Women Rock-IT: A People Hacker and a Global Leader of Cisco Security Engineers

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

these teams create integrated secure infrastructures and exciting new innovations [Music] at cisco we're helping learners unleash their potential and future-proof their career by skilling up in it cisco networking academy has the courses tools resources and connections to help you jump start your career we even have a job matching engine to help you start your career networking academy offers career pathways across high demand technologies 95 percent of students got a job or pursued further education by taking cisco certification ready courses if you have skills in these areas thousands of employers around the world need you cyber security is a vital aspect of any business this pathway focuses on the protection of computer systems and networks from unauthorized and criminal access networking is at the heart of every digital organization and this pathway will give you foundational knowledge of how networks operate how to configure troubleshoot and secure them and more the possibilities are endless in programming this pathway teaches you how to design code to connect wireless devices automate networks or prevent a cyber attack here's how it works start by enrolling in one of our flexible online courses to get a feel for which path suits you best or to upskill in an area of interest or find an instructor-led class near you our flexible learning options make it easy to choose the right learning style for you cisco networking academy courses help you gain the knowledge practice skills and earn digital badges and certifications on the pathway to the career you want connect to jobs with over 650 employer partners through our job matching engine choose who you want to work with afterwards stay connected on networking academy's alumni network on linkedin our student success speaks for itself my advice to anyone interested in pursuing a career in networking or i.t is to be resilient and know that your habits really do determine your success there will be times in which you fail you might read something and not initially understand it or completely fail a certification exam that is a part of the process that lets you know what you need to work on during times of my failure i made sure to reach out to anyone that i could anyone and everyone that could give me advice share knowledge with me that could reteach a concept to me that i didn't understand and practice practice practice if i can do it you can do it too find your future today [Music] i'm the founder and ceo of skybound rescuer which is an organization that specializes in the use of drones for public safety it's such a new industry that it didn't exist when i was at school so it's not a career that i could have aspired towards so how did i get here if you have enough passion for something then you are the right person to take it forward when your dream career starts taking you to places that you've always dreamt of visiting it's an incredible feeling [Music] standby [Music] hello and welcome to the new series of our women rock i.t program which kicks off today and runs through until july 2022 october is cyber security awareness month and to kickstart the celebration we have a fantastic panel of speakers today who will share how they've embraced their cyber security skills to join the fight against cyber crime whether you're a student a veteran or seeking a career change the dynamic field of cyber security is rapidly growing and has something for everyone being part of the live audience today entitles you to free course enrollment into some really fun courses such as introduction to cyber security the introduction introduction to internet of things networking essentials linux python and entrepreneurship details relating to course enrollment will be posted during today's event in the interest of time we will take any questions you have for our amazing speakers directly after this session if you're joining us over social media you can post your questions in the chat bot or tweet your question to hashtag womenrockit thanks and let's get started i would love to introduce today's guest speakers i'm really excited to have both of them here jenny radcliffe the people hacker is a world-renowned social engineer interesting title hired to bypass security systems through a no-tech mixture of psychology con artistry cunning and guile and she'll be followed by berju a cisco networking academy alumnus i'm so happy to say who is now a cyber security leader here at cisco but first we will hear from jenny who is joining us today from the uk welcome jenny and thanks so much for joining us today thank you so much for having me let me just share this screen and we can get started thank you so much for having me on this brilliant program i'm so happy to be here um as you said before oops just let me get to that uh my title is the people hacker and i'm going to talk to you a little bit about what that means and what my job is and really how it sort of i work adjacent to tech and and then just some advice that i've learned from running my own business and brand over all this time so thank you so much for introducing me rebecca so as you can see uh i'm known as the people hacker it was a title a journalist gave me when she interviewed me several years ago and i thought it was great so i stole it and my specialisms include three things really well for so the first thing is is that i'm a specialist in physical infiltration and that is really the shorthand is burglary but only for hire so i don't do this for fun i do for clients who ask me to uh break into their buildings uh attack their sort of security systems without tech so can i get past the people can i get past their gates guards um and so on i'm also a specialist in psychological manipulation and that's because we also have to replicate scams and cons and fraud and in order again to educate to train and that makes me i'm pretty much a con artist and that's the title that i gave globally when people ask me what to do although it's hard to explain without people thinking i'm a terrible person but con artist is a good title because it encompasses everything that i do and as i say i guess the biggest job is that i'm an educator and so the the point of my my sort of career is to do all these things to show the art of the possible and then to train people in how to avoid being um come by the bad guys or girls who are doing the same thing so why is this so important you will probably know people hacking better by the term social engineering and my definition of social engineering looks like this familiar to most it's the manipulation of human factors to gain unauthorized access to resources and assets for criminal gain or malicious intentions in the real world so not when i'm replicating this but i'm going to go further and say what social engineers really do is actively weaponize human vulnerability and because it's being actively weaponized we really need to actively prevent against it and in the defense space so that's really what i do um and the reason this is so important is that most security breaches and i've i've thrown