If Wendi Whitmore had pursued her dream to become a pilot in the U.S. Air Force, she might not be fighting cybercriminals as the global lead of IBM’s X-Force Incident Response & Intelligence Services (IRIS), who help businesses dealing with security breaches and eradicate future threats. But a presentation by a female alum at her alma mater, the University of San Diego, changed everything.
“I attended college on an Air Force ROTC scholarship,” Whitmore explains. Yet while she was majoring in computer science and positioning herself for a flying career, she admits, “I didn’t seem to love it as much as many of my peers did.” That’s when she says “dumb luck” steered her toward attending alumni day and listening to the female cybersecurity professional. “Wow,” Whitmore recalls thinking, “that job sounds really fun. She gets to carry a gun and do investigations.”
Whitmore was already doing the heavy lifting required to put her on the path to a career in cybersecurity. “I was majoring in computer science,” she says, and had been a good student in ROTC. In the early 2000s, the Air Force had invested a lot in computer crime. They were working with the FBI, the Secret Service and with other military organizations like NCIS, and were training those organizations to deal with cybercriminal activity, too.
Flash forward 15 or so years and cybercriminal activity continues to increase, as does demand for skilled professionals to prevent and deal with attacks. Bureau of Labor Statistics data indicates that demand for cybersecurity jobs is expected to grow by 53% over the next two years, as a Center for Strategic and International Studies (CSIS) report revealed that 82% of participants in eight countries had a shortage of cybersecurity skills in their organizations.
Whitmore believes it’s important to raise awareness of the field as job opportunities continue to grow among all demographics. “College curriculums have changed,” she observes, to keep pace with the developments in technology and the sophistication of hacks. But at this point, she says, “We need to be increasing awareness [of the career track] at as young of an age as we can,” and suggests exposing students to computer forensics as early as elementary and middle school.
Exposure to the field and a degree isn’t all that’s required of a cybersecurity professional. “My team would say I am very calm in moments of chaos,” says Whitmore. That’s a prerequisite for a job where long hours are spent in tense situations that naturally follow a security breach. That’s because, as Whitmore points out, every minute spent trying to identify the source of the hack and repair the damage costs a company money.
How much? Whitmore cites the most recent research from Ponemon Institute. On average, it took 170 days to detect an advanced attack, 39 days to contain it, and 43 days to remediate it in 2016. The average cost of a data breach is $4 million. Incident Response teams like the one Whitmore leads can reduce that cost by nearly $400,000 on average.
Although legal agreements require Whitmore to stay mum on sharing the particulars of any case, she says every situation is different. But she’s seen malware so destructive it’s wiped out entire systems and hit their backups as well. Helping to respond and rebuild after such an attack is by nature very stressful. That’s why, she says, a cybersecurity professional–like a firefighter, law enforcement officer, or military personnel–must “remain calm, focus on the facts, and answer as quickly as possible.”
In crisis situations, Whitmore says it’s important to focus on the root of the problem and what information is currently available. Then, it’s helpful to guide the communication to other parties. During breaches, those other parties are upper-level executives and board members who need to be versed in what types of questions they’ll be fielding, and they need help getting connected to legal assistance. “You’re almost serving as a voice of reason,” she explains. “A lot of times, if you have a good conversation, you hear a sigh of relief.”
Empathy plays a big role in this. Whitmore says she’s learned to put herself in the position of a company’s staff who are dealing with a hack. “What kinds of pressures are they facing, what concerns do they have?” she asks herself. “Am I going to lose my job if this information gets released to the public?” The answers help inform how she communicates.
Finding solutions requires sifting through a lot of data, she concedes, both before and after an attack. The job requires staying up to date on the latest types of threats and new malware as well as dealing with attacks as they happen. The introduction of IBM’s Watson for Cyber Security, which uses AI, machine learning, and natural language processing capabilities, has helped security analysts make better decisions more quickly, says Whitmore.
However, she doesn’t see AI supplanting human workers any time soon. “It will allow smart people in the field to focus on the next challenge,” she maintains. And smart people are certainly welcome to apply to join the industry.