My View from the Cybersecurity Frontlines
Ryan Olson, Vice President, Threat Intelligence (Unit 42), R&D
When I was a kid watching Star Trek, I used to imagine that someday in the future, life would be like that: People walking around with small computers, instant communication devices, on their chests that would give them access to any information they needed. I think a lot of us did. We’d fantasize about having devices that could obey our every command and, at any time, we could just ask them to give us any information we wanted. But in those episodes, there were few moments in which security threats arose — where the communication channels those devices used to retrieve that information were threatened. No one ever asked about the system’s firewall. We just took for granted that it was all secure. That might not have made exciting TV back then, but none of us would want to be on the Enterprise under a cyber attack.
My colleagues and I who work in Threat Intelligence for Palo Alto Networks are often thinking about the technology of the future, and we still get excited imagining all that’s possible. But it’s our job to understand that as we move closer to that space-age future of our imaginations, we also become more vulnerable to cyber threats. We are constantly working to anticipate the threats to come, understand how they operate, and share what we know with the cybersecurity community in order to make the digital world safer.
My Journey to Threat Intelligence
I wouldn’t say I was predestined to work in cybersecurity. I had been interested in technology and planned to begin a career in programming while I was in college. But in 2003, the National Security Administration established the National Centers of Academic Excellence in Cyber Defense to address the (correctly) anticipated shortfall of cybersecurity professionals that could present a serious global threat. Each of the designated schools offered a scholarship for service (SFS) program: If you agreed to work for the government for two years, the NSA would pay for two years of schooling to train you in cyber defense. At the time I was considering earning a master’s degree, and although for personal reasons I didn’t end up participating in that SFS program, I got excited about a career defending computer networks, so I eventually enrolled in a master’s degree program in security informatics at Johns Hopkins University.
When it was time for me to do my summer internship between the two years of the program, I was fortunate to find a great opportunity with a security intelligence company. I spent an entire summer learning malware analysis, which led me to my current career.
The Knowledge Leaders
Unit 42 was started in 2014 by Palo Alto Networks’ Chief Security Officer at the time, Rick Howard, and myself. Rick is one of the smartest people I know, but his greatest talent is his ability to boil complex ideas down into simple, understandable terms. The idea for Unit 42 was to take all of the data we were collecting from our platform, in particular the WildFire malware analysis system and use it to not just create new prevention controls for our customers, but to better understand how adversaries are targeting them. With a stronger understanding of the adversary, we can build better products but also expose threat actors in the public and educate the world about their tactics. Our team consists of malware and threat intelligence analysts who look at our collective data to understand how adversaries launch their attacks, what tools do they use and how do they change over time. Then we share this information through our blog, white papers and other channels. In some instances we can go from uncovering a threat to publishing information about it in less than 24 hours. We move as quickly as possible to capture the critical details of the threat and share them with those who can use it to defend themselves.
This runs counter to the way many companies do business, which is to hoard information so that competitors can’t get hold of it. For us, there’s obvious value in sharing this information because our primary goal is to make it harder for the bad guys to win. If a bad guy has been launching attacks for three years, he’s doing the same things repeatedly because it keeps working. But if we write a report about it and publish it for the entire world to see, it stops the cycle of the attack, making the world safer for all of us.
As part of our global efforts, we founded the Cyber Threat Alliance (CTA) several years ago. This consortium of 25 cybersecurity vendors operates under the idea that a rising tide floats all boats. We share important threat intelligence with each other explicitly so we can all translate it into protection controls in our various products. What I love most about my work is the astounding amount of cooperation that I get from other organizations. When we need help or we need to alert customers to a problem of some kind, everybody immediately jumps in because they want to go and help. We all realize that we’re on the same team, fighting the same fight.
But there’s additional value for Palo Alto Networks in publishing this information: It demonstrates to the world that we are knowledge leaders in cybersecurity, at the forefront of the industry. Unit 42 is one aspect of the careers available in our industry, and sharing information is a crucial part of our work. Although people may not immediately know our company name the way they do others in the technology space, we are the biggest enterprise security company in the world, with 60,000 customers globally. So I think it’s important to point out to anyone who is considering a career in technology that working for Palo Alto Networks really enables us to have an enormous impact on worldwide security, and that is incredibly rewarding.
A Career with Freedom
Torsten Stern, Professional Services Consultant
Europe, the Middle East, and Africa (EMEA)
Palo Alto Networks has enabled me to truly navigate my career with freedom — not only in my ability to work remotely but also in how I approach solutions for our customers.
