CyberWire Daily - The mark of making a difference. [Career Notes]
Episode Date: June 14, 2020Financial firm CISO, Tom Quinn, takes us from his first experience with modern computers in the military to his current role as a Chief Information Security Officer. It's important to understand how ...the technology works, but it's also important to understand how people work. And, to make a difference. Our thanks to Tom for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Learn more at zscaler.com slash security.
My name is Tom Quinn, and I'm the Chief Information Security Officer at T. Rowe Price. It wasn't until I joined the Navy that I started getting exposed to
what we would consider modern computers. I think, thank goodness, I had an opportunity to go to grad
school when I was in the Navy and they taught computers
like they do any other operational specialty
in the service, assuming you know nothing,
which was helpful because I didn't.
It was fascinating.
And for me, I needed that kind of depth
and that kind of understanding and patience for me to overcome some of my lack of significant experience in that space.
The first person who really encouraged cybersecurity professionalism was, you know, the first CISO I worked for.
And he really was innovative. He really loved this stuff. And he really showed me how technology is a double-edged
sword. It could be used for good and it could be used for mischief or evil. And having that
unveiled or that veil lifted was really an eye-opener, and that's what hooked me.
I would encourage people to have practical experience with computer systems.
Testing and classes and certifications are good ways to understand a body of work.
But a lot of what goes on in cybersecurity is pretty blue-collar work.
And it's important to make sure that you really understand at a deep level how these systems connect and what they do.
Be curious about it.
Really know at a level of detail what's going on.
And I often say to my team, I often say to our interns, you should be able to ask why five times.
Because invariably, it really is those details that are going to be the difference between safety and soundness in your environment and not.
safety and soundness in your environment and not.
I often just say that our job is to keep the hackers at bay.
It is an oversimplification, but there's some truth to that.
And I think for most people, either not in the technology or cyber profession,
it resonates with them.
Very infrequently, is there a technology problem?
Technology works.
What I find interesting is often it really is trying to understand how people work.
Somebody's expectations that they're bringing to the table of how they think somebody should operate and act
and what they should do
isn't the same thing as they think.
And I really do find that a lot of time is spent
to build a relationship with somebody
so that you really do understand
what problems they're trying to deal with
on a regular basis
so that you can
come to the cybersecurity profession
the fact that you really can make a difference,
that there are practical things that you can do
to solve some of the problems that we have. And I think the other side of my legacy is the people that I've had an opportunity to provide
leadership guidance, advice, and opportunities for, and seeing how they blossom over time.
And I think for any leader, that really is the mark of making a difference.
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected. Thank you. Now at a special discount for our listeners. Today, get 20% off your Delete Me plan
when you go to joindeleteme.com slash N2K
and use promo code N2K at checkout.
The only way to get 20% off
is to go to joindeleteme.com slash N2K
and enter code N2K at checkout.
That's joindeleteme.com slash N2K code N2K.