a title um a statistic here that says 95 percent of security breaches but it sort of depends on uh you know which study you look at but it's never less than 75-80 percent are down to human error or manipulation and that makes what i do very important because any amount of cyber security measures any amount of technical measures come to naught if the humans are subject to error and manipulation it means that every time you get a smishing text so someone trying to activate you through a text message whether you're phishing emails that we're all bombarded with and some of them still get through despite the tech whether it's uh an old-fashioned phone call whether it's physical infiltration of a building and i'll tell you some more about that in a second but most security alerts come down to the humans whether it's stealing your credentials logging into your systems or looking at the things that we all are entitled to keep private it is the people that are seen in security as the weakest thing and i hate this term because we are not the weakest link but it's easy for people to understand and it is proliferated throughout our industry press who um if we're not careful see the users so people who are not in security as sheep as people who just follow whatever they're led to do and i'm just gonna click through some of these headlines weakest link in the chain humans are the weakest link security's weakest link it's just such a common term and i don't want you to think of yourselves like that the humans are something that we can work with now it doesn't matter what size business you're in it can be a large business it can be a medium-sized business there can be individuals we're all targets for these people and so that really um is where i work and what we try and do i try and inform you so that you're not a target uh for the social engineers that are out there but most businesses still leave this critical part of security unaddressed so i'm going to talk to you a bit about how i got into it but i'll give you just i'll run you through a typical job i would probably be in a large uh corporate office being asked to infiltrate i would not go through the front entrance because that's always very well guarded i'd be looking to go somewhere like a staff entrance which would be less well guarded i might hang out with staff somewhere around the building maybe put on a high visibility jacket so people think that i'm supposed to be there carry a clipboard and almost anyone will let me through and i look innocent enough and they'll let me through i would take the stairs rather than the elevator go into an office maybe avoid security cameras maybe stick blue tack over them pick up keys and drop some usbs around with malware on them or with at least trackers because obviously we're not malicious look for any kind of security problems that there might be and people still do write their passwords down on post-it notes but often not quite as obvious as that i usually make myself a cup of tea get into the office leave some business cards all around the office and then leave them an email get out again and go and sit on the roof and that's really my job and my job is to do that in for any client that hires me now this is a view of some officers i've i've lost this is canary wharf in london i've been at the top of most of these buildings been on the roofs of many of them but the first skyline i saw was at home which was in liverpool and i'm just going to talk to you a little bit about how i got into this because it's a question i'm always asked so i grew off liverpool and it's only famous for the beatles and the soccer and at the time i grew up it was a pretty run-down city i was attacked in an alleyway when i was uh really little i was about eight years old and i managed to fight my way out and then i was kidnapped um by a neighbor and i managed to get out of that as well and after that my family put me with my cousins who were older boys to teach me to be streetwise and these are actual photographs of where i lived at the time i grew up and what my parents didn't know is that my cousins were actually up to no good and so what they did is they taught me to get into buildings and to do something called urban exploration so we'd look around the buildings we wouldn't take anything or break anything but it was learning what was inside these abandoned buildings and how to get in and out when we weren't meant to be there and i did this for a long time you get very good at it if you if you do it when you're very young and i learned things like the routine for building the way people behave the way security guards behave how to get in and out through locks and alarm systems and that type of thing and liverpool has loads of these buildings still abandoned now so that's really what i did and then by the time i got a little bit older i was running cons all over the city so they taught me things like so soda machines in these vending machines how to punch in certain codes so that they vomit their change and apologies to any soda and or you know vending machine companies i do actually i've done a lot of made up for it since then to you specifically i also delivered packages all over the city no idea what was in them but probably nothing good and i used to do things like sell tickets for events that weren't happening be first and when i first did it i thought the event actually did happen and i'd sell all these tickets and then people would turn up and not only was there not a vip event and but there'd be all these angry people um that i told tickets to a non-existent event but i didn't want to stay that way i didn't want to go the criminal route and as i say i've made off voted since and eventually in my city and we're famous for the football as i said and the only people with money but the were the soccer players and we started to do security checks on their houses because they'd heard that we could get into these buildings could we get past their alarms that made them vulnerable to burglaries for real so we started to do these sort of security assessments on all the big houses that the soccer players had in my city and because i was a woman and i was um able to write the reports i ended up doing the kind of customer facing roles as well as breaking into all these big mansions and the outskirts of the city and that's really how it all started and once we got into their houses they asked us to get into their businesses and then bigger businesses and other associates and basically word of mouth spread until i've broken into most of the offices in liverpool either talking my way in or getting over the roofs and things um in order to protect them and word spread and i ended up going all over the uk and then all over europe and then to the states and literally talking my way into offices past receptionists and sometimes i'd say i was there to measure something so yeah i'm here to measure the drapes or the carpets of your new conference room and because i looked as if i couldn't hear anyone because i wasn't a huge you know guy covered in tattoos and full of muscles that people let me through and then and then what we'd do is we'd find any security problems presented back to the client afterwards um and they protect themselves i mean sometimes i pretended i needed first aid or i was lost and maybe i you know we dumpster dive and go through all the documents in the bins i pretend to deliver things sometimes we put listening devices or nothing in the box it was just a way of me getting round and i pose as the cleaners the janitors the maintenance staff all to get to the target so that's really the physical side of what i do i'm just gonna put this slide up just because i know that this will be available on demand and it's useful for people but the stages of attack that we have looked like this so we'd from a psychological point of view once the target was identified we research and map them out and work out you know the best relationship what would we culturally as an approach and we make contact and then as you can see we'd attack we'd acquire and we'd do whatever we were asked to do and this used to be a difficult thing for me to do i used to have to go and wait outside offices and things to see what the routines were to work out relationships to see what their attitude to hierarchy and authority was to see whether those ploys like the high-vis jacket would work but nowadays i don't have to do that my job is so much easier because of social media so because people put everything everything about themselves on social media when i was younger and i had to i had to research a company as i say i used to do physically a lot of the time a lot of telephone work and it'd take me a really long time to get that intel you know days and days sometimes but now i can accomplish this in a matter of hours because people are not careful about what they put online um and one of the biggest lessons i give to people is you really need to watch what you're posting about yourself online we post every time we take a run every time we enjoy a meal we review the meal we have our friends we have our businesses and all of these things make up this picture so that someone from an attack perspective can know the things that you care about the people that you care about we all have someone we wish to protect we all have something that we're frightened of and we put it out there online and zuckerberg said it he said this isn't the tax fault the question isn't what we want to know about people but it's what people want to tell us about themselves and when i first saw the proliferation of social media and the way people interacted with it it was horrific really to me because i could see the potential of what we can do with what people post so really my business and its job is to warn people about how that can be weaponized because in my hands and in the hands of someone with mild intent it's it's potentially lethal and what we do with that information data's no good without a story so we create the story through psychology so i'll now be looking at like things like how can i manipulate emotion in order to make that person do what we want them to do and remember again we stop short of harm it's for a training purposes so emotions you know i showed you the picture of the sheep before but what we have to understand is that an attacker does see the humans the users as vulnerable as the weakest link as sheep and will pull us along with the things that make us human the cognitive biases the emotions the psychological levers so whether it's because we are bored and we're not really paying attention we're not really sharp enough and this was something that was very true during lockdown for example we don't pay a lot of attention when we get fed up whether it's because we suspect the wrong people because people always think that a hacker looks like this when a hacker can look like this um or whether it's just curiosity so that you are going to plug in the usb all of these things the things that make us human the fact that we get distracted the fact that security isn't even in our job title so therefore it's not our problem these are the things that make us vulnerable as humans whether it's ransomware that scares us into clicking on a link whether it's someone offering us a job or a free gift or a discount so that we open that attachment or go to that bad site whether it's um saying that they've got hold of our files or that they're going to blackmail us or extort us into you know some fabricated photographs or anything else all of these things all of these emotions tap into the wrong side of our brain our fast thinking mammalian emotional brain that stops us bringing logic to the party and helps the bad guys and gals get to us and that's really why the security breaches are down to human error it's because we're human and it's our strength but it's also a weakness so what i've always said in terms of the businesses people ask me if i pick locks and things and i can and and sometimes we have to but mostly i don't because i don't need to work on the lock i need to work on the humans but what i want to say to you today this audience is that what it really should say is that i don't need to work on the lock i need to work with the humans and from a security point of view that's what we have to do we really need to wait with them to stop them becoming victims and that's really my mission and that's my job and that's what my whole life is down to so look i wanted to say from that point of view i've built this sort of business over over a long time 25 years really and but a whole lifetime of doing my job and i have a few things and cisco asked me to give a few pieces of advice what did i find useful so here we go with some advice the first thing is is that it takes hard way to get to the top of anything and we can't be lazy and it's hard because sometimes we feel like um things come easily these days with social media and everything else so what i would say is you've got to be prepared to do the work and to do that do it early be productive early okay because if you can get as much done as possible at the early part of the day and i know some people will say i'm a night owl do it early the world doesn't know you anything and if you're up early and try and get things done i've personally found that that works quite well i've also written here stop lining woman up and get on with it which is a bit harsh um the second thing i would say is that pervert is the enemy of good and by which i mean if you wait for the right time to get moving on things you'll never get it done it just is excuses it's okay to make mistakes it's okay to learn from them but if you wait for the perfect circumstances you won't even get started no one's going to read your badge reviews except you so just get going the next thing is is that you are the best person in the world at being you so you have to kind of think of yourself i've come to realize as your brand and and that means that you cannot be a poor imitation of someone else so you have to be careful about plagiarism and you have to be careful about being performative okay um decide who you are and what you stand for and what your business stands for and have integrity around that and what what i mean by not being performative is if you believe in something if you really believe in something then you will work on that