In my role as a Professional Services Consultant, I work directly with new customers to implement our platform in order to secure their digital environments. I help them migrate from other platforms, and I provide training to their staff to ensure they fully understand and can maintain the technology.
When I joined Palo Alto Networks in 2017, I was impressed by how the organization had transitioned successfully from a startup to a global leader in security. Joining this organization was one of the best decisions I’ve ever made.
Every Day is Different
I work with two teams through my position: the EMEA Professional Services team, which is comprised of about 50 people, and a much smaller Public Cloud team, which works with customers who wish to secure their use of the public cloud. Because of the type of work involved in Professional Services — interacting with customers on their work sites — the entire team works remotely, with many of us spread across several time zones. I travel at least once a month, and sometimes more, as the occasion calls for it. If we aren’t on the road, we’re working from home. This means that every day brings something completely different.
However, even though the members of the team are spread far apart geographically, I don’t feel isolated. There’s a real sense of camaraderie. We support each other, and there’s a great dynamic among us, so the mix of perspectives really helps us to develop innovative solutions. We can lean on each other for meetings and collaborative activities; this is important because, with so many of us in different parts of the world, some of these events may take place late at night or early in the morning. There’s a lot of flexibility within the team, and everyone’s willing to step up and help when needed so that we can all have some work-life balance.
When we have a chance to come together as a team, we make the most of it. For instance, last summer, we all traveled to Houston, Texas, for a company event, and we arranged to remain in town together afterward so we could spend some time together before we had to make our next trips. We just genuinely like each other and have a lot of fun together.
A Culture of Freedom
If I had to choose one word that sums up life at Palo Alto Networks, it would be freedom. Of course, the mission drives everything we do, but we have space to breathe, to develop our own solutions to accomplish that mission, and our ideas are supported, tested, and sometimes used.
Other companies aren’t like that. In my previous position with another company, I was under so much pressure all the time — there was a constant demand for quantity, not quality. I didn’t have the freedom to pursue solutions that change the course of our organization’s support to our customers.
My job offers challenges that excite me and inspire me to keep learning, and I’m given the space to do that. And I’m very inspired by my team; I learn new things from them all the time.
I love that we are encouraged to seek out learning opportunities. We aren’t told that we don’t need to learn things because they don’t apply to our particular job titles. Instead, we are continually being offered training and certification opportunities that can benefit our careers and enhance our knowledge.
My advice for career seekers would be to maintain your enthusiasm for learning. No one in this organization expects you to know everything. What is important is your passion, your curiosity, and your willingness to learn and seek out answers. If you have those things, this might just be the right company for you.
Welcome for a Working Mom
As someone who is results-oriented and prefers a fast-paced environment, I know that coming to work for Palo Alto Networks in April 2019 was the right choice for me. Nonetheless, it was a bit of a transition. I have a degree in marketing and began my career in market research before transitioning into product management, first in the payments realm and then in human resources technology. My background was heavily focused not only on bringing global products to market but also on improving the customer experience. I stepped away from the workforce for a couple years after my sons were born, and then I went back to work in product management for a cybersecurity company.
All of my experience has included an emphasis on privacy and data security, so in that respect, working in cybersecurity at the enterprise level made sense to me. But unlike my colleagues, many of whom have considerable technical expertise, my expertise is in the customer experience and the application of human behavior enabled by technology.
When I first came on board with Palo Alto Networks, it was intimidating for me — aside from being in a department dominated by men, I was also surrounded by these highly technical minds and lacked that knowledge myself. I was nervous. But over the last 13 years of my career, I’ve developed the ability to quickly comprehend the customer’s perspective and where it ought to be, and I soon realized that this is a valuable perspective that I could contribute, and before long that feeling of intimidation went away. That’s one of the things I appreciate here — that the environment encourages people from a variety of backgrounds, with a wide array of skill sets to join the team. It’s because they realize that diversity is what ultimately adds value to what we can offer our customers.
A Human Touch
Focusing on the customer experience isn’t typically where the priority is in cybersecurity. There’s a perception that customer experience discussions are “fluffy,” that it’s too touchy-feely with its focus on how customers feel and what they want. But what a lot of people don’t know is that it’s a science that involves collecting and analyzing quantitative and qualitative feedback. And it’s also an art, knowing how to talk to customers to arrive at the root of what problems they need and want solved. Sometimes they don’t know it themselves, so you have to know how to get it out of them, which isn’t easy.
But Palo Alto is different and transitioning to make customer experience a priority. And we know, from industry trends, that companies are no longer just competing on technological features and functionality; they’re competing on experience.
