Women leading the way in government cybersecurity

Staying Cyber Relevant

We are looking at cross-sector solutions with the sector-specific agencies. We are as concerned today, if not more so, about changing tactics techniques and procedures of the adversary. We have not backed off of any of our warnings. In fact, we've started to ensure that especially during the month of October, during Cyber Security Awareness Month, that we are making sure that both individuals and those responsible for the collective are aware of those nation-state actors that we are most concerned about, and also of the protectives measure that they should be taking on a daily basis themselves.

Alexis Wales

Deputy Associate Director, Threat Hunting, Cybersecurity and Infrastructure, Cybersecurity and Infrastructure Security Agency

Threat Intelligence and Success Stories

The Worldwide Threat Assessment talks specifically about what China can do in our infrastructure, and on the top of page six it talks about what Russia can do. So, what we are trying to do is make sure we can detect it. Some of the traditional ways of how people look at the information is very after the fact of something happening, so that's the reactive piece. So, we are now saying that any anomaly; any alarm that's triggered within an operational technology environment, that IS the trigger; that is the cyber threat indicator until such time that we can do the analysis across the board and say that it's not, that that's a normal way.

Karen Evans

Assistant Secretary for the Office of Cybersecurity, Energy Security, and Emergency Response, Department of Energy

The Role of Women in Cybersecurity

It's a must do; retraining across the board. At the end of the day, cyber is a people business. You have a person on the end of that keyboard and it's about understanding the people. And women have very high emotional intelligence. They're fine with expressing emotion and they're fine with others expressing emotion. So, I do think convincing them that they can enter at any point in their career and learn the technology, because they do bring something to the table.

Teresa Shea

Vice President of Cyber Offense and Defense Experts, Raytheon

Cyber threats have changed dramatically over the last several years. But while the landscape has evolved with the advent of the cloud and vast amounts of data being stored there, staying ahead of threats is a major focus for federal agencies and their private sector partners.

Federal News Network organized a panel discussion with industry and government cybersecurity experts to explore the challenges, and opportunities, around this critical issue. Specifically, how a diverse workforce – in what has typically been a male-dominated field – can achieve success against the ongoing cyber threats the country faces.

The panel included representatives with a variety of perspectives from the departments of Energy, Homeland Security and Health and Human Services, as well as the Defense Information Systems Agency and Raytheon.

A common theme among the panelists was staying proactive so agencies are not “analyzing after the fact,” according to Karen Evans, assistant secretary for the office of cybersecurity, energy security and emergency response at the Department of Energy. Evans said she remembers a warning about cyber attacks from the head of the National Security Agency some 10 years ago, and she said threats from adversarial nation states are still some of the biggest challenges.

As devices are more interconnected, the playing field gets more complicated. Agencies rely heavily on their partners in the private sector so that “risk-informed decisions can be made quickly and in an intelligent manner,” according to Alexis Wales, the deputy associate director of threat hunting, cybersecurity and infrastructure at the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security.

DHS continues to look at cross-sector solutions but Wales said bad actors are already in the systems, and the days of securing the perimeter are over. She said DHS focuses on partnerships with those who operate closer to the endpoint to warn about what might be taking place.

The bar to entry from attackers is low, and Teresa Shea, vice president of cyber offense and defense experts at Raytheon, said once bad actors get in they discover what might be valuable to them and what they might be able to sell or use to their advantage.

“Even personal information could be of high value to an adversary,” she said.

The way forward? “Know what’s the most important asset to you and protect that, but you also have to protect your entire network surface,” Shea said.

Listen to the full show:

As the Military Deputy for DISA’s Operations Center, COL Darcy Saint-Amant is responsible for leading and coordinating strategic inter-agency cybersecurity initiatives with the Office of the Secretary of Defense, Joint Staff, the Service components, Combatant Commands and Federal Agencies. Within DISA, she provides strategicleadership for the Operations Center encompassing over 6,680 Joint military, civilian, and contractors located in eight countries at 53 locations worldwide, including the Cyber Operations Directorate, Infrastructure Directorate, Services Directorate, and the National Leader Command and ControlDirectorate.

Throughout her career, COL Saint-Amant has served in various leadership positions in both tactical and strategic assignments over the past 21 years. She has been stationed in Germany, the United Kingdom, and posts in the United States to include Fort Meade and Fort Detrick, Maryland; Quantico, Virginia; Fort Hood, Texas; Fort Huachuca, Arizona;and the Pentagon. Her deployments have been to Kosovo, Iraq and Afghanistan.

COL Saint-Amant grew up in Melrose, Massachusetts. She was commissioned a Second Lieutenant in the Signal Corps from the United States Military Academy at West Point, New York with a Bachelor of Science degree in Cultural andPolitical Geography.

COL Saint-Amant is also a graduate of the Signal Officer’s Basic Course, the Marine Corps Expeditionary Warfare School, the Marine Corps C4I Planners’ Course, the Combined Arms and Services Staff School, and the United States Army Command and General Staff College. She holds both a Master of Science degree in Information Assurance from Norwich University and a Master of Science degree in Government Information Leadership from the College of Information and Cyberspace at the National Defense University. She has also maintained the Certified Information Systems Security Professional certification since 2008.

COL Saint-Amant’s military decorations include the Bronze Star, the Meritorious Service Medal, the Army Commendation Medal, the Army Achievement Medal, the National Defense Service Medal, the Kosovo Campaign Medal, the Iraqi Campaign Medal, the Afghanistan Campaign Medal, the Global War on Terrorism Service Medal, the NATO Medal, the Army Staff Badge, the Aircraft Crew Member Badge – Basic, and the German Armed Forces Proficiency Badge – Gold.

Amélie E. Koran serves as the Chief Technology Officer for the U.S. Department of Health and Human Services, Office of the Inspector General, and most recently was Deputy Chief Information Officer. Amélie’s path to DHHS OIG took her the long way around − through multiple industry sectors, academia, and the public sector. Her professional experience includes time spent at The Walt Disney Company, Carnegie Mellon University CERT/CC, Mandiant, The World Bank, and The American Chemical Society. She began her time in the public sector as Lead Enterprise Security Architect for the U.S. Department of the Interior, eventually moving on to lead Continuous Diagnostics and Mitigation implementation for the U.S. Treasury Department. Amélie later spent time on a leadership development rotation as part of the President’s Management Council Fellowship serving the Federal CIO in supporting cybersecurity policy analysis and legislative review, where she took an active role in the government-wide Open Data Initiative and helped in giving “birth” to the United States Digital Service (USDS). She’s an ardent advocate for innovative approaches to hiring talent and rationally applying security strategies and technologies for the Federal Government space.

Karen S. Evans was sworn in by U.S. Deputy Secretary of Energy Dan Brouillette as the Assistant Secretary for the Office of Cybersecurity, Energy Security, and Emergency Response (CESER) on September 4, 2018. Mrs. Evans was confirmed as Assistant Secretary for CESER by the U.S. Senate on August 28, 2018.

Before being nominated by President Donald J. Trump to lead the Department of Energy’s cybersