Connecting Communities Through Cybersecurity
It’s always been in my nature to help the underdog. Whether it’s supporting others while growing up as a military brat, taking work on US government contracts where missions were time critical and affected many, or becoming a volunteer EMT to help save people in my community and overseas, I enjoy helping and connecting people. Coming to work for Palo Alto Networks has allowed me to extend that to a larger, global community.
My Story
I was a government contractor in the DC area for over twenty years before starting with Palo Alto Networks. With a background in software development, management, and technical training, I found my new home with Palo Alto Networks Unit 42. We’re the team that detects new threats, details them, identifies the risk, and shares that with the industry to better protect all digital environments.
When I came on board, the first task I was handed was our efforts around the Cyber Threat Alliance. The CTA was our answer to how to disseminate information throughout an industry trying to address new threats emerging every day. It is an organization with the perspective that unless we share our information, share the threats we are facing, we will fail. It’s this organization that enables us to work with other companies that are coming together for the common good. We are collaborating, and this gives us more access to data than we would ever be able to compile on our own. We are sharing our data, our perspectives to find better solutions together. It’s been amazing to get on phone calls with competitors and have intelligent, collaborative conversations because we know we are all in this fight together.
This isn’t just the CTA but the industry as a whole that expects this kind of behavior. I’ve learned so much from working with other companies and government agencies. They, in turn, learn from us. I’ve seen us move forward on solutions that protect our customers and our digital way of life. I’m proud to work for a company that centers its work on humility – the humility to ask for help, work together to identify solutions, and find them, together.
Staying Innovative in a Changing Industry
Part of the evolution of our industry is evolving not just the way we detect the threats but who is involved in detecting them. I’m excited and inspired by the programs I have been able to participate in while working here. I helped with the creation of the initial cybersecurity badges for the Girl Scouts. I presented to Black Girls CODE in California. I’ve attended and represented the company as a speaker at several conferences, most recently RSA. It’s no secret that there is a shortage of women in the industry, so it’s nice to have the opportunity and support from the company to be involved in programs and events that are driving a positive change.
The industry is constantly changing, and we have to improve, develop new products, and work with different organizations to avoid getting stuck in a rut as well as ensure we stay innovative. I’ve never seen a company grow and expand as successfully as we have before in my career. It’s challenging but I love to be challenged – I love how fast-paced my work can be, and I love that things are always shifting and changing. I’m never bored. Teaching young ladies in Girl Scouts how to stay safe in the digital age; helping my mom remotely when she has computer problems; and working on a team that discovers, analyzes, and reports on the latest threats are the reasons I get out of bed every day and proudly wear my Palo Alto Networks gear.
This article first appeared as “Life at Palo Alto: Connecting Communities” by Kathi Whitbey.
Intern to Employee
I started at Palo Alto Networks as an intern in early 2017. I was a mathematical engineering major at the time, and the study program included some basic networking courses (CCNA/CCNP). While taking these courses I started becoming interested in cybersecurity and realized that there was a big gap of cybersecurity professionals in the market, so there are always job opportunities in this field. Cybersecurity has also become more relevant in the past few years as we can see frequent breaches in the news, and a lot of companies have been undervaluing security in the past and need to catch up to recent security standards.
My internship was based around modeling the staffing requirements of our technical support engineers to meet our future customer’s technical support needs in accordance with our service level agreements. It was rewarding and fulfilling to work on a project as an intern that had an impact on the company. My project helped determine how we are going to hire employees in the future worldwide.
After my internship completed, I transitioned to work as a technical support engineer. I had some basic skills before I was hired and I worked with a technical trainer at Palo Alto Networks to determine what skills I was missing. Together, we built a training program and assigned a personal mentor who helped guide me through programs and certifications I would need to complete for my job. There are a multitude of topics that need to be covered in order to be able to work in this field, like TCP/IP, ARP, SSL, TLS/PKI, IPSec, routing protocols (OSPF/BGP), and NAT. These are just some of the basics, which will eventually have to be learned in-depth.