As consumers, we all gravitate toward the apps that are easy to use, right? We engage with those apps that connect with us and speak to us emotionally. That’s the level of engagement we want for enterprise products, and that’s what I’m working on. So I get to be on the forefront of this transition to a more customer-centric focus, which is really exciting. I get to influence the ways in which we can improve the customers’ experience, get into their minds, understand their needs and motivations, and translate those things into features and functions that we haven’t even thought of yet. We are working to anticipate their needs and design a delightful experience for them, which is encouraging and empowering.
Diverse and Included
There are a lot of other companies that say, “We promote diversity and inclusion,” but they don’t really practice it. I never really felt the concept of inclusion until I came to Palo Alto Networks. Not only was I given an opportunity to join the company without an extensive network security background, but bringing a woman into this male-dominated field brings a different perspective, and this company saw the value in that. My manager has been a huge advocate of diversity and inclusion, and he has demonstrated this repeatedly. For example, many women have the experience of being talked over in meetings, but here, my manager is sensitive to that; there have been times where someone began to talk over me, and he stepped in and said, “Okay, I hear what you’re saying, but hold that thought please and let Debbie finish sharing her ideas.” I really appreciate a leader consciously thinking about these things.
In my fourth week with Palo Alto Networks, I volunteered to lead a customer journey mapping workshop, to share some of what I knew about this concept with the more technology-focused members of the team. As a new member on the team who clearly didn’t have the technical expertise that they had, I was nervous about leading , although I felt it was important to talk about this idea of looking at things from a more customer-based perspective. As I said before, this isn’t often a top priority for everyone, and it seemed clear that I didn’t have everyone’s full attention or buy-in. But my manager addressed it right away. He announced that this was an important subject, but that if these team members didn’t plan to participate, they were welcome to leave. The fact that he was willing to do that for me told me he had my back, that he saw value in what I had to say, and it gave me a wonderful sense of inclusion, empowerment, and support.
In my time with this company, I’ve seen a real desire to add to the diversity of the team, which includes encouraging more women and moms to apply. Cybersecurity can be an intimidating industry for women to enter, but it really is a great thing for us to have them because it provides a much-needed perspective. As we launch products and think of new ways to solve customers’ problems, we need to have those insights into the needs and values of ALL our customers, so the more perspectives the better.
It’s also important to say that I appreciate being given a chance to share what I knew here, even though I wasn’t the obvious candidate. At Palo Alto Networks, the managers here are willing to provide the training and resources we need to feel comfortable in our positions. There are boot camps, white papers, textbooks, and a wealth of people willing to share their expertise and help you to be successful.
So for women, my advice is not to be scared of a challenge. Instead, face it head on, like a bull! Women, especially us moms, prioritize relentlessly. We are master multitaskers. We have the ability to go broad and deep, that’s just how we’re wired. For example, when I’m planning to take my boys on a trip to a museum, I’m thinking, “Okay, what do I pack for snacks? Should I pack backup clothes? What time should we leave? Should we eat before we leave? What else do I need?” Our minds are always thinking that way so we can ensure we have a successful trip to the museum. It’s a lot of planning and prioritization. And each of those choices can make a big difference — like if we don’t have snacks, they’ll be grouchy later and it will ruin the trip.
Translate that to the technology world. If you want to ship this product, you need to get all the stakeholders aligned with it, because if we don’t, the customer will call us later with issues. If it’s not effective, they’ve paid millions for it and now we have a major problem. So what happens to our brand, and to their loyalty? And what happens to our company’s longevity? So thinking about all those pieces is truly valuable. This is the value a woman, a mom, can bring! So leverage those skills and bring them into the technology world, because it’s very much needed.
Not Just a Job – Journey of Growth and Opportunity
JoAnne Lucero, Associate IT Project Manager
Growth, innovation, support. If I was told to pick three words that accurately describe my journey at Palo Alto Networks thus far, those would be it. I started my journey with Palo Alto Networks a little over three years ago and I am grateful for my decision more each day.
Growth
I first joined as an Executive Assistant. At that time, I was a fly on the wall to the inner workings of IT. I observed how each domain operated, how projects added value to the day to day activities of Palo Alto Network employees. I saw the momentum, the growth, and the innovative direction IT was heading and knew I wanted more involvement. I spoke with my manager about expanding my role without compromising my responsibilities and the support I received was nothing short of amazing. I started by refining my professional development plan and starting a trial stretch role as a Scrum Master. It was difficult to juggle the tasks from two different roles, but I was excited for the opportunity to see where this job could take my career.
