CyberWire Daily - Yasmin Abdi: Find your community. [Security Engineer] [Career Notes]

Starting point is 00:00:00 You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security. Thank you. Learn more at zscaler.com slash security. My name is Yasmin Abdi, and I am a security engineering manager something in the criminal justice field. I was super fascinated by crime and law. And so I think for me back then, that was probably one of the things that I saw myself becoming. I was really interested in the intersection and the interlap of cybersecurity and crime and law. As you know, crime is becoming more and more regular to be committed online

Starting point is 00:02:21 rather than in person. So for me, it was really the intersection of cybersecurity and crime and law. During high school and really when I started off in college, figuring out what exactly it was that I wanted to study, all I knew is like, oh, I really like crime. I really like law and I'm really good at technology. So really finding that overlap between those two is what I was thinking about in my early days. I took my first class in high school and then continued at the University of Maryland, where I studied computer science with a focus in cybersecurity.

Starting point is 00:02:59 And I actually minored in technology entrepreneurship and innovation. So during my time at the University of Maryland, I really, really, really got to know the computer science background and the research and really understanding like the binary zero and one of how a computer works. And I just fell in love with it, fell in love with everything computer science had to show and really got my hands dirty then. And at my time in Maryland, I was able to have the opportunity to intern at the biggest tech companies. My first summer, I interned at Snapchat and learned everything from command line terminal, GitHub, like really the basics of software engineering and how all that works. And then I actually was

Starting point is 00:03:45 able to intern at Google. Google was great. And then I interned at Facebook. So I really had a plethora of internship experiences while still in school. All of them were software engineering, but my second internship at Snap really had the security aspect and security composure of what I wanted to do. So I was working on taking down bad content as fast as possible. So at Snap, as you're familiar, people can post any sorts of things that they want. It's a public company and you can post public to your story. So there are bad people in the world that post bad things. And my team was really in charge of platform integrity. And what that means is to really upkeep the integrity of the company and of the users on the platform. So I was tasked to help take down that bad content.

Starting point is 00:04:37 And I really enjoyed that experience as my second internship. So that was my first job out of college. And I was a software engineer for two years, helping take down bad content. And then I actually noticed that, hey, I kind of want to get more of hands-on security and privacy experience. So I took it upon myself to create this new team, the Access Control Access Employee Management Team, and really answer bigger questions within the company in terms of security and privacy. So hence what I do now, I lead our Access Control Management Team and really trying to make sure that employees only have the appropriate data that they need for their workflow and they don't have over provisioning of data and all things related to access and identity management. There will be some hard times and there will be hard days that happen, but just knowing that in the bigger picture, in the grand scheme of things, just taking that one step forward and pushing in the direction and just always understanding that there will be times that will be hard. There will

Starting point is 00:05:56 be days or even sometimes weeks that you might not be sure what's happening next. You might not be sure of the next right thing to do or the next answer to have. So just letting yourself acknowledge that and being kinder to yourself and giving yourself that space and that time to resonate with that, I think for me, it's kind of helped me move forward and still listen to and acknowledge the goals that we have. the goals that we have. One of my biggest passions is actually giving back and helping young minority kids and not even kids, sometimes anyone get their first job in tech or their first job in cybersecurity. So it really resonates with me and what keeps me going and puts a smile on my face actually brings me joy. I laugh sometimes and I say, if there was a lucrative position in mentorship,

Starting point is 00:06:49 I would definitely take that. And hopefully when I retire, I can just spend all of my time doing that stuff. Form a community of like-minded people, people that you can build ideas off of, people that can help support you when times are low, find mentors people, people that you can build ideas off of, people that can help support you when times are low, find mentors, find people that you aspire to be like and really find that community of people. And I would also say

Starting point is 00:07:15 if you are trying to break into tech or break into cybersecurity, get really good at one or two things, become that subject matter expert at one or two things because cybersecurity is such a huge field. Technology is even bigger. good at one or two things, become a subject matter expert at one or two things because cybersecurity is such a huge field. Technology is even bigger. So trying to learn it all in one or two months or one or two years and get overwhelmed. I know that speaking to my younger

Starting point is 00:07:37 self. So my second piece would be get really good at one or two things. I chose cyber and even that is too broad of a thing. So I chose access management, identity management to get really good at one or two things. I chose cyber and even that is too broad of a thing. So I chose access management, identity management to get really good at. So that would be my two pieces of advice. I really want people to remember me by making people feel safe online. So my cybersecurity mention

Starting point is 00:08:03 is to really just help guide people and give them the tools and give them the opportunities to help them have a safer online presence. So really always rotating and changing your passwords, enabling MFA and 2FA on your devices, and just overall having really good personal hygiene online and protecting your data is really important. And now a message from Black Cloak. Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home? Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.

Starting point is 00:09:03 Because when executives are compromised at home, your company is at risk. In fact, over one-third of new members discover they've already been breached. Protect your executives and their families 24-7, 365, with Black Cloak. Learn more at blackcloak.io.

CyberWire Daily - Yasmin Abdi: Find your community. [Security Engineer] [Career Notes]

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.