thing that you believe in and you will always be uh truthful to that even if no one ever sees that you've done that good work for me if you're gonna do good work that good work has to be done as much in the shadows as it does in the spotlight that is your brand and that integrity shines through even if people can't put a label on exactly why it's there that's integrity not attention [Music] i also want to say to you um that you can't drive very far on an empty tank um and i you know goodness knows i know what it's like to be a workaholic i have a tendency to work very hard and forget to look after myself one day i found myself all of a sudden lying on the floor in my office um and not being able to get up again and it was partly exhaustion partly mental and psychological exhaustion as well as physical exhaustion it's very tempting to just keep going until you fall over but what i'd say that i've learned and i don't mean to sound patronizing or like you know your your big sister or auntie but you have to do all the things that are boring that you know you have to eat well not junk you can't drink too much alcohol and especially when you're busy and you're working drinking no alcohol because it just slows you down and slows down your thinking and you need to get sleep and some exercise and you need to be kind to yourself and exercise any demons you have address those things that nag you and that you know deep down hold you back otherwise you can't try fall in that empty tank um it's just so true the other thing i would say that's helped me massively and i'm just sort of throwing advice out here but is to find a team and when i say this i don't necessarily mean professionally and i have people around me who tell me quickly and kindly and rationally to my face if i talk rubbish and i don't always want to hear it and it's hard to hear but i am i'm responsible for people and clients and important things and i need people to be frank with me and i need to learn to listen and it's hard to hear find those people who will be with you as much as if you were a complete wreck and had done everything wrong as if you were receiving an oscar or a knighthood they are the people that will tell you you're great when you achieve something and will stop you catastrophizing when things go wrong and they're also the people that make you laugh and you feel down and my biggest advice for you on this is you should be that person for someone else as well and we all needed they exist and don't you dare and this is particularly to the women out there don't you dare lower your expectations about whether there are people out there will support that whether there are men and allies out there who will support that if you are driven you can find those people who will give you these things and the last kind of piece of advice that i'm going to give you is about the shiny now the shiny is so the name that i gave to success because i've been fortunate in my career i've had some privilege and i've worked very hard and sometimes the stars have aligned and i've got some success and success makes you shiny and people see the shiny okay but what you need to understand is people sometimes want that shiny to rub off on them without them working for it and they want that to rub off at the expense of you so what you have to do is you have to understand that success is very magnetic and you have to look after that and be generous with your success and be generous to other people but also be wary of those that would take that from you without working hard for it so just guards up sometimes now i've said all these things as if i never have a bad day and there are times i have a very bad day and i want to give up in fact there's times i want to sell um carpets for a living i'm a long way away from security and everything that that means and on those days this is what i tell myself and you know it's cheesy but this is what i tell myself i say do sharks complain about mondays now sharks are up early biting stuff chasing stuff being scary on those days remind everyone that you're a shark thank you so much for listening to me i appreciate it i'm going to hand you back now if i can just come out of here and i'm going to hand you back to the team wow jenny thanks so much um for sharing this amazing intriguing career story with us and for alerting us to all the challenges out there and the advice is something we all need to hear from time to time so thank you we will hold questions for jenny until the end of the session and now i'd like to follow on and introduce berjie ishita a former student of our cisco networking academy who's now a cyber security leader here at cisco so bruce you i'm going to turn it over to you to follow up and we'd love to hear what you have to say thank you rebecca wow this was such an amazing presentation i even forget who i was what i was planning to talk about this was amazing so inspiring thank you for sharing your story with us um so this is burj i'm a cyber security systems engineering leader in cisco uh and today i will be talking about how did i come to this place what's my story what are my advices for you but before i start i want to give you a very busy basic overview of what a systems engineer is so i'm working with a group of superstar engineering team and our role is to help our customers to select and design the best cyber security infrastructure for their journeys what they are planning to achieve in their businesses so my team around the globe is doing this for our customers um so today uh first i want to check with in the next slide couple of questions with you and i want to make sure that cyber security is a career for you because it's my passion definitely jenny's passion but it's not something for everyone it's like either love it or hate it and i want everybody to thrive in their careers so let me first check couple of questions with you so just pause for a second think about it do you like learning new stuff every day like new technical developments what's going on in the industry what's happening around you and what about thinking about yourself in like 10 years 20 years do you like to do the same thing again and again or do you want a super variety in your career do this jump to that try another thing our answer is yes the most important thing is would you like your job to have an impact a meaning and an impact for your family for your friends even the world and if this sounds very bold for you just take a look to this article from last year from new york times it's about a woman who was classified as death due to a cyber security threats for the first time we know that was happening but this is the first time it was classified and it's because the person was needing an emergency response and in germany they took it took her to a hospital but the hospital was suffering with that security attack and they couldn't accept this passion and they need to transfer it to another department another hospital and during this time during this transfer we lost her so you even have an impact on human life in this career it's not only finding the passwords it's not only like breaking into accounts or something it's not about the credit cards it's about