As a Scrum Master, I was the facilitator of projects and worked to remove any roadblocks that stood in the way of the team’s progress. At the end of the stretch role trial, I was offered the chance to move into the Scrum Master position full time, which was exactly the direction I wanted to go in my career. It was a great opportunity to step into a role and move forward. That step has led to my current position as a Project Manager for the Infrastructure team.
Innovation
I have been involved with high visibility projects in my new position that have a real impact on our employees and productivity. I have worked with teams to build out the technology infrastructure for new buildings and improve on existing spaces. We made sure there was wifi when you are outside at HQ. We want employees to be able to walk from building to building without losing service and have the option to work outside. We also made sure there was always service in the elevators. How annoying is it when an important call is dropped right as you go to get on an elevator? We knew there would be a lot of people moving around through the buildings while taking phone calls for business and we made sure to address that. What excites me the most is that I am directly involved in projects that will grow and transform our business.
To keep with the pace at which Palo Alto Networks is growing, IT needs to be quintessential at enabling employee productivity, not blocking it. As a potential employee, think of all the ways you could positively contribute to that? Employees see the day to day pain points in a company, and our IT program sets us up and supports us in solving those problems, which in turn helps the entire company. We are constantly working with different groups to improve on work locations and always thinking about the next steps.
Support
We all have our daily work rituals and tasks, but what I love about IT is employees are given opportunities to do more outside of their company assigned tasks. Through programs like The Shark Tank where they can present a personal idea to be funded by the company and Hack-a-Thons where they work on a program for a 24 hour period as part of a larger group, employees are encouraged to work on passion projects and turn ideas into working applications. Brown Baglunch gatherings provide employees with a casual setting to discuss what they are working on to other employees in the company, including our CIO. . Within our IT department specifically, employees can shadow one another or do rotation assignments to expand their knowledge outside of their own work and test potential future directions in their career.
I look back at the past three plus years and think about how the opportunity to make game-changing and innovative contributions as well as the opportunity for professional growth and the amazing support of colleagues, all sums up why I love being a part of Palo Alto Networks.
Focusing on Customer Success in Cybersecurity
Gilad Shriki, Senior Director, Customer Success, Demisto
One of my favorite things about working in cybersecurity is that it’s the battle of good versus evil. It’s not something you always have within other technology-based businesses. But working in cybersecurity, there’s a strong sense of purpose and knowledge that I’m fighting for good.
Leading Customer Success
I started my cybersecurity career in the Israeli Defense Forces, where I led a team of developers. I moved into systems engineering and product management for a telecommunications firm, followed by about four years doing database security before coming to work for Demisto, as the Director of Customer Success. Soon after joining, Palo Alto Networks acquired Demisto, giving me the opportunity to expand my role and develop new technologies.
Customer Success helps with all customers’ activities after they’ve purchased our products — from onboarding to integration, technical support, ongoing engagement with our team, and even program management. Within the Customer Success team, it’s our goal to ensure that customers continue using our products as successfully as possible, ultimately keeping their environments protected and up to date.
Dynamic Days, Dynamic Company
Cybersecurity is an ever-changing ecosystem, and I think it’s one of the most interesting and dynamic fields out there. It challenges you to constantly learn, staying ahead of the newest threats and technological evolutions.
If you want to work in this industry, you have to be someone who questions what we often take for granted. You need to be thinking about how someone could maliciously use data. I don’t believe there is such a thing as too much defense or protection, and it’s something we take to heart in this industry.
As part of working with a vendor like Palo Alto Networks, it’s our job to constantly be innovating. Our job isn’t one of maintenance, it’s improving the products to serve our customers, and challenging the status quo. It means it takes someone who doesn’t like to sit still, seeks new challenges before they arise, and think critically, and quickly, to shape the future of our products.
When people ask me what my average workday looks like, I tell them that there isn’t one. It’s so dynamic that every day brings something different and new. I’m leading a large team of people, all of whom bring unique attributes to their work. I’m always thinking about what services we can offer to customers, growing the team, and planning what we want to do in the future. I also enjoy a high level of interaction with customers, and every interaction is different. I never know how my day is going to look; it’s always changing, but that’s what makes this job amazing.
In my newest role as senior director, I try to be the kind of leader who empowers the team, someone who trusts and gives support to those I work with. I think a good manager needs to identify people’s strengths and weaknesses and assign them responsibilities accordingly. You never want to put people in the position of constantly struggling to perform tasks that don’t suit their strengths — that just sets them up to fail. I try to make sure we identify those weaknesses in order to either help the person develop that as a strength or move into areas where they excel. I don’t like to micromanage. In the military, I learned that a good boss never needs to put his foot down on a decision. Instead, I give the team a lot of space to lead or follow as they see fit, and I am there to offer guidance.
