4 minute read
Saman Fatima
SAMAN FATIMA
Saman Fatima was born in Lucknow, India and now lives in the US, in Atlanta, where she is in the first semester of a master of science course in information systems – cybersecurity at Georgia State University.
Master of Science Course Student at Georgia State University
Suppose you met an old friend from your last year at school who, knowing nothing about cybersecurity or what you do, asks you what you are doing. How do you answer them to ‘sell’ them on the idea of a career in cybersecurity?
Having spent five years in cybersecurity and having seen what happens on social media, I would show my friend the dark world of security, not to scare them but to make them understand how putting information about yourself on social media—saying “Hey I am at the WTC”—can be dangerous because it creates data that can be harvested for open-source intelligence (OSINT), etc. I would try to impress upon them the importance of putting ‘security first’ in both their physical and digital lives.
How does the reality of cybersecurity as you experience it today fit with your understanding when you first thought about studying it?
I was a beginner in cybersecurity studies five years ago with little exposure, but now it has become a BEAST! I have been introduced to multifactor authentication. I have learnt that no browser is safe. I have learnt to love cookies, but that cookies can steal a lot of data. I have learnt that social media exposure can be a bane, and to be careful with every detail exposed.
What cybersecurity role would most like to be hired into when you graduate, and why?
I really want to become a cloud engineer. I am strongly inclined toward the usage and benefits of the cloud: putting data there, deciding which deployment and service model best suits the organisation, and safeguarding the data with appropriate controls.
Who, or what would you say has had the biggest influence on your cybersecurity career journey to date, and why?
My family members are supporting my enthusiasm and passion for cybersecurity. They supported me to move to the US to study for my master’s degree after five years working in industry (Yes, it is tough). A host of friends in my cyber community have helped and contributed to my journey tremendously.
What do you see has having been the most memorable and/or significant in your cybersecurity journey to date, and why?
There have been many memorable moments:
• Starting a new community (non-profit) with my colleague/friend/sister Aastha Sahni in 2021. • Being nominated for cyber awards. • Coming to the US for my master’s. • Learning about attacks and gaining knowledge about different domains, getting my work published, presenting it and being acknowledged. • Starting a student chapter of WiCyS at my university. • Being a community leader, having people learn from me, and vice-versa.
My biggest achievements have been when I have been able to help others with cybersecurity.
In addition to your studies, what employment experience do you have in cybersecurity?
I have been trained in identity and access management. I have long been a cybersecurity enthusiast and I am an active member of cyber communities.
• I am the cofounder and vice-chair of the Breaking
Barriers Women in Cybersecurity (BBWIC)
Foundation. • I am a volunteer instructor at CyberPreserve. • I am a global member, mentor and mentee at
Women in Cybersecurity (WiCyS). • I am an ambassador for Snyk, a Bostonbased cybersecurity company specialising in
cloud computing. • I am an ambassador and advisor at Women in Cloud (WIC), a community-led economic development organisation for women entrepreneurs and professionals.
I started my career in early 2017 with Tata Consultancy Services working with SailPoint’s identity and access management technology and entered the world of cybersecurity when I became a data engineer with Macquarie Group. I am now a graduate student at Georgia State University studying security analysis, application architectures and business analysis.
I have five years’ experience as a DevOps engineer. I have obtained two industry certifications—CyberArk Trustee and Microsoft AZ 900—and I aim to collect more in coming years.
I love to learn and grow in cybersecurity. I have been a speaker at conferences including OWASP Appsec 2021, Day of Security 2022, SANS New2Cyber Summit 2022, GDG DevFest UK & Ireland 2022, DevSecCon 2021, c0c0n 2021, Rainbow Secure Cyber Symposium 2021, Tech(k)now Day 2021 & 2022, the Hackers Meetup and various local and virtual meetups.
We hear all the time that the world of cybersecurity is changing rapidly, particularly with the rate of threat evolution. Do you feel your course is doing a good job of being current?
Cybersecurity is changing every day. I feel being part of it, learning about it and implementing it in real-life is my thing, and I am quite happy with my role.
What aspect of your studies excites you the most?
I got to mount a few attacks in a controlled environment as part of my curriculum. I would not otherwise have had this opportunity.
What is your favourite source of general information about cybersecurity?
These are the sources I follow:
• Cyberpreserve Weekly News. • BleepingComputer for the latest technology news. • SANS Training. • Women in Security Magazine. • Podcasts by ITSP Magazine, Snyk, Philip Wylie,
Human Factor, Security Metrics, etc.
What measures do you have in place for your personal cybersecurity?
I change passwords for all my major accounts monthly and for my low-priority accounts I change the passwords quarterly.
• My passwords are passphrases, no one can crack them. • I check what permissions all my mobile apps have. • I use multifactor authentication on all applications that support it. • I ensure I install all software updates and patches in a timely manner. • I run antivirus scans weekly or monthly, depending on device usage levels.
www.linkedin.com/in/saman-fatima-30
