Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

3/12/2020
10:00 AM
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Back to the Future: A Threat Intelligence Journey

Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce -- whatever their gender.

"If you could go back in time, what advice would you pass on to your younger self?"

When a friend recently asked me this, for a brief moment the question gave me pause. It prompted me to reflect back on my first steps fighting cybercrime and a feeling that followed me at the start of my career and morphed over time. I remember thinking: Will I fit in?  

Straight out of college, I took a job matching "technical wizards" to their dream jobs, a process that jump-started my intrigue with technology and ultimately led me to my own dream: becoming a threat intelligence analyst.

I had no prior background in cybersecurity — or technology, for that matter. My only experience with information technology was losing my college essays to computer or user error. But I was on a mission: I experimented with Web development, tinkered with database administration, and, fast forward a couple of years, I had a master's degree in IT and landed a job with a security company on its vulnerability database team.

As I was about to embark on my first steps in a male-dominated industry, I also realized that in taking this job I would be the only woman on the team.

Would I fit in?

I realize today the palpable impact that lack of female representation in the threat intelligence community had on me 20 years ago — it hardwired me into questioning myself. At the time, I could count on one hand the number of women in the field; the industry's existing homogeneity had seemingly introduced a sliver of doubt to my sense of belonging.

This is why gender representation matters. While I've been very fortunate to have incredible colleagues and be part of teams throughout my career that have supported me and empowered me, I didn't really look like anyone in my environment.

Since then, the industry has made great strides to become more open, more inclusive, and more diverse. Just within IBM, formidable female leaders are leading in security and threat intelligence. Twenty years ago, the absence of female figures in the industry to relate to, model after, or look up to would confine one's breadth of aspirations — what career paths she could follow and how far she could go. Today, women represent 24% of the security workforce, which is light years ahead of where we started.

There are visibly more women in the field, a greater number of women in leadership, and various industry initiatives committed to attracting, empowering, and mentoring talent to enter this fascinating field. For example, IBM Security founded a program called #CyberDay4Girls, where the company partners with local middle schools and hosts workshops to get middle-school girls interested in cybersecurity — a program that has expanded into nine countries.

While the future is looking brighter, there is still a ways to go, which is why representation matters now more than ever. For the industry to become more diverse and more inclusive, it's essential to inspire our future cyber fighters and tomorrow's potential leaders. In the presence of diverse references and female trailblazers, when young girls face the inevitable question, "What do I want to be when I grow up?" they can more easily envision themselves in this field and realize this too can be their calling. This too might be their dream.

Now in 2020, I reflect back on that feeling, that uncertainty my younger self had about fitting in. I now know I already had what I needed to fit it then. I just didn't know it then. The traits that led me to this field were the ones that helped me thrive and excel in my career. They were the nontechnical skills — the attributes that had fueled my fire, passion, and persistence to break through into this industry when starting off.

Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce — it's not binary.

So, to answer my friend's question, if I could go back in time I actually wouldn't offer my younger self advice. I'd let her experience it all — the good, the great, the bad, the difficult. Because that's the way you learn, evolve, and grow. However, as she prepared to take that first courageous step into threat intelligence and question whether she'd fit in, I'd whisper in her ear "Why wouldn't you?"

Related Content:

 

Michelle Alvarez is the manager of the Threat Intelligence Production Team with IBM X-Force Incident Response and Intelligence Services (IRIS). She brings nearly 20 years of industry experience to her role, specializing in threat research and communication. In her current ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 8/14/2020
Lock-Pickers Face an Uncertain Future Online
Seth Rosenblatt, Contributing Writer,  8/10/2020
Hacking It as a CISO: Advice for Security Leadership
Kelly Sheridan, Staff Editor, Dark Reading,  8/10/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at Risk
In this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
Flash Poll
The Changing Face of Threat Intelligence
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-17475
PUBLISHED: 2020-08-14
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
CVE-2020-0255
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-14353
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidate is a duplicate of CVE-2017-18270. Notes: All CVE users should reference CVE-2017-18270 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidenta...
CVE-2020-17464
PUBLISHED: 2020-08-14
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2020-17473
PUBLISHED: 2020-08-14
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.