human life so if those things sound a little bit interesting for you if this is something you want to do let's kick it off first i will tell you about my story how did i got into this role so moving to the next slide i want to first give you some statistics just to get a little bit more appetite at this point you identified this is an interesting career journey for you but what are the chances for me to get a job we know the job market is a little bit hard at this point but if it is cyber security and i want to get your attention to the chart on the left-hand side it's from isc square one of the most respected cyber security institutions and this is the reason i got this a little bit outdated chart it's from 2020. anyone remembers what happened in 2020 it is the start of covet and this was the study that was published just before the covet or just at the beginning of covet so at that time we were projectioning like 3 million open jobs around cyber security around the world but after covert happened we had a huge speed up on the transition to digitization so which means we need even more cyber security experts in all kinds of cyber security experts we listened jenny amazing danny who was doing a total different thing not like coding not like hands-on technical but in cyber security we have tons of different departments and on the right hand side by the way this is just its statistics around united states of america it gives you a very brief overview of what kind of technical roles do we have what are their breakdowns how many people do we need in those roles and you can also see what kind of cyber security certifications we have what's the demand what's the supply you don't want to chase the certifications that has terms of surplus just an idea so at this point we identified this is something for you we proved we definitely have tons of gap to help us to help the industry to help our families our friends and the world so how will you start your journey let me take a step back and tell you about my journey which is kind of regular but at some points maybe not um so how i started this journey is in this next slide you will see an advertisement this was kind of the starting point for me but let me take a couple step backs and make a meaning out of it so i studied electronics engineering university and i was sharing a house with two of my friends they were studying social sciences so i was a techie at the house i need to take care of the computers it's desktop it was 2003 for so it was early years and we decided to take an internet connection at home and it was a dial up connection if you are not sure what's a dialogue connection just google it it's super slow but we were so determined to share it between three computers and i had no idea how to do it i know it's possible but i had no idea how to do it so i called a friend from university i said hey we are planning to do this can you please help us he said sure i know how to do it i even have some spare cable set on i will bring it to you perfect he came to our house he set up everything and hanged up we tried to use it it was working perfectly and then during weekend we decided to do some cleanup at the house it stopped working and we had no idea how to fix it okay what's the problem we called my friend again he come again he fixed it again he got and then couple of days later it happened again so i said okay this is this is not the solution i need to learn it by myself i need to fix it i cannot live with it um and at that time it was the last year of the university and in electronics engineering at the very last semester you need to select an expertise area is it like biomedical is it telecommunications is it coding whatever it is and i had no idea but i know that i need to learn networking i know that i want to do something different something meaningful something kind of new shiny toy not something very regular so while working working in the university i saw this exact same advertisement in the universe corridor it was the advertisement of cisco networking academy from 2005 for actually and if you are familiar with cisco you can notice this is an old logo my favorite logo from good old times so it was saying this is learning networking academy we are giving you a training for eight months you will be expert on this and that i called my family and i said hey i need money i want to attend to this session and i started to this course it was amazing they teach us everything possible like cabling the details the connections and i was super excited about this this was the best choice i had ever made in my student life i would say um and after graduating from this networking academy which took like eight months back then just after one week i landed my first role it was a small startup which was dealing with networking plus cyber security and cyber security means they were trying to build their own firewalls and it was kind of uh if you are familiar with linux it's like a ip tables kind of logic hello this ip knight this ip that's it so it was not a big thing but it made my introduction to cyber security and the next picture you will see represents me back in my first role this beautiful lady it's not me by the way who has a backpack who is traveling around the country this was me they were giving me a firewall box a hardware i was putting it to my backpack i was traveling around the country going to the companies trying to install it sometimes it was successful sometimes i was fading miserably and someone was helping me but let me tell you a couple of interesting stories it was as i said 2005 and most of the maintenance windows to install those firewalls are during midnight because you cannot interrupt the services etc um i remember i was on the 20th floor of the company where it department was located we were trying to install the firewall lots of problems and everything it was midnight i said okay may i please use the ladies room where is it and everybody looked at me and said ladies we don't have ladies here so we don't know where's the ladies room and they made me go downstairs 20 floors i found my way during midnight all the like legs were closed and everything but i remember back then there were not much ladies doing this thing and sometimes people were thinking they would face with a male colleague instead of me and i was seeing this disappointment when they see me in front of them a girl young girl who is claiming to be installing firewalls which is like something serious um but i believe we changed this perception a lot uh since last five years ten years with those amazing ladies in industry so this is how i started through but during the time i had developed this huge interest on cyber security and i decided to start my masters in cyber security area and i tried to develop my own firewall it was an ambitious goal and i said okay i will develop an ips it was something new we know that today ips is not enough to secure a network but back then it was like okay this is new big thing and i said okay i will do an artificial intelligence space firewall wow amazing because ai was not something height kind of hype back in 2006 so i said i will give a try what could happen worst case