The PEARC21 (Advanced Research Computing Practice and Experience) student program featured a cybersecurity career panel. Five experts shared lessons learned from over 100 years of experience. It was difficult to identify trends in the career trajectory of panelists, but each had a history of being involved in philanthropic efforts dedicated to cybersecurity workforce development, all expressing an urgent need to fill the pipeline. Did.
A full panelist biography is available at PEARC21 panel description page..
How do you prepare for your cybersecurity career?
Of the panelists, only Principal Research Scientist Jim Basney (University of Illinois at Urbana Champaign / National Science Foundation Trusted CI; UIUC / NSF) has a final degree. PhD in Computer Science (CS).
After graduating from West Point, CEO Bryson Bort (GRIMM / SCYTHE / ICS Village) earned three postgraduate degrees, including Electrical Engineering (EE) and CS, Telecommunications Management, and Master of Business Administration. ..
The Federal Bureau of Investigation’s chief, Philip Frimg (FBI Cyber Technical Analysis and Operations), has earned six accreditations and licenses along the way, in addition to a graduate degree in undergraduate history and informatics.
Basney, Bort, and Elham Tabassi (National Institute of Standards and Technology / NIST) have a bachelor’s degree in technology, while Frimg and Anita Nikolich (UIUC / NSF) have majors in undergraduate history. They eventually got a CS graduate degree, but that path didn’t happen as an undergraduate.
Tabashi was academically inspired early in his life by his aunt who studied at Sharif University of Technology in Iran. “So, of course, that’s the school I wanted to attend, and I graduated with a degree in electrical engineering (EE),” she said. After moving to the United States, she earned a graduate degree in EE from Santa Clara University in California and is currently a PhD in CS from Michigan State University. She said CS and math are important to NIST, but above all, they need a problem solver. She encourages students to be open. Chasing those who satisfy their thirst for knowledge, “and always question why.”
Nikolich and Tabassi expressed their early admiration for mathematics, but Frimg confessed that “math was never my friend.” He originally wanted to be an astronaut and was enrolled in the Pennsylvania State Aerospace Engineering Program. However, Calc-2 was a “weeding” course that prevented him from achieving that goal. When he was looking to graduate, the prospects for hiring a history major were bleak. The adviser recommended considering a PhD in Oxford, which required prepayment and took an average of eight years to complete. “The Rochester Institute of Technology (RIT) IT Graduate degree makes more sense,” he said. Employment at the RIT Help Desk led to my job as an IT manager for WXXI Public Radio. They were recently hacked when they arrived at WXXI. For his climax project, he used the NIST framework to create a set of WXXI security policies.
A long winding road …
“When you are young, you think your career path will be straight, but it’s rare,” Nikolic said. After leaving the Marine Corps, she worked for an internet service provider in the 90’s “when the internet was young.”So she learned how to be safe Really big website. Since then, he has supported the enterprise security of a global company with 72,000 employees. “It was a great place to develop your skills, but work can be stressful,” she said. Nikolich explains that she can connect the dots to her “superpower.” This will help you as a director of UIUC Research Innovation, which focuses on interdisciplinary applications of artificial intelligence (AI).
Tabassi joined NIST in 1999, specializing in biometric assessment and standards. “If you can’t measure it, you can’t improve it,” she reiterated Sir Kelvin’s famous quote. She was the chief architect of the now widely adopted international standard NIST Fingerprint Image Quality. Her work at NIST began in 1999 with speaker recognition. Since then, she has been working on various computer vision and machine learning research projects that apply to biometrics. Currently, Tabashi, Chief of Staff at the NIST Institute of Standards and Information Technology (ITL), leads the institution’s trusted AI program. From their website, “ITL promotes US innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that increase economic safety and improve quality of life. It’s one of the labs. “
Basney’s early work involved the development of HT Condor. The framework and OpenScienceGrid that underpin federated high-throughput computing. His first professional appointment was NCSA, which continues to support NSFCI security 20 years later. He has contributed to the NSF TerraGrid, XSEDE, and TrustedCI projects. MyProxy credential management service. CILogon Federation ID Service. SciToken that enables feature-based access to scientific data.
Bort had no long-term plans. Every time the opportunity came, he was excited to learn something new.At the same time, I experienced anxiety from not knowing what He was doing. “I grew up and learned from work,” he said.
“I didn’t mean to be an entrepreneur,” Bort said. “As Captain of the Army, I was injured in the war and took on the first job offered at the time of discharge. It had nothing to do with computers. But I was eventually hired in the technical field. “He added. Bort believes that at some point, “golden cages will rust,” no matter how great the work. As CEO, he finds it important to grow and replace himself. To train those who will take on your job.
In 2013, Bort formed GRIMM with some of the “best hackers in the world”. Three years later, a Fortune 50 company asked them to build their own software app, a modular post-access malware framework. At the request of the customer, Bort recognized the market failure. So he founded SCYTHE and asked clients for permission to commercialize their intellectual property to fill the market gap. SCYTHE provides services for small and medium-sized businesses that cannot secure their own security team. Bolt then handed over Grimm’s reins, allowing him to concentrate 100% on SCYTHE. After a while, he co-founded ICS Village with a 501.c.3 non-profit organization, Tom Van Norman (GRIMM). The organization “provides industry professionals and policy makers with the tools to better defend critical infrastructure.”
