CyberWire for years now.
And I read the daily briefing.
But CyberWire as well, I also look at Krebs on Security,
which is a very popular resource.
If you are interested in security,
learning more about it.
They post nearly daily, right?
You can learn about different exploits.
You can learn about policy issues in the field currently.
And that general knowledge is actually really, really beneficial.
I would even argue that sometimes it's even more beneficial than keeping up with some
of the technical skill sets to a certain extent, right? Because, you know, as a PhD student and a cyber software engineer, I obviously have to make sure that my skill set is continuously sharpened.
really do is I make sure to keep up with the general news. And if there's anything particularly interesting or specifically relates to my job, I'll go and try to see if, you know, that malware
that they were talking about, you know, if that code is available publicly, you know, I'll make
sure to look at it. I'll make sure, you know, to learn about things that I'm actually working on
or that I'm interested in working on in the future, right? But I really do think keeping up
and reading these blog posts every day or listening to podcasts like Cyber Wire, that knowledge,
that education builds over time. You know, you may not feel it the first few days you're reading an
article, but I kid you not, I would be at work sometimes, you know, completely unrelated to some
article I read maybe months ago,
and it'll just come back to me as part of the conversation. And it'll be a key element in
solving the problem. And it's not like I had a technical expertise in that area, but I had read
several articles on it in the past. And by no means do I have an amazing, impeccable memory,
but I think you train your mind over time.
And I think reading is just a really great way.
So that is my number one tip.
So one thing that I've really enjoyed in the security community is the amount of conferences that are out there that are just community-based.
are just community-based. And I mentioned in my conversations with all of you that I also volunteer at several security B-sides conferences where practitioners get together and share their
latest exploits and share how they overcome challenges. And I really think that that's
one thing that I love about the security community is that there is this sharing of information,
security community is that there is this sharing of information. There is this supporting of each other becoming better at our jobs. So I really commend you all for keeping up on that.
So what's interesting is anytime you look at a career study, they will talk about how the
technical skills are really important, but there will also be the complementary how important the soft skills
are. As cybersecurity is becoming more of the boardroom, it is more part of the leadership
discussions. It is more part of how we operate day to day. We all need our technical skills to be
complemented by really good soft skills. So Lauren, what are the soft skills that
you find most important in performing in your position? Sure. So for me and my team, I think
the most important or the two most important soft skills are teamwork and communication.
I'm not sure who said it, but someone once said, if you want to go fast, go alone. If you want to
go far, go together. And I think with all of our missions, we want to said, if you want to go fast, go alone. If you want to go far, go together.
And I think with all of our missions, we want to go far and we want to create the best
lasting solution that we possibly can. And for that, you need a strong team and you need teamwork.
And in addition to that, you need solid communication between those teams. So making
sure that everyone's willing to work with one another
in order to find the best solution and the quickest time that you can and get that out
so that it's making an impact on other people's lives as soon as possible.
And Priyanka, what about you? You've looked at so many different components of cybersecurity.
What are the two soft skills that have really been very important for you? Yeah. So, you know, similar
to Lauren, one is definitely communication. But the other one that I think is also very,
very important is open-mindedness, right? And I think in my experiences, those two go hand in hand.
And I think in my experiences, those two go hand in hand.
So first with open mindedness, I really do think in cybersecurity, you shouldn't limit yourself to one, what you know, and you shouldn't pass judgment onto others.
You should always be unbiased in your research or engineering your skills to really dive
deep and figure out what the root of
the problem is. You know, if you, you know, you should be open-minded, not with your own thought
process, but with others as well, right? Otherwise, you can miss a very important key piece of
information that brings you to the root of the problem, right? So, you know, as Lauren was saying,
you know, teamwork makes the dream work. And I think everyone's unique perspective, everyone's research will come figuring it out. You know, it takes multiple
conversations with your team, even other teams to really figure out what to do next, you know,
what the next steps are. So communication, open-mindedness definitely go hand in hand
together. The other thing I will say too is to communicate when you don't know something,
right? That also goes with the open-mindedness. Don't assume that you
understand the way to solve it because, you know, maybe in the past you solved it a certain way,
but maybe your teammate has a better way of doing it, you know? So be open-minded,
admit if you don't know something because you don't want to ruin a mission because you're
too embarrassed to communicate that you don't know something or you're too scared to communicate it.
You know, I think the great thing, at least in my experiences in the defense industry, people encourage you to
speak up when you don't know something. You know, that reduces a lot of confusion. It reduces a lot
of human error and it ensures that we, you know, put forth the mission that we promised, you know,
to the country. So definitely those two. Wonderful. Well, I really want to thank Ashley,
Priyanka, and Lauren for joining me today for Creating Connections, the Women in Cybersecurity
special edition of the Cyber Wire podcast. It has been my honor to work with each one of you to
learn your stories, to be able to share your stories. And I want to thank Cyber Wire and Northrop Grumman
for bringing these stories to the community.
Jen, back to you.
Thanks, Kathleen.
I just want to echo your thanks.
I want to thank you, Kathleen,
for moderating our panel with your thoughtful questions
and your meticulous preparation.
I want to thank Ashley, Lauren, and Priyanka
for sharing your backgrounds and experiences working in the cybersecurity space at Northrop Grumman with us. I have a note to share from Northrop Grumman. The cyber landscape is constantly evolving, creating new challenges and opportunities to defend against sophisticated attacks.
attacks. At Northrop Grumman, they solve the toughest problems in space, aeronautics,
defense, and cyberspace to meet the ever-evolving needs of their customers worldwide. Everyone is a contributor, and every day is an opportunity to help defend our nation and our allies.
Their 85,000 employees define possible every day using science, technology, and engineering to
create and deliver advanced systems, products, and services. You can visit their careers page at ngc.com to learn more about
joining them and these wonderful women that you've met today. I want to personally thank everyone who
helped us put this together. And I want to thank you for spending your time with us.
As Priyanka said, please check out the Cyber Wire's network of podcasts and newsletters,
including our Women in Cyber newsletter, Creating Connections. It's free to subscribe.
You can find us at thecyberwire.com. Thank you.