I love that Palo Alto Networks offers its employees the freedom to learn and grow. It’s a very casual, approachable environment that encourages innovation across the board. It’s truly a company that understands that people are the most important assets it has.
A Career in the Support Arena
I have worked in the technology field for over twenty years. Starting my career as a field engineer in the communications sector around 1997. From engineering I moved into program management and then into a people management role. During my career, I have covered a broad variety of fields within technology and whether it was working with contact centers, customer relationship management platforms, or software to web portal technologies, my entire career has been focused within the support arena.
Presently, I am the manager of a global customer support business systems team. We help our company mission of protecting our way of life in the digital age by providing behind the scenes support of mission critical applications used by our organization. In gathering our stakeholders business requirements, analyzing complex problems, we deliver solutions used by our organization to address our end customer’s support needs. It’s a constantly changing, challenging, and evolving ecosystem – but one that I am always glad to work on every day in a field that I am proud to be a part of.
Why cybersecurity?
When you hear the term mission driven company, typically you think of a not for profit company. Most for-profit companies’ goals are to increase value to the shareholders and to sell something, typically that people don’t need. I didn’t want to be associated with that. I wanted to be in a job that really had something of value to offer and something I would feel good about aligning myself with. Today, in my role, I support the equivalent of technology first responders, who are on the forefront, servicing our customers in successfully thwarting cyber attacks against their networks. That is mission-driven and I don’t see a lot of opportunities in the tech sector where you can say that you are really doing something that is a positive in the industry and for the betterment of society as a whole, that is not just seeking a profit.
For me, I am connected to technology in ways most are not. I literally depend on technology to keep me alive. I have an implanted cardiac device that is remote controllable via a network. Understanding that, I want to make sure there isn’t a hacker out there who can access my pacemaker. So you can say, I have a very personal motivation to ensuring networks are protected. I also have a passion for making sure that the world is as safe as possible because everything is becoming more and more intrinsically dependent on networks and data.
When I look at technology and how everything is increasingly becoming more linked, whether it’s an appliance in a home or a car, there is some level of technology behind it that is being routed over a network and having that network secure is extremely important. That’s the mission. As such, I am a part of something that is protecting our digital way of life and that means that I’m not only coming to work to add value to a specific function, but in a way, I’m part of something that is important and is making a difference to the world we live in as a whole.
Why Palo Alto Networks?
The types of companies I’m drawn to have always seen support as a differentiator in the industry. That is important. My team comes to work knowing what they are doing is valued and matters. A lot of companies say that for support, you just should be on par with the rest of the industry. Who wants to go into a place where they are told that mediocrity is ok. Really? Are we are ok with that? Similarly, who wants to be told your job is important but doesn’t bring a lot of value to the mission of the company? I joined Palo Alto Networks because they believed in legendary support.
Working in a Fast-Paced Industry
I think we all know and hear that things move fast, but I don’t think you get a full sense of how fast things move until you are here. Things move extremely fast at Palo Alto Networks and you need to be nimble and agile. It’s important to be passionate and invested in your project but it is also important that when priorities change that you don’t take it personal if you need to drop a project and switch gears. The value you bring in a role comes not only in your ability to deliver, but also how quickly you adapt, when priorities change.
The People
The caliber of individual that is drawn to Palo Alto Networks is truly unique. In my career I’ve had strong relationships with peers outside of work who were coworkers that became friends, but my current team often does things as a group, that is completely voluntary and not company sponsored and usually you’ll see 100% participation. We spend a lot of time together at work, and they will still make the choice to come and spend even more time together outside of work. I believe in connecting at a human level, because we are more than the sum of the projects we deliver and having time to recoup and bond outside of work, to connect on a personal level, provides a personal reward, camaraderie and friendship that I really appreciate. The team’s closeness and how they build on those relationships is amazing to be a part of. It feels more like family than coworkers, and that’s something I’ve never had before in my twenty plus years of working in the technology field.
