Interview with vCISO Naomi Buckwalter

In today’s episode, we are joined by Naomi Buckwalter. Naomi started out her 20-year career as a software engineer, working as civilian with the US army for 2 years. She then progressed to a Senior Security Engineer before becoming Director of Information and Security in 2017. Naomi will be discussing her new non-profit venture, Cyber Security Gate Breakers.Her non-profit organization was founded to close a demand gap in cyber security. They hope to change the mindset of hiring managers to provide opportunities to candidates with little or no experience. The idea is to use social proof and show best practices to prove that entry level people are more than capable. Many skills from other areas are transferrable to cyber security, and a creative mindset always comes in handy in this industry.Right now, many industries have an archaic mindset towards change. They don’t want to incur risks by hiring entry level talent. What needs to happen is a mindset shift towards hiring; instead of the negatives, focus on the positives that new talent can bring. There’s an over-reliance on certifications and formal training. There also needs to be a re-focus on what companies are actually looking for when hiring - it’s time to update job postings to reflect what is truly needed. With Gate Breakers, Naomi hopes to be a positive force in the industry to change mindsets and stop gate keeping attitudes.Naomi is also currently working as a vCISO, which is a role she takes on at smaller businesses part-time to give them advice and manage their risks. Even though she consults for only 10 hours a month, it can make a huge difference in risk management and sales. If you are new to being a vCISO, Naomi has some advice. Remember that security is a service for a business, so you want to provide the best guidance possible and enable them in their goals. You are constantly balancing risk for the business and it’s important to build relationships within the organization. Be empathetic and gain trust.When she was a software engineer, Naomi took a class in hacking and it changed her whole life. She needed to work in a field that tackled this. After taking the class, she approached the team at Vanguard for a job. She approached them over and over again until she was able to get a job as a Junior Security Analyst. Back then, not having experience wasn’t a problem. It was commonly how people started.Looking back to when she first began in this space, Naomi regrets being elitist in her position. It was a normal mindset to be the be all and end all. Now, she cringes at how she behaved. Her advice: be approachable, friendly, and open to your colleagues. You gain nothing from being standoffish. Think about how much easier your job could be if people liked you.Closing out the episode, Naomi discusses what other problems the industry faces. For her, the industry doesn’t play well as a team. It’s a very secular community. After the Solar Winds hack, the Fire Eye team came and did an information sharing presentation with Naomi’s team. There needs to be more collaboration in the industry. We could operate if we shared our knowledge with others. Find out more about Naomi:LinkedIn: https://www.linkedin.com/in/naomi-buckwalter

Om Podcasten

Welcome to the Cyber Coalface a fortnightly Purple Team Cyber Podcast covering the whole cyber threat, hosted by myself David Tyler and JayJay Davey two UK Military Veterans who ended up in Cyber Security.Join us today as we cover aspects affecting Cyber Security from the perspective of a Red Teamer and Blue Teamer. This podcast is ideal for anyone in the Cyber or Infosec field, come and listen to those on the Cyber front lines!