Diana Kelley, Cybersecurity CTO at Microsoft
Cyberthreats. Cyberattacks. Cybersecurity.
Every day it seems like yet another new form of threat comes along, and to combat it, yet another innovation to guard against it.
For those wanting to build a career in cybersecurity, that constant churn of change can be scary. How can I ever keep up, when everything changes so quickly? Am I going to have to relearn everything every day? I understand how it can feel that way.
But it’s important to take a step back and look through a longer lens for some perspective. Can you believe the fundamental technology for networking has been with us since the 1970s? Sure, it has gotten better, faster, smoother and vastly more sophisticated – but what’s really changed is the reach of the technology, and its impact.
By having a clear sense of what has changed – and what hasn’t – we can get a better handle on strategies for futureproofing your cyber career, as well as getting ready for the next wave of possible roles and the opportunities they bring.
When we look back at the dawn of cyber technology, the first thing that jumps out is how much it used to cost, and how limited the access was. I still crack up when I see a vintage ad for a 1980s personal computer boasting 2 megabytes of memory that cost well over $3,000!
The precursor to the internet, DARPA, was only available to select government employees and research universities. But much of the underlying technology from back then (or variants of it) is still in use today. For instance, the @ in email addresses was developed in 1972. Cerf and Kahn developed TCP/IP in 1973. DNS has been around since 1983.
These foundational technologies set the stage for the modern use of technology, augmented by advances in hardware (i.e. astronomical increases in storage capability and processing power), networks (broadband and WiFi) and software (HTML, TLS).
The cumulative result of all of this is today’s way of life where people all over the world rely on technology as part of their daily lives – from paying for their morning coffee with their phone, to asking their digital assistant what the weather forecast looks like, to keeping track of their diabetic child’s glucose levels in real time.
But along with the tremendous positive change technology has brought us, so too have the risks and threats multiplied – and morphed – as well.
Back in the 90s, when we considered the potential impacts of technical failures or malicious activity, the list was largely made up of things like being shut out of email or the illegal transfer of funds through online banking. Serious, yes, but nothing like today’s world.
Now, cyberissues can literally be a matter of life and death: if the software in car brakes fails, or if an autonomous vehicle hits a pedestrian on the street or a worker in a factory.
The whole world faces potential threats, as some nation states actively work to undermine elections. NATO, the military alliance of countries in North America and Europe, has recognized cyberspace itself among the domains it must defend – just like land, air and sea.
So, what does all of this mean for a future in cyber? The reality of the threats we collectively face is that they ensure there will be consistent employment for those working in cybersecurity and data protection for businesses, governments and consumers. The bid to stay ahead of the bad guys will only intensify – and the stakes will only grow higher as the world becomes more and more tech dependent.
My top tips for future proofing your cyber career:
- Know the tech: ensuring that you have a solid technical baseline is one of the best ways to be able to weather the unpredictable. Of course, new technology will emerge, but a solid understanding of the foundational tech will better inform your ability to manage the changes, big or small, as they come.
- Stay current and curious: changes in technology will never stop, so keeping up is imperative. Take classes, build out new systems, connect with experts and learn!
- Push outside your comfort zone: I started out as a network “guy,” but my career path has taken me to specializing in firewalls, Secure Software Development Lifecycle, PCI-DSS, WiFi/802.11, NAC/802.1x and now machine learning. Every time I went deep into a new area I felt overwhelmed, until I learned to be OK with being “comfortably uncomfortable.” Remember, the best jobs are the ones that you can grow into and grow with.
- Make new friends: get to know the people in cyber who are outside of your normal zone, whether they’re in network ops, software engineering, policy creation, even sales. I once got partnered with a lawyer when I was assigned to build a privacy practice – and I learned that privacy touches social, legal and tech issues all together. We needed to work together to build effective solutions – because tech without context doesn’t service end users well.
These can be daunting times in cyber, but they can also be exhilarating. With change and challenge come great things – so jump in and join the fight!