Frigm applied for the FBI Training Academy in December 2002 and was accepted over two years later. After training at the FBI Academy in Quantico, Virginia, he was assigned to a field office in Newark, NJ, where he first investigated organized crime in Italy. In 2006, he was appointed to the Cyber Team and contributed to its early national security program to investigate nation-state invasion activities. He was then promoted to management and eventually to his current role.
Frigm said the FBI was likely to have accepted him for his graduate degree, but his success in a rewarding career is due to the liberal arts undergraduate education. “It shaped critical thinking, analysis and communication skills,” he said. He often needs to explain complex technical content in terms that can be understood by a wide range of stakeholders. “Some people have advanced skills, but senior management may not. They are advocating on behalf of my section,” he said.
“How did I get to the FBI from history?” Frigm smiled, “It’s a natural step and everyone should take it.” His advice to students is, “Just choose one of the attractions of your life: what you are good at and stick to it.”
Bort and Frigm professed their early appeal to electronics. Young Bort disassembled things and found that he worked so often that he was blamed when something broke at home. At the age of 11, Frimg reprogrammed the Texas Instruments Ti4a calculator in the Sears & Roebuck store to show his name on the display (basic command).
Nikolic explained that her career chapter is suitable for “adrenaline addicts.” In retrospect, the inherent intellectual curiosity of intestinal strength is that Nikolic is working on the U.S. Marine Corps encryption, Tabashi is moving to another country, Frigum is investigating a white knuckle, and Bolt. May have helped prepare to join the Army (during conflict; not to mention having enough courage to find three businesses within four years). But what drives the occasional thrill-seeker at night? Bort said: People who rely on me to earn a salary. “
Threat situation; everything old is new again.
The panel’s rules of involvement established that it was not possible to discuss the details of the ongoing investigation. That said, each explained the type of incident in which the team was fighting.
Basney described the range of threats mitigated by the NSF Trustworthy CI team, including efforts to steal intellectual property theft and journal subscriptions from academic institutions. High Performance Computing (HPC) systems can be hijacked for cryptocurrency mining and launching attacks against others. But he added: “The daily life of cyber security specialists does not include incident response. We spend most of our time ensuring that scientists ensure that our security controls effectively support their research. I’m spending time helping. “
Bolt, wearing a unicorn-themed company hoodie, explained why he was often in the news. By 2020-21, when the media tackled SolarWinds breaches, colonial pipeline ransomware attacks, or Florida water hacks, Bort mitigated what happened, how the problem was mitigated, and by whom. It was an expert called to explain what was done. “They are probably calling me for my background in aggressive security,” he said. “We’ve been teaching how to be used in Florida water hacks in our workshops for years!” Here, someone controls the city’s water system (a Super Bowl is going to occur). (Within 30 miles from the location), increased the amount of sodium hydroxide from 100 ppm to the toxic 11,100 ppm. The operator saw it happen and immediately restored the settings. It was an awakening call for everyone to protect the country’s critical infrastructure.
Frigm added that while ransomware was in the news, it was certainly not new. “Villains have kept computers and data for ransom since the 90’s!” If you have weak control and abundant targets, a proven strategy is adopted. Intellectual property related to the COVID-19 study has increased the value of medical research data. The announcement of the COVID Research Grant Award has received unwanted attention. Comparitech In 2020, 600 US hospitals and clinics were reportedly victims of ransomware at a cost of approximately $ 21 billion.
“In the fast-growing field of computer security, we don’t have enough people to answer the phone. Diversity of voice and experience is important. We need different voices, opinions and ideas. The more diverse, the more security. Will improve. “– Bryson Bort (GRIMM, SCYTHE, ICM).
About panel authors and moderators
HPCwire Contribution Editor Elizabeth Leake is a consultant, correspondent, and advocate serving the global HPC and data science communities. In 2012 she founded STEM-TrekA grassroots non-profit organization that supports labor development opportunities for science, technology, engineering, and mathematics (STEM) scholars in underserved areas and underrepresented groups.
As a program director, Leak has led hundreds of early career professionals breaking cultural barriers to accelerate scientific and engineering discoveries. Her program has specific themes that resonate with multinational stakeholders, such as food security data science, blockchain for social benefit, and cybersecurity / risk mitigation. As a conference blogger and communicator, her work was recognized when STEM-Trek won the 2016 and 2017 awards. HPCwire Editor’s Choice and Reader’s Choice Awards for 2020 for Workforce diversity leadership.
Leak is the co-chair of the PEARC21 Student Program and PEARC22 Landed in Boston, Massachusetts, July 10-14, 2022.
Cyber Security Career Featured in PEARC21
Source link Cyber Security Career Featured in PEARC21