Transitioning to full time from any internship can be a difficult process. Getting your first career out of college or certification/trainings, can also be difficult. For me, I was thankful to have the support and assistance of my organization, but I have some advice to those who are seeking their first career out of college or internship.
When you are planning your professional career development, look at job descriptions in the field you are hoping to enter. One of the first steps is to make sure you earn a degree relevant to the technology field. Job descriptions are a great place to start – they provide context to what companies are looking for, the background, certifications, and degrees a company is expecting. But a degree usually isn’t enough. After you’ve started to pursue your degree, I suggest that you seek out introductory education into the cybersecurity field. This means seeking supplementary education to the skills a company is seeking. Often, this will be outside of the university environment, and offered by third parties like Palo Alto Networks, or online learning systems. Palo Alto Networks offers their certified cyber security associate program (PCCSA) (www.paloaltonetworks.com/services/education/certification). It’s an entry level certification that will help educate you on the most recent technology for managing the cybersecurity threats of tomorrow. It’s a great resource for anyone looking to transition into the cybersecurity field.
Becoming qualified once isn’t enough, however. You’ll want to keep tabs on the industry while pursuing your degree. Certifications are changing as quickly as the industry changes to address the most critical cybersecurity needs. As Palo Alto Networks transitions to support cloud, we are seeking more cloud experience. If you are seeking a degree in any kind of technical industry, you have to stay on top of these trends – that means subscribing to technical blogs, reading technical support books, and researching common qualifications and responsibilities of the kinds of roles you are hoping to secure upon your graduation.
Looking for a career should be more than skillsets and technical aptitude. You should be seeking a career with an organization that aligns with your values and priorities. I was impressed from the beginning how open everyone here at Palo Alto Networks was. I didn’t have that same experience at my previous job and the difference in the environments is incredible. Everyone was so willing to help me learn and accomplish my goals, and I really felt supported by the team. This is unique to Palo Alto Networks, from my experience, and something that helped me accomplish my professional goals quickly after starting. When you’re seeking your next career move, make sure that you are identifying an organization that aligns with your expectations, but also matches your work style.
For instance, I learned quickly to make sure to vocalize my requests for help. It takes less time to ask for assistance than spend two hours trying to find information. Asking questions is an important skill here if you want to learn and grow into any position at Palo Alto Networks. You can’t feel like it’s a weakness to ask questions. It’s a strength which will help solidify yourself in the team dynamic.
Palo Alto Networks has been a great place to work. Our motto here in the EMEA office is one team, one goal, one destiny. We bond over our different experiences, cultures, and backgrounds. We have become one team, one family. I’ve never experienced that dynamic in other companies. Everyone here has such a mutual respect for our different backgrounds here. It’s a great environment to be a part of and one that is always growing.
If you are interested in learning more about joining our team, please reach out to me for more information at bhageloh@paloaltonetworks.com.
Slopes to Circuits
My First Computer
I started dabbling in the computer world because my father used to run a distribution one of the main mainframe companies at the time. When I was about 10 years old, he brought home a ZX81 Computer, which was one of the very first home computers, it had 1K of RAM. At the time, I wasn’t really into gaming, I was more interested to understand how those games functioned, as such it introduced me to coding, at that time in BASIC.
From Slopes to Circuits
Believe it or not, my career in cybersecurity started with skiing. By the time I was 13 I was skiing for the regional squad, and by the time I was about 17, I was skiing on the national team. Of course, skiing isn’t free, and during the summer months I worked to fund the winter ski racing season. I got work at one of the main anti-virus firms in Europe at that time. It was my first job at cybersecurity organization. During school you did a work placement, I did mine as a car mechanic, because as a boy, and still today, I love cars! However, I quickly realized working on cars was rubbish; It’s oily and not fun. My summer job helped me realize the potential of the technology world. My brain is logic bias, so I wanted to understand how computers functioned, how anti-virus software worked, and of course how cyberattacks worked. After a year out skiing and working, the company owners challenged me to pursue a degree in computer science, I challenged them to support me on the endeavor, and that’s how I ended up writing my own behavioral anti-virus tool, as my dissertation for my degree in computer science.