My Experience in Tech
I have always been drawn to science, as a child I loved astronomy and the idea of space exploration. I knew from growing up as a kid in the late 70s and 80s that there was the concept of spin in technology, that by the time you produce something, and it goes to market, it’s already obsolete. I understood that. However what I see today in the evolution of technology, is just how accelerated that change has become. Advancements come at an exponential rate. The amount of physical space that a chip takes now versus when I started in my career is amazes me. I never thought we would cross the barriers of understanding that we have. As machine learning and AI become more present in our everyday life, we will have to determine what the ethical responsibilities of that are. I feel as if the generation coming to the market today will be able to achieve more in terms of technological advancement than the founders of Apple and Microsoft did and do it in one fifth the time and the center of it all, is AI. We stand at the precipice and I feel that is if I’m part of that history that is about to unfold. As a society we are on the tip of the next great evolution and I’m excited to be involved in it.
I think we live in an amazing time and I believe in what we are doing as a whole in terms of technology. But as with all things, where there is something meant for good, it has the potential to be turned or exploited for the bad and so at the center of it all, you will always need cybersecurity.
My advice for Jumping into Cybersecurity
First and foremost, believe in yourself. Don’t let someone else define or dictate what you can do. I have physical limitations, I’m legally blind, and I remember being told at a young age that I would never amount to anything because of it. That I would never be a productive member of society. That is when I learned to not let someone define who you are. So you must first believe you can do it. Then you go get the skills that you need to succeed. Attitude in everything. Anyone can learn a skill and it doesn’t always have to be through conventional channels, but not everyone has a good attitude. I think that’s what sets Palo Alto Networks apart from other companies. We look at the attitude, not just the aptitude of the individual. Maybe a candidate doesn’t necessarily have all the relevant background, but they have something similar. We ask can they achieve this job, and do they have the right attitude, and we weigh that against a set of qualifications.
Lastly, you must continue to keep an open mind and be coachable. If you are willing to learn and willing to grow, you will find a lot of doors open for you in your career path. You can’t allow yourself to get to the point where you think you know everything. Never lose that zest to learn and keep an open mind.
Connecting Communities Through Cybersecurity
It’s always been in my nature to help the underdog. Whether it’s supporting others while growing up as a military brat, taking work on US government contracts where missions were time critical and affected many, or becoming a volunteer EMT to help save people in my community and overseas, I enjoy helping and connecting people. Coming to work for Palo Alto Networks has allowed me to extend that to a larger, global community.
My Story
I was a government contractor in the DC area for over twenty years before starting with Palo Alto Networks. With a background in software development, management, and technical training, I found my new home with Palo Alto Networks Unit 42. We’re the team that detects new threats, details them, identifies the risk, and shares that with the industry to better protect all digital environments.
When I came on board, the first task I was handed was our efforts around the Cyber Threat Alliance. The CTA was our answer to how to disseminate information throughout an industry trying to address new threats emerging every day. It is an organization with the perspective that unless we share our information, share the threats we are facing, we will fail. It’s this organization that enables us to work with other companies that are coming together for the common good. We are collaborating, and this gives us more access to data than we would ever be able to compile on our own. We are sharing our data, our perspectives to find better solutions together. It’s been amazing to get on phone calls with competitors and have intelligent, collaborative conversations because we know we are all in this fight together.
This isn’t just the CTA but the industry as a whole that expects this kind of behavior. I’ve learned so much from working with other companies and government agencies. They, in turn, learn from us. I’ve seen us move forward on solutions that protect our customers and our digital way of life. I’m proud to work for a company that centers its work on humility – the humility to ask for help, work together to identify solutions, and find them, together.
Staying Innovative in a Changing Industry
Part of the evolution of our industry is evolving not just the way we detect the threats but who is involved in detecting them. I’m excited and inspired by the programs I have been able to participate in while working here. I helped with the creation of the initial cybersecurity badges for the Girl Scouts. I presented to Black Girls CODE in California. I’ve attended and represented the company as a speaker at several conferences, most recently RSA. It’s no secret that there is a shortage of women in the industry, so it’s nice to have the opportunity and support from the company to be involved in programs and events that are driving a positive change.
The industry is constantly changing, and we have to improve, develop new products, and work with different organizations to avoid getting stuck in a rut as well as ensure we stay innovative. I’ve never seen a company grow and expand as successfully as we have before in my career. It’s challenging but I love to be challenged – I love how fast-paced my work can be, and I love that things are always shifting and changing. I’m never bored. Teaching young ladies in Girl Scouts how to stay safe in the digital age; helping my mom remotely when she has computer problems; and working on a team that discovers, analyzes, and reports on the latest threats are the reasons I get out of bed every day and proudly wear my Palo Alto Networks gear.
This article first appeared as “Life at Palo Alto: Connecting Communities” by Kathi Whitbey.