i would fail or i will extend my school and during this period i learned the tone i learned a lot and big time as you can imagine the entire resources was not that much available to everyone you need to search your way in the libraries and everything and libraries books searching ai when it was not that available in industry hype so it was not really easy but as i said i learned a lot just as jenna said don't have any fear for failing um and then i finished my project i presented to my university professors and they said yeah but you are saying your detection rate is like 70 something and we have some companies in the industry like cisco who claims they are over 95 so we cannot tell you are a successful student and i was like really it's just me versus cisco what are you talking about so this was my miserable failed moment which i don't regret i learned a lot i developed myself even more in cyber security and at that time i saw another ad that's changing my life and it was a job announcement from cisco in ankara where i located and which is not very common so i immediately applied i haven't even checked what's the job i said it's cisco come on what could it be even if it's an office boy or something i will just go for it it's cisco i want to learn more and i um got this role but the role happens to be a sales role i was a salesperson i was an engineer i was a very technical engineer who is still technical by heart but i ended up being a salesperson i did this role for three years i couldn't say i enjoyed every moment and i couldn't say this was my favorite career point so i decided to do something more technical and i joined again in cisco a team called technical services and this technical services team is dealing with the biggest customers like service providers biggest finance customers to help them on their post sales issues and i had a chance to work with all those super techy guys that you probably admired like double ccas triple ccis i was meeting with a guy who was the author of the book that i was studying and i felt really like in heaven okay this is an engineering heaven for me so i did this role many years in different positions and during this time i started thinking about okay once you did a sales role you are always a sales person i started to kick me i want to be a little bit close to business again i want to do something touching to customers like helping them to do more pre-sales and then i decided to do an mba while completing my other networking academic courses like ccmp even i attempted to cca it was another miserable failure but i learned a lot again so please keep trying please keep trying um and then finally i landed to my current role which leads me how it is going now slide so now i am kind of in the perfect place for my desires and for my background i'm doing sales i'm doing technical i'm leading a group of amazing engineers and i'm in cyber security so let me share a couple of things about this pictures with you so you can create a little bit more meaning out of it so this picture on the left hand side is a tweet from jerry elliot she is our sales leader uh our executive vp and she attended to my team meeting just to talk with my engineers just to have a basic chat with us just to share some stories and career advices and everything and she even tweeted about this and on the right hand side we have our ceo attending the same series with us with my engineers so it's it's not only about cyber security it's not about my amazing engineering team but this culture is inspiring me and keeping me fresh all the time like to be the people that i want to be like when i was a student to learn from them to drive in our careers so this is an amazing thing but it's not only about this culture or executives or my team but the slides at the bottom are the pictures from our giving back activities this is super important for cisco we like to give back to the communities so on the picture where we have funny backpacks actually they are backpacks we put together for the sick children um when they are being transported to hospital this is to keep them entertained or warm or whatever um and the other one was we were picking some food for the companies who are in need so i'm working in my favorite technology i'm working with my favorite people and i can still create impacts technically non-technically so this is how is it how it is going for me and now i will show you something a little bit different and if you are still with me if you think this would be or i guess we already passed this phase i believe you are thinking at this point okay i also want a career in cyber security but i'm not an electronics engineer i will not try to create my own firewall is it still something for me definitely so this is a just smaller portion of the available opportunities in cyber security mostly for technical so this is a heavy slide i know and you cannot read all of them but this is just to give you an impression about what kind of roles do we have available in cyber security it is not a niche for pure technical people it's not a niche for engineering students it's not a niche for coders or hackers with the hoodies and everything we have a lot of different roles in cyber security all kinds of roles if you are a non-technical person a social science person if you are planning to do cyber security marketing you can do cyber security sales you can do interviews with the cyber security professionals or you can do hands-on you can develop products you can do the coding and you can prepare it or you can do like uh genie is doing physical security or you can if you are more focused on the details like um governments institutions and everything maybe you can do some compliance issues we have lots of positions for you just make your mind and think about okay who am i what i enjoy doing most what kind of role do i want for myself and then you can find a perfect career for you but where would you start and in this next slide i have something for you i'm sure you have mobile phones just go and scan this this is taking you to a quick linkedin article that i put together last year after this kind of conversation that i had with university students i was getting lots of questions i was getting lots of kind of repeating questions and i decided to put together a article together and it's talking about where you can start what kind of free courses are available for you where to go next what to do and if it would give you enough initial information to kick start your careers and i definitely start having a pet with neta kids if you still don't have the account please create it um we know that it is like aid of internet you have lots of materials in internet but if you don't know where to start in a structured way you will struggle a lot and you will lose time a lot and cyber security is a discipline that you need to be kept in track if you go to a little bit wrong direction you can put yourself in a bad situation or you can lose a lot of time so institutions like networking academy when you have a structured course where it's taking you step by step what's right what's wrong where to start where to go you will really have a kickstart and most of them are