Some people are seemingly destined to pursue one career path, and one career path alone. While others have a bit more of a circuitous route to a job that they love. This is certainly true for #ShareTheMicInCyber founders Camille Stewart and Lauren Zabierek.
Currently the Global Head of Product Security Strategy at Google, Stewart always knew she wanted to do something with law and technology. While Zabierek, Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center, discovered cyber later in her career, after having worked in the U.S. Air Force and the government, and getting two Masters – in International Relations and Public Administration. What they both agree on is that we need people from all different backgrounds, skillsets and expertise in order to succeed as an industry – no matter what your journey to a cyber career looks like.
In the first part of our “Sharing the Mic” series we spoke with Stewart about what inspired her to pursue a career in cyber right from the start, what keeps her in the space and what some of the most pressing challenges are that the cyber industry needs to overcome.
Contracts and Computers: Where it All Began
With a parent in the computer science field, and a precocious legal mind, it is easy to see how Camille Stewart ended up with a career at the confluence of cybersecurity and law.
“I might be a lawyer by training – I used to make my parents sign contracts for every promise – but my dad is a computer scientist and my mom was a math professor and nurse, so I kind of knew that I had to be doing that work in the technology space. I grew up around computers and technology sitting in the back of his computer science classes, tinkering with our computer at home. My dad taught my sister and I BASIC programming languages as well as IBM Db2 Database, Lotus 1-2-3, and Professional Write (pfs:Write) on a MS-DOS machine as young kids. And thanks to my mom’s coaching and genes, I was in advanced Algebra in middle school and AP Calculus throughout high school, so I felt at home in technology and math. But the call to be a lawyer was still really strong, so I went to law school.”
Stewart started law school thinking she’d do intellectual property law, but she quickly realized that it wasn’t allowing her to use her technical acumen. So, after law school, she worked at Cyveillance, a cybersecurity company focused on open source threat intelligence, where she wore a variety of hats. She worked on intellectual property related services, co-managed the security operations center, and built new services – all made possible with her traditional legal skills paired with her experience of seeing business and legal issues through a cybersecurity lens.
“Cybersecurity is a multidisciplinary field which is what drew me to the field. To understand the threat and how it’s evolving, you need folks that understand the human element, as well as the technology. So we need people from all different backgrounds in cyber. We need folks who are good communicators, we need marketing folks, and folks who are skilled in training and education. We need lawyers, we need technical folks, we need so many different skill sets.”
Having an Impact
For Stewart, while getting to use multiple different skill sets is what drew her to the space, the ability to have a strong impact on the world around her is what keeps her in the field.
“All of my best memories in the cybersecurity industry come from seeing the impacts of my work show up in the lives of the people around me. It’s one of the reasons I do this work, because I love a complex challenge intellectually and because I want to help people.”
The effects of Stewart’s work have certainly been meaningful and impactful. Spanning both the private and public sectors, Stewart has contributed to some of the foremost cyber initiatives in both worlds. For example, while working with Android, Stewart worked on a variety of key projects that ranged from combating manipulated media and consumer fake news exposure, to building Android’s election integrity program that protected Android devices in the Google Play Store for elections around the world. Stewart’s work can also be seen in the public sphere, having written Presidential Policy Directive (PPD) 41 that articulates how the government mobilizes around significant cyber incidents – which is still in use by government officials to this day.
That said, for all of the success and positive change that she has had a hand in, Stewart does not shy away from confronting some of the issues that prevent the cybersecurity industry from achieving the far-reaching impact it is capable of. Namely, the industry’s long-standing hiring and diversity challenges.
Facing a shortage of over 3 million qualified candidates, the cybersecurity industry is still trying to find its footing in terms of attracting talent. And Stewart noted that a notable recruiting strategy shift could be the key to drawing in the diverse talent the industry needs.
“It can be hard to get into cybersecurity, because of the artificial roadblocks that we put up – like asking for certifications that require five years of experience for what we call entry level jobs. Cybersecurity is a human-centric challenge requiring us to understand the attacker, the user, the operators, and the environments in which they leverage technology to effectively mitigate risks. That requires diverse perspectives and skills in order to get ahead of ever evolving threats. So as folks already in the industry think about how to improve recruitment, a great place to start would be to throw out the rigid, outdated lens by which we currently assess who is, and who isn’t a fit for this industry, and replace it with a more open-minded approach. Harnessing the innovation that comes from a variety of lived experiences and backgrounds is our best opportunity to tackle cybersecurity challenges. We need to have a recruitment process that provides us with the varied skills and perspectives we need.”
Stewart also noted how important it is for students and underrepresented communities to gain wide exposure to computers as early as possible.
“Early exposure, relating cyber to their everyday lives and that of the people they care about, demonstrating the multidisciplinary nature of the field, and ensuring underrepresented communities are included must be part of any strategy aimed at encouraging interest in cyber careers.”
“I was fortunate in that I moved between communities pretty well and between having immigrant parents with high expectations and being one of very few Black students or people of color in my school I had a view of the world that was much bigger than high school dynamics. I tended to be involved in a little bit of everything, I was an athlete, in the band, president of organizations, achieved academically, and generally on good terms with everyone. I had no problem with being labeled a nerd if/when that happened. My Dad still talks about me having “Calculus parties” with some of my friends as a sign that I would chart my own course. So while being “uncool” didn’t have much of an impact on my desire to focus on tech, I experienced other stigmas and cultural dynamics that had an impact on my trajectory.”
“That’s why programs like GirlSecurity, BlackGirls Code, Girls Who Code, and other developmental programs that bring cyber to students are really important and why integrating digital security early and cybersecurity as an upper level option could completely change how the next generation views technology and cyber careers. Furthermore, it can help us change stigmas that have existed around STEM careers for far too long.”
This open-minded approach is reflected in Stewart’s personal life, which she uses for professional inspiration in turn. A self-professed travel junkie, and daughter of immigrant parents, Stewart cited traveling as a key influence in helping her build a global perspective that has helped inform her about people’s day-to-day lives, broaden her understanding of different cultures and people, and enhance her ability to recognize the beauty in differences. She even turned these passions into a podcast.
“I enjoy podcasting! I have had the pleasure of meeting so many really cool people whose trajectories and career paths break from the norm. They have had the opportunity to change lives and to have impact within their communities. They may not be famous but their work and their journeys are no less meaningful or inspiring. My podcast, Hustle Over Entitlement, talks about those trailblazers and risk takers and the pivots that they’ve made in their careers that changed their trajectory, and have had a serious impact. All this relates to what we should be looking to foster in cyber – an openness that encourages people to bring all of their varied experiences and skills into the industry. And fortunately, with a few tweaks in our approach and some intentionality we can turn this into reality.”
Don’t miss the next chapters of our Sharing the Mic series with Camille and Lauren where we dig in a bit more into Lauren’s journey, diversity, equality and inclusion, Camille’s podcast and why initiatives like #ShareTheMicInCyber shine a much needed light on some of the biggest challenges in the cybersecurity industry today.