Window Snyder, Chief Security Officer at Square, participated in a fireside chat with Dean of Berkeley Engineering Tsu-Jae King Liu at the 2020 Women in Tech Symposium at the UC Berkeley campus.
As a security professional, “the things you do can have a significant impact” and that is why Window Snyder keeps choosing cybersecurity “over and over again.” After she fell in with a group of, let’s say, “computer security hobbyists” and “voluntary sys admins” in Boston, Window shared her path and passion for the field of cybersecurity at the 2020 Women in Tech Symposium on Reimagining Cybersecurity for All, held at UC Berkeley.
When Snyder started, she explained “there was not a set of books, I couldn’t join a program, or take a class in any of this stuff so we built our own tools. We came up with our own systems for identifying vulnerability and building resiliency and it grew into an industry.”
Now, like then, “You have to consume a huge amount of information to stay up to date- it’s exciting and it’s hard to keep up with the changing landscape, different threats, regions, markets,” said Snyder. As a security practitioner “you never really get to win” but you have “the ability to get back to a known good state and to learn how to make systems more resilient.”
Security has to be part of the conversation from the very earliest design phase, and security needs to partner with engineering and product: “I have seen a lot of organizations where security is set up to be the “no machine.” It is really easy to say no, it’s very easy to reduce risk if the answer is always no, but it’s not very helpful to the business.” Snyder pointed out that finding ways to do “the delightful, beautiful, exciting thing that the product team wants to do, in a way that is less risky to the organization, is much more useful” and security and privacy can actually “be a differentiator that can open up a whole new opportunity for the company to make products people love.”
Snyder challenged students and the next generation of cyber talent by asking them to “be the voice in the room asking questions.” Someone needs to be asking: “How long will we keep the data?” “When and how is data deleted?” “How are we tracking consent associated with the data?” “Is this protocol more complex than it needs to be?” “How does our system fail and when it fails, does it fail gracefully in a way that can be captured?” and “What data might be compromising for different people and how do we avoid exposing that data?”
For those considering a career in cybersecurity (and you should — the demand for talent is high, the field has an astonishing 0% unemployment rate, and there is already a shortage of talent), Snyder says:
- “We should, all of us, builders of technology, need to consider how our systems are resilient. The way that things fail includes people attempting to make them fail.”
- “Find that thing that you feel really enthusiastic about, that you find compelling, that you want to work on — If you find yourself doing the work and it doesn’t feel like work, that’s a good sign. … If this [cybersecurity] gets you excited I fully encourage you to throw everything at it.”
Watch the fireside chat with Window and view the rest of the Women in Tech Symposium on Reimagining Cybersecurity for All playlist. The Champion sponsors of the Women in Tech Symposium are Lam Research and Microsoft.
The Center for Information Technology Research in the Interest of Society (CITRIS) and the Banatao Institute drive interdisciplinary innovation for social good with faculty researchers and students from four University of California campuses – Berkeley, Davis, Merced, and Santa Cruz – along with public and private partners.
To learn more about CITRIS, sign up for our newsletter: bit.ly/SubscribeCITRIS