for free just as we said at the beginning of the session so these are my advices for you uh this is how i did it and i'm really enjoying it i'm looking forward to seeing you with us either in our team either with our customers or working together in the industry thank you rebecca back to you thank you berjie for sharing your story and your career journey with us today and for outlining all the possibilities in cyber i love the fact that you you point out that it's not just for strong technical people that there's marketing and selling in different roles because i think sometimes people think oh to be in cyber i have to be a math genius and i have to have a phd and that's not the case so thank you for sharing that with us your curiosity and determination are really inspiring i think both speakers today left us with the message of never give up and keep trying right so i think that's a persistent theme that i heard from both of our speakers even though they look at cyber security from really different um lenses so i think now we've got a few minutes left we're going to take some questions and so i think i'd like to start off with a question for jenny and it is where do you think the role of people hacker will be in 10 years because you're coming at from the physical and psychological role and burji said cyber security is changing so quickly where do you see yourself and kind of your sort of role you know in the future five to ten years out so it's a great question and the thing is um the one constant in security is the people and the one vulnerability that we will never really be able to fix and that we shouldn't aspire to fix is what makes us all human beings what makes us all vulnerable because in some ways our vulnerability and our uniqueness is what makes us strong as well so i always say you know i never even call myself a social engineer for many years it's just the term that um that these days we you know we've come to understand and i always say now is that the first social engineers the first time a human being wanted something from another human being and used deception to get it we had our first social engineer and despite how far our species has come and technology has come in the world has come we still have social engineers now and we'll still have them in the future all that happens is uh malicious social engineers con artists and fraudsters will adapt their scripts and their attack vectors uh around the narrative we saw this in the pandemic around the narrative that we all lived through and around the technology that we have but the fundamental things will always be the same so where do i see myself and the profession in 10 years doing the same thing around different technology and a different macro narrative will still be there good point people will always be people right jenny so the technology may change but we still have our weaknesses and our vulnerabilities and our vices and our greed right exactly and it's our strength though as well that's that that no tech can spot the same things that a human can can spot or will fall for the same things a human can fall for there's too much nuance so good point good point thank you for that umbergo i'd like to turn a question over to you and it's one that's an interesting one given our role in networking academy and and trying to reach um under resourced or marginalized communities do you have any advice for people who may have physical disabilities or maybe a bit older that are looking to change careers or that have some physical challenges is cyber security a suitable kind of role for them do you have any insight there of what you've seen in your education or at cisco of course this is a perfect roll for you uh this is this is in a nutshell but let me give you a little bit more details and give you some extra understanding on this so if you remember my previous slides i showed you a couple of possible opportunities and in this one for example just an example this is this shouldn't be the only case but if you want to be a cyber security analyst like or if you are doing some malware now this kind of role this is something definitely you can do remotely if you are sitting in india if you are staying in sydney and you can still do work for us it doesn't matter you can work remotely you can be in front of your computer you don't need to take care of any like physical activities or something this is definitely the second thing cyber security is a fairly new discipline compared to other moms so most of the people who are at these levels were doing something different for example let me give you an example um if you heard about cisco's telus cyber threat intel organization the emir leader of talos used to be a dialogue and he was dealing with human viruses and he said okay this is human wires and then i decided to switch a little bit for computer viruses what does it mean for me so if you think about the hacker persona or hackers can be good or bad but let's say attacker they are coming from all different backgrounds they have all different varieties of motivations so we need diversity it doesn't matter what age you are in it doesn't matter if you are disabled or not it doesn't matter where you are located please this would be a very fulfilling career for you and we have place for everyone and just another example one of the engineers that used to work with me he was disabled for many years and then he decided to join to cyber security industry and he is over 50 and now he's wrecking it so definitely we need all different kinds of people thank you burji that was a good reply i'd like to ask you a follow-on question if i may do you need a phd or a master's degree to get started in cyber i know a lot of people have advanced degrees but if i have if i'm just starting college or just getting out of high school um can i is there a place for me to get started uh there's a place to get started for everyone there is place for phds there are places for high school students so definitely you don't need to have a phd if you have phd you can be more on research sites you can be developing new products you can be researching some new algorithms we need them but if you don't have phd you can still be practical you can still operate the tools or like hardwares or softwares those phds are developing so definitely this is not a must if you have you can have a different track in cyber security if you don't you can have another trick so it really matters what's your background what do you enjoy doing most and what's your personality so this is this is the only important thing thank you bergeron it sounds like there's an on ramp for people with um starting skills and then you can advance your career over time with your company so thank you for that jenny i have a question for you um how do you you touched on this but how do you get the message across that hacking isn't so much about complicated computerization but more about what people are typing into their devices or phishing how do we try to get that message out a little bit better what would you say there well i think i think it's mostly that people don't realize i mean it's very obvious when you tell people what it is so we just have to keep