Working in Technology
What I love about my work in cybersecurity is that every day is a different day, and that’s still true every day I go in. It doesn’t matter what job you do in cybersecurity, research, support, consulting, or something else, you will find a large variety in your day-to-day tasks that is impossible to predict, and your job will never be boring and monotonous.
Take consulting or advisory work as an example which I have done as the Chief Technology and Chief Security Officer, you think you’re going to come in for the day and do a list of tasks, but all too often something occurs, a major threat outbreak, a large breach, new regulations come into effect. On those days, I would often get redirected to meet with government agencies, clients and then talk to the media about these events. For me, jobs in cybersecurity hit that key factor – variety. I’m not the type of person who can come into work and repeat the same tasks over and over. I need variety in my job; variety is the spice of life.
Why Palo Alto Networks?
I’ve been working in the cybersecurity industry for over twenty years, in a couple different companies with a variety of products. I’ve always known about Palo Alto Networks, I watched the start of the company from an outside perspective and I had friends who went to work there and had great careers. I was three weeks into working for a startup when I was approached by Palo Alto Networks about a job opening. The timing was wrong. I would have loved to go work there but it just wasn’t the right time. Fast-forward to after the company I was working for went public – the company started going in a different direction and I reached out to my original contact from Palo Alto Networks and told him now was the right time and I wanted to work for Palo Alto Networks. He said it was unusual to have someone cold call him back. I had to sell myself to him as a candidate and the rest is history. There are a lot of players in the technology and cybersecurity market, but I wanted an organization that truly has a world class vision and strategy, where I could be passionate in where they are going.
Companies change, and move, and that’s necessary. But I have left organizations when I didn’t agree with where they are going. I really hold on to that belief that I am going to make a difference in the world. One of the questions I always ask myself is when I retire from cybersecurity, what do I want to be remembered for? How have I changed the industry? It’s a Goliath kind of ask, especially in such a big industry. But I think it’s important for all of us to have the ability to shape our own little corner of this industry. That starts with working somewhere that has a desire to shape and change the world as a company.
Disrupting and Shaping an Industry
Working in cybersecurity, we have the opportunity and responsibility to make a real impact. I’ve always worked closely with law enforcement agencies and sat UK law enforcement and now today the Europol industry advisory board to help shape how our society and communities interact with and utilize cybersecurity measures. It started when I use to run cyber forensics training for law enforcement staff and evolved from there. But it’s more than focusing on the “today”. It’s always important to shape the industry by involving the next generation, too. I’m proud to work for a company that recognizes this and is involved with organizations like Girl Scouts and with academic programs. Cybersecurity is a skill, that in a very digital world, everyone should learn, starting at school. It’s probably not a surprise my own children do well in their school cybersecurity test. By my believe is every child and adult should be as well prepared.
Cybersecurity is global impact. It’s an evolving threat to our lives. With that responsibility comes innovative thinking – sharing information like few industries have before. It’s why the Cyber Threat Alliance was established: to shift an industry, that our organization co-founded. I’m always impressed by their ability to collaborate with other companies for all of our mutual advantage. It takes a savvy executive team to recognize that. We also helped instigate the cybersecurity moonshot program, which has the goal of working with the government make the internet safe in 10 years. Closer to all our homes we have the Cybersecurity Cannon, which is dedicated to recognizing written works that are critical to the cybersecurity world and its future be that for hobbyists or executives.
Advice for Hacking into the Industry
Finding your career path can be difficult, but the most important thing is to be passionate about whatever you do. When you find a passion in life, it drives you through the good and the bad aspects of your career and everything in between. If you are passionate about a topic, you will read forums, you’ll watch the news about it you’ll have a drive and hunger for it, and you’ll continuously work towards understanding how something works. My passion for cybersecurity has shaped my career, just as my career has shaped a small portion of the industry.