In 2017, I was afforded the chance to become a participant in the Technology Development Program (TDP). Thanks to the program’s access to leadership, I built a mentor relationship with Bindu Sundaresan, a Director in AT&T Cybersecurity Consulting with more than 20 years of industry experience. She embodied the knowledge, skill and determination I knew I needed to succeed. I was able to be her +1 to all meetings and grasp the concept of consulting holistically. It was through her guidance paired with senior consultants that I made a true impact on my projects and was introduced to the prospect of becoming a Cybersecurity Consultant.
Jumping into cybersecurity consulting
Consultants must take a holistic approach when solving cybersecurity challenges. Not all cybersecurity frameworks are created equal and not all compliance standards equal security. ISO 27001/2 was the first framework I grasped in its entirety. I utilized the framework for risk management, compliance, and driving policy development to reveal gaps that otherwise may have gone unnoticed.
Understanding how solutions translate through different businesses was one of the most interesting aspects of my consulting engagements. My first client was a brand I had already been quite familiar with, coming from a sports family. Being on the other side of the table I could think about how sports entertainment can shed a new light on digital trust. The behind-the-scenes look at how sports entertainment handles breaches, privacy, data protection and mobile security sparked my consulting interest even more. I never thought these would be my day-to-day responsibilities. Within less than two years, my security knowledge had grown tremendously, and I was hired on as a full-time Cybersecurity Consultant.
Shortly after, I led an Enterprise Risk Management engagement for an American alcoholic-beverage company that produced and distributed wine. Vastly different from the sports entertainment client, this organization aligned with NIST Cybersecurity Framework (CSF) and looked for guidance on network security, architecture and security operations involving segmentation and optimization. A detailed report and management presentation led to the identification of security weaknesses and compliance shortfalls. We successfully demonstrated an understanding of network and organization level risk explaining the security issues and providing recommendations for Security Information and Event Management (SIEM) technology and ongoing threat monitoring and analysis.
Thanks to the opportunities provided, I had access to technology that proved invaluable when assessing a client’s environment. Research showed 60% of cybersecurity breaches were linked to a vulnerability where a patch was available, but not applied. With the tools I had available, I proactively located, identified, and assessed those weaknesses before bad actors could exploit them.
Representation for the future
Growing up, I was fortunate to have a strong support system with plenty of educational opportunities. It’s thanks to that background that I pursued the Technology Development Program offered at AT&T. Starting a STEM career as a woman has its challenges and the share of STEM degrees is even smaller for women of color in the United States. Representation matters, female role models are vital to signaling a sense of belonging as more women continue working this field.Search Jobs