CyberWire Daily - Jennifer Reed: Balance the gender scales. [Principal] [Career Notes]
Episode Date: October 22, 2023This week, we welcome Jennifer Reed, a Principal Solutions Architect at Amazon Web Services (AWS) to sit down and share her amazing story. After Jennifer graduated high school, she immediately went in...to Marine Corps training, which she shared was a shock to her because she was the only woman when she got out into the fleet and every single place that she went. She eventually moved on from the military after learning some programming tools, and went into the financial services industry doing systems engineering. She got called back to active duty, and then afterwards landed at AWS. She shares that being a woman in this industry can be challenging at time, but she says "I do feel, um, good about the things I've overcome, but I also don't want it to be so hard for the next person, if that makes sense. I don't want them to have to have those same struggles to kind of overcome any perceptions that someone might have due to their their gender or their background." We thank Jennifer for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
Hi, I am Jennifer Reed, and I wanted to be president of the United States.
I remember getting my dad's briefcase and trying to dress up fancy.
The reason was, was that I really wanted to help people and make things better.
So later I found out that isn't always what the president gets to do. It's much more complicated than that. And then from that,
you know, when I went out of high school, I actually joined the Marine Corps,
you know, which kind of helps people to protect the country. And with that, I learned how to program and got my first exposure to
security. A couple weeks after I graduated high school, went right into Marine Corps
training at Parris Island.
I think the shocking part is, it was when I got out into the fleet and every single place that I went, I was the only woman, became very, very challenging.
someone before you who had gotten away with something,
that they wanted to make sure that you wouldn't.
So you're often punished because of the actions of someone else other than you,
because you're just kind of categorized as,
well, you're a woman, so I'm going to punish you because I couldn't punish that other person who got away with something.
So that was a little challenging.
At the same time, I'm a person that really loves the technology so i really you know loved learning
how to troubleshoot things and figuring out how software worked regardless of if it was something
i was formerly trained to do and that's where i spent a lot of my time because there was a lot of evolution from the
late 90s moving forward into, you know, the 2000s. When I was in the Marine Corps, when I went to
the Marine Corps Imagery Support Unit, I had a great CO, and he gave me unreasonable tasks,
according to my gunnery sergeant, to actually learn how to fix something that I had no training
to do. Then if I figured it out, then he would send me to training. And so he sent me to do
network security training, Cisco training, at that time, Sun Microsystems training,
Java training, SQL training, all of it. And so when I was getting out in 2000,
that was a perfect time to actually leverage those skills outside of the Marine Corps.
outside of the Marine Corps.
And so because I'd had such a hard time dealing with my first duty station in Okinawa,
where it really didn't matter about how well I did.
I had a non-commissioned officer
that believed that women didn't belong in the military.
And so I'd always get the lowest proficiency
in conduct marks.
When I went to my next duty station, it was like night and day better.
But you can never be sure that the next one wouldn't be like that first one.
And so if you sign up for a contract, it would be another three or four years.
And I just didn't want to take on that risk.
So I decided to take my chances in the commercial space.
And so I got out and did programming.
I did some COBOL conversion to Java as a consultant, which I had to teach myself.
I didn't know COBOL.
And then around the time the dot-com bubble burst right before, I actually started working in the financial services
industry doing systems engineering, which was great fun. So we got to play around with technology
that a lot of ISVs and startups were pitching to a lot of the brokers and we get to see how it broke
as well as if it's something we wanted to
use so that was very interesting and learning how to secure those environments but also learning how
to performance test and seeing how we could make something fail later that just kind of evolved uh you know into going back i got called up in uh 2003 for the
lead up to the war in iraq and so i got called back up a little interruption in the career path
to report to active beauty again for the liberation and enduring freedom. And then when I got out again, I went to
be a consultant to help lead a Fortune 500 company with their governed migration into AWS,
of all places. And because at that point, you know, from my application development background,
that point, you know, from my application development background, I knew you could deploy everything into AWS without having to use the console, everything scripted. And from that,
then I was recruited to be a CISO of an ISV. And so because I had that experience, both on
system engineering, but also software development and understanding data analysis and data privacy
really helped when I stepped into that role as a CISO to really understand how all of those
different things come together, to really understand the risk, to help our software
that we were deploying meet our requirements of our customers, but improve that security posture.
When I was a CISO, I was speaking with a group and they, you you know what i tried to get across to them was don't do it because it's your job to protect this the company's ip or to reduce the number
of vulnerabilities do it because the fact that your software that you're deploying
is a line of defense to protect your grandparents' data, your aunt's data, your mother's data.
People that won't be able to get their identities back because they don't understand what happened.
So whether you're developing networks software, whether you're developing application software,
whether you're developing something that might be a video telco type of software, whether you're developing something that might be a video telco type of software,
each of those could be a part of a supply chain. You could actually protect people better as just
an AppSec team member, helping protecting people's data than sometimes a policymaker
might be able to do in a government role.
I do feel good about the things I've overcome,
but I also don't want it to be so hard for the next person, if that makes sense.
I don't want them to have to have those same struggles
to kind of overcome any perceptions
that someone might have due to their gender
or their background.
What we can do to really help people
not face those kind of barriers,
I think, is incumbent upon us all. And now a message from Black Cloak. Did you know the easiest way
for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak. Learn more at blackcloak.io.