Last time, I spoke with Valerie Thomas. She specializes in SCADAs and industrial control systems; she enlightened me on their cybersecurity aspects.
This time, I got to speak with Leila Powell. Her background in astrophysics taught her how to manage data to better understand the effectiveness of security controls.
Kim Crawley: Hi, Leila! Please tell me about your position and what led you to it?
Leila Powell: I’m a security data scientist at Panaseer, a London-based startup. The Panaseer platform gives teams continuous, automated insight into the effectiveness of their security controls and helps them improve their cyber hygiene. As a data scientist, I essentially follow the data as it flows through our platform and am therefore involved in everything from understanding how to derive value from our datasets, modelling the data, writing product analysis code to provide insight to our users, determining what information we should show in our dashboards, and helping inform what functionality our users need to get the most value from the insight we provide. I even get involved in user testing! It’s a very varied role, and I love the fact that I’ve learned a lot about building a product rather than being restricted to a purely research-type role.
My background is in astrophysics. I did my Ph.D. then two post-doctorates focused on using supercomputers to model the formation of galaxies and galaxy clusters. After eight years, I decided I wanted a change of pace and wanted to work on something with a direct real-world impact. I started to look for data science jobs. A few of my former colleagues had gone down this route, and it seemed to align well with my existing skill set. While focusing my job search on UK startups, I saw a job advertisement for Panaseer and was impressed by the founding team and excited by the challenges they were tackling. I’d never really considered that my skills could be applied to infosec. Ending up in cybersecurity was not something I planned out, more something I stumbled across, but I’m really glad to be here!
KC: Does anything you learned as an astrophysicist help you think about cybersecurity?
LP: The most transferable skill is how to handle data. How to get a new dataset and be able to work out what it can tell you and (often more importantly) what it can’t. That and always asking why. Digging down into the details until you understand exactly why you can see a particular trend in your numbers.
KC: What do you think the biggest problems in cybersecurity are these days?
LP: I think one of the biggest challenges is getting the basics right. Businesses are often disproportionately concerned about really advanced threats but leave themselves open to simple attacks when these are often the ones that they are most able to prevent. For example, the first point in cyber security frameworks like NIST or CSC is identifying what’s on your network, but this is surprisingly hard for many businesses. One of the things I work on with the rest of the team is combining data from lots of different sources to extract as much insight as possible from the data that orgs already have. This has many benefits, such as giving them a much more complete asset inventory.
KC: What are some misconceptions people have about what you do?
LP: People often equate data science to machine learning. Machine learning is absolutely one of the tools data scientists use, but there’s way more to it…and by that, I don’t just mean there are more analysis tools. For example, communicating results to the intended audience in a way they can make use of is a vital part of my role.
Also, when I say I’m a security data scientist, people always assume I’m working on finding something bad such as threat hunting or anomaly detection. In actuality, I’m trying to help people make sense of the information they already have and maximize its effectiveness. Ultimately, more data only helps improve your security posture if you can understand it and have the time, money, and resources to act on what it shows you.
KC: Thanks for speaking with me, Leila.
About the Author: Kim Crawley spent years working in general tier two consumer tech support, most of which as a representative of Windstream, a secondary American ISP. Malware-related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. Her curiosity led her to research malware as a hobby, which grew into an interest in all things information security related. By 2011, she was already ghostwriting study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. Ever since, she’s contributed articles on a variety of information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.