Intern to Employee
I started at Palo Alto Networks as an intern in early 2017. I was a mathematical engineering major at the time, and the study program included some basic networking courses (CCNA/CCNP). While taking these courses I started becoming interested in cybersecurity and realized that there was a big gap of cybersecurity professionals in the market, so there are always job opportunities in this field. Cybersecurity has also become more relevant in the past few years as we can see frequent breaches in the news, and a lot of companies have been undervaluing security in the past and need to catch up to recent security standards.
My internship was based around modeling the staffing requirements of our technical support engineers to meet our future customer’s technical support needs in accordance with our service level agreements. It was rewarding and fulfilling to work on a project as an intern that had an impact on the company. My project helped determine how we are going to hire employees in the future worldwide.
After my internship completed, I transitioned to work as a technical support engineer. I had some basic skills before I was hired and I worked with a technical trainer at Palo Alto Networks to determine what skills I was missing. Together, we built a training program and assigned a personal mentor who helped guide me through programs and certifications I would need to complete for my job. There are a multitude of topics that need to be covered in order to be able to work in this field, like TCP/IP, ARP, SSL, TLS/PKI, IPSec, routing protocols (OSPF/BGP), and NAT. These are just some of the basics, which will eventually have to be learned in-depth.
Transitioning to full time from any internship can be a difficult process. Getting your first career out of college or certification/trainings, can also be difficult. For me, I was thankful to have the support and assistance of my organization, but I have some advice to those who are seeking their first career out of college or internship.
When you are planning your professional career development, look at job descriptions in the field you are hoping to enter. One of the first steps is to make sure you earn a degree relevant to the technology field. Job descriptions are a great place to start – they provide context to what companies are looking for, the background, certifications, and degrees a company is expecting. But a degree usually isn’t enough. After you’ve started to pursue your degree, I suggest that you seek out introductory education into the cybersecurity field. This means seeking supplementary education to the skills a company is seeking. Often, this will be outside of the university environment, and offered by third parties like Palo Alto Networks, or online learning systems. Palo Alto Networks offers their certified cyber security associate program (PCCSA) (www.paloaltonetworks.com/services/education/certification). It’s an entry level certification that will help educate you on the most recent technology for managing the cybersecurity threats of tomorrow. It’s a great resource for anyone looking to transition into the cybersecurity field.
Becoming qualified once isn’t enough, however. You’ll want to keep tabs on the industry while pursuing your degree. Certifications are changing as quickly as the industry changes to address the most critical cybersecurity needs. As Palo Alto Networks transitions to support cloud, we are seeking more cloud experience. If you are seeking a degree in any kind of technical industry, you have to stay on top of these trends – that means subscribing to technical blogs, reading technical support books, and researching common qualifications and responsibilities of the kinds of roles you are hoping to secure upon your graduation.
Looking for a career should be more than skillsets and technical aptitude. You should be seeking a career with an organization that aligns with your values and priorities. I was impressed from the beginning how open everyone here at Palo Alto Networks was. I didn’t have that same experience at my previous job and the difference in the environments is incredible. Everyone was so willing to help me learn and accomplish my goals, and I really felt supported by the team. This is unique to Palo Alto Networks, from my experience, and something that helped me accomplish my professional goals quickly after starting. When you’re seeking your next career move, make sure that you are identifying an organization that aligns with your expectations, but also matches your work style.
For instance, I learned quickly to make sure to vocalize my requests for help. It takes less time to ask for assistance than spend two hours trying to find information. Asking questions is an important skill here if you want to learn and grow into any position at Palo Alto Networks. You can’t feel like it’s a weakness to ask questions. It’s a strength which will help solidify yourself in the team dynamic.
Palo Alto Networks has been a great place to work. Our motto here in the EMEA office is one team, one goal, one destiny. We bond over our different experiences, cultures, and backgrounds. We have become one team, one family. I’ve never experienced that dynamic in other companies. Everyone here has such a mutual respect for our different backgrounds here. It’s a great environment to be a part of and one that is always growing.
If you are interested in learning more about joining our team, please reach out to me for more information at bhageloh@paloaltonetworks.com.
Slopes to Circuits
My First Computer
I started dabbling in the computer world because my father used to run a distribution one of the main mainframe companies at the time. When I was about 10 years old, he brought home a ZX81 Computer, which was one of the very first home computers, it had 1K of RAM. At the time, I wasn’t really into gaming, I was more interested to understand how those games functioned, as such it introduced me to coding, at that time in BASIC.