telling people um and you know i've never found anyone who didn't sit up when i didn't show them some of my examples because it's personal to them so if you think about awareness training the best awareness training um shows people how it can directly affect them and how that they can spread that and protect other people so really it's not a difficult for me this has never been a difficult sell okay people always understand because if i go in and say so you know i was i was looking at social media and i found that this is your friend and this is your favorite restaurant and then we sent you this email all about your favorite dish people can see immediately why that might be dangerous and that's why i always say to all my clients and all my friends and everyone i come across social engineering the human side of it is the perfect place to start with awareness and training and security awareness because everyone can it's much more easy for people to visualize um an attacker you know a bad person trying to manipulate you than it is to to visualize you know some a complicated piece of malware or a virus or something like that you know your normal lay people who are not in the industry can totally appreciate someone on the end of the phone trying to take your bank details and pretending to be your bank so i think my advice would be don't think that people don't understand people do understand we just need to show them how it relates to them and potentially what they're doing and then they become advocates and go and spread it and that's what i see whenever i tell this story whenever i give examples of what i do they sort of nervously laugh they get it and then they go and spread the word and that's what we should be aiming for now that's a good point i think sometimes we just need to be made aware i know you mentioned and burj you mentioned i i can't tell you how many alerts i get on my phone about i want a free set of earpods or that my att bill was paid and i think these are not real but if i'm not reminded that they're not real then i might click on them because i do want a new pair of ear pods right so i think that's right the engineering part is important we have time for just another question or so and i'd like to turn to berju uh berger you've been in the field of security for a while now and as you and jenny both mentioned it's changing quite quickly um jenny mentioned about social media and how that's changed her her approach and her role how has cyber security changed from when you first started i mean what what changes do you see taking place now that are impactful so um when i first started to interact with cyber security it was 2005 and back then a firewall a hardware firewall was enough to protect your company or we used to have those antivirus softwares in our laptops or even not laptops to desktop so this was more than enough for us but now we need to have a firewall we need to secure our end points we need to secure our mobile phones your watch everything our data are kind of in the clouds we are using amazon other all sorts of things we are using software software as a service it's all around the place we have new of course with these developments we have new regulations like for the participants joining from european union gdpr is the big thing so the more digitization happens the more cloud translation happens the more variety of products or services or extra cyber security we need so it may be sometimes a little bit overwhelming to keep up with them and it's also that it's hard for the cyber security professionals to manage all of them correlate all of them i'm hearing something from my firewall another thing from my cloud vendor another thing from here and there so this is the biggest change just we just don't have one single entry point at this moment at this time so and if you ask me an advice um i know it may be overwhelming but thinking about if you are working in cyber security in a company defending a network or something think about the vendors who has kind of some uniting the solutions for you to ease your life a little bit so i i can make a little bit ahead of cisco here we we are one of those vendors uh but i'm not talking only about cisco here so this is the trend change back then we were okay only to prevent the ips log everything we were done now no this is not possible we need to be more active we need to deal with all those changing dynamics so these days it's a little bit harder thank you berjew i i i just think of the smart home and the smart car and all the devices that are out there that you know that whole attack vector has just become bigger and bigger than it ever used yeah even those robot cleaners uh it's it's very common these days like walking around they have cameras to find their ways but you know it's also hacked back then uh if you don't update the software of those house cleaning machines i also have one i keep it up to date so keep everything up to date don't don't be lazy to be an attack vector in your house do you so that's interesting yeah don't be like i will use it we're almost out of time um so i'd like to thank both of our speakers you're just you are amazing inspiring passionate and have shown i think so many different ways that people could get started in cyber security so i'd like to thank you sincerely both for your time and for sharing your wisdom with us today for the audience out there if you'd like to explore more on the topic of cyber security i think they both giving you really cool insights into where this could go we have quizzes to test your knowledge and some interesting reading material so please visit our cyber security campaign page to learn more we've played we're going to place a link in the chat window or you can scan a qr code on the screen that i hope is up there um yep there it is all presentations and recordings will be made available after the session the link to our website is in the chat and as a reminder being part of our live audience today entitles you to free enrollment in six of our networking academy courses and as you heard from berjie this is part of how she got her start into cisco is taking some network academy courses um details relating to the enrollment are on the screen or use the link we've placed in the chat window folks your feedback is really important to us we try to tailor these webinars to meet your needs and what people are interested in so please take a few seconds to complete the survey to receive a certificate of participation please scan the qr code on the screen to access the survey we really appreciate your time thank you and we look forward to having you join us on our next women rock it event where we will meet more amazing women who innovate in technology think like entrepreneurs and act as social change agents please visit our website for details thank you so much for joining us today and enjoy the rest of your day wherever you may be and stay well bye now you [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music] [Music]

Info

Channel: Cisco

Views: 4,337

Rating: 4.9466667 out of 5

Keywords: cisco systems

Id: tf6aAggIrqk

Channel Id: undefined

Length: 63min 58sec (3838 seconds)

Published: Thu Sep 30 2021