Greetings!
Background
Originally from the Bay Area, currently residing in the Southeast for over a decade. I graduated with my Masters in Computer Science and a Graduate Certificate in Information Security and Privacy.
I worked as a developer in a former life and have since transitioned to InfoSec. Past roles have been as a Security Automation Engineer, Penetration Tester, etc. My foundation is Web Application Security (#webislife), but I dabble in Mobile and Cloud Security.
I’m an adjunct professor on the west coast. Prior I was an adjunct on both coasts. This keeps me busy but also fulfills the acts of service / giving back to my community. I’ve also created courses with companies and universities such as Cybrary, Infosec Institute, Drexel University, and O’Reilly Media and presented at a handful of conferences (which are growing by the day…).
Passion Projects
- Cybersecurity Education/Digital Literacy/Computer Science: My goal is to help increase underrepresented groups in cybersecurity through education, as it’s a global issue. I created a non-profit, The Accelerated Training Program (T-ATP), a cybersecurity non-profit focused on exposing underrepresented K-12 young to digital literacy, cybersecurity, and computer science. We also focus on providing quality cybersecurity education to underrepresented groups and studying the systemic exclusion of cybersecurity education to the same groups. Our mission: “With 8% African-Americans and 24% women in the cybersecurity workforce, there’s a disparity in access to cybersecurity education. T-ATP will work with legislators to provide equitable, accessible, and rigorous cybersecurity education by creating a national cybersecurity curriculum. A national cybersecurity curriculum will ensure that cybersecurity education is equitable for all, thus creating equal opportunities as everyone will be afforded the same chances.” This aligns with the first pillar – equip every American with foundational cyber skills, particularly the subsection – and make foundational cyber skill learning opportunities available to all from the National Cybersecurity Education and Workforce Strategy from the White House. To learn about the Digital Equity Act, visit here.
- Education policy: This is intertwined with #1 (cybersecurity education/digital literacy). I recently learned about education policy and technology. My ultimate goal of T-ATP is to change how cybersecurity education is taught in the United States and worldwide through legislation. This aligns with the second pillar – Transform Cyber Education, particularly the subsections – make cyber education and training more affordable and accessible and invest in educators and improving cyber education systems. At this point, education policy will be the way to get there. I recently completed the North Carolina Education Policy Fellowship Program (EPFP), which focuses on education policy in North Carolina and beyond. If you’re in education policy, please reach out, as I would like to connect and collaborate!
- Securing medical devices: To provide background, I participated in the Biohacking Village (BHV) (which marries medical and cybersecurity) CTF at the 2020 DEFCON. I learned about medical history and found and tested vulnerabilities in insecure medical devices. I was hooked! I wanted to know more, so for DEFCON 2021, I participated in the Device Lab, a live network that allows researchers to pentest medical devices. I found five of the thirteen vulnerabilities during the engagement. Now, I am the Device Lab co-lead and Education Lead with BHV. To learn more about BHV, click here.
- Security research/bug bounty: This inspiration came from number 3, working in the device lab. I dabbled in bug bounty occasionally, but now I prioritize increasing my skills. I can’t wait to write more blog posts when I find more vulnerabilities!
I want to use my passion projects to inspire the next generation of cybersecurity professionals and show prospective cybersecurity professionals they can succeed in this industry, too.
Future State
My ultimate goal is to have accessible and equitable cybersecurity education in all schools nationwide.
How will I do this?
By infusing my tech experience with education policy, which is currently missing in cybersecurity education.
I would love to collaborate with the Office of the National Cyber Director (ONCD) and their working groups or join CISA’s Cybersecurity Advisory Committee’s subcommittees in Transforming the Workforce and the Technical Advisory Council.
I also would love to be on the Cybersecurity Education Task Force—link. It’s currently introduced with little movement, but I am confident this will move forward. This task force will create recommendations and guidelines for increasing and promoting cybersecurity courses, degrees, and programs in institutions of higher education to improve the diversity of the cybersecurity workforce.
A great initiative I worked on to increase the diversity of the cybersecurity workforce is the Cybersecurity Career Ambassador Program through NICE. The ambassador program was created to demystify cybersecurity jobs and to promote a diverse cybersecurity workforce. I’m an inaugural ambassador and was part of the planning committee for the program. To learn more about the program, click here.
Want to know more? Let’s connect through email (hello@thefluffy007.com) or Calendly.