From Slopes to Circuits
Believe it or not, my career in cybersecurity started with skiing. By the time I was 13 I was skiing for the regional squad, and by the time I was about 17, I was skiing on the national team. Of course, skiing isn’t free, and during the summer months I worked to fund the winter ski racing season. I got work at one of the main anti-virus firms in Europe at that time. It was my first job at cybersecurity organization. During school you did a work placement, I did mine as a car mechanic, because as a boy, and still today, I love cars! However, I quickly realized working on cars was rubbish; It’s oily and not fun. My summer job helped me realize the potential of the technology world. My brain is logic bias, so I wanted to understand how computers functioned, how anti-virus software worked, and of course how cyberattacks worked. After a year out skiing and working, the company owners challenged me to pursue a degree in computer science, I challenged them to support me on the endeavor, and that’s how I ended up writing my own behavioral anti-virus tool, as my dissertation for my degree in computer science.
Working in Technology
What I love about my work in cybersecurity is that every day is a different day, and that’s still true every day I go in. It doesn’t matter what job you do in cybersecurity, research, support, consulting, or something else, you will find a large variety in your day-to-day tasks that is impossible to predict, and your job will never be boring and monotonous.
Take consulting or advisory work as an example which I have done as the Chief Technology and Chief Security Officer, you think you’re going to come in for the day and do a list of tasks, but all too often something occurs, a major threat outbreak, a large breach, new regulations come into effect. On those days, I would often get redirected to meet with government agencies, clients and then talk to the media about these events. For me, jobs in cybersecurity hit that key factor – variety. I’m not the type of person who can come into work and repeat the same tasks over and over. I need variety in my job; variety is the spice of life.
Why Palo Alto Networks?
I’ve been working in the cybersecurity industry for over twenty years, in a couple different companies with a variety of products. I’ve always known about Palo Alto Networks, I watched the start of the company from an outside perspective and I had friends who went to work there and had great careers. I was three weeks into working for a startup when I was approached by Palo Alto Networks about a job opening. The timing was wrong. I would have loved to go work there but it just wasn’t the right time. Fast-forward to after the company I was working for went public – the company started going in a different direction and I reached out to my original contact from Palo Alto Networks and told him now was the right time and I wanted to work for Palo Alto Networks. He said it was unusual to have someone cold call him back. I had to sell myself to him as a candidate and the rest is history. There are a lot of players in the technology and cybersecurity market, but I wanted an organization that truly has a world class vision and strategy, where I could be passionate in where they are going.
Companies change, and move, and that’s necessary. But I have left organizations when I didn’t agree with where they are going. I really hold on to that belief that I am going to make a difference in the world. One of the questions I always ask myself is when I retire from cybersecurity, what do I want to be remembered for? How have I changed the industry? It’s a Goliath kind of ask, especially in such a big industry. But I think it’s important for all of us to have the ability to shape our own little corner of this industry. That starts with working somewhere that has a desire to shape and change the world as a company.
Disrupting and Shaping an Industry
Working in cybersecurity, we have the opportunity and responsibility to make a real impact. I’ve always worked closely with law enforcement agencies and sat UK law enforcement and now today the Europol industry advisory board to help shape how our society and communities interact with and utilize cybersecurity measures. It started when I use to run cyber forensics training for law enforcement staff and evolved from there. But it’s more than focusing on the “today”. It’s always important to shape the industry by involving the next generation, too. I’m proud to work for a company that recognizes this and is involved with organizations like Girl Scouts and with academic programs. Cybersecurity is a skill, that in a very digital world, everyone should learn, starting at school. It’s probably not a surprise my own children do well in their school cybersecurity test. By my believe is every child and adult should be as well prepared.
Cybersecurity is global impact. It’s an evolving threat to our lives. With that responsibility comes innovative thinking – sharing information like few industries have before. It’s why the Cyber Threat Alliance was established: to shift an industry, that our organization co-founded. I’m always impressed by their ability to collaborate with other companies for all of our mutual advantage. It takes a savvy executive team to recognize that. We also helped instigate the cybersecurity moonshot program, which has the goal of working with the government make the internet safe in 10 years. Closer to all our homes we have the Cybersecurity Cannon, which is dedicated to recognizing written works that are critical to the cybersecurity world and its future be that for hobbyists or executives.
Advice for Hacking into the Industry
Finding your career path can be difficult, but the most important thing is to be passionate about whatever you do. When you find a passion in life, it drives you through the good and the bad aspects of your career and everything in between. If you are passionate about a topic, you will read forums, you’ll watch the news about it you’ll have a drive and hunger for it, and you’ll continuously work towards understanding how something works. My passion for cybersecurity has shaped my career, just as my career has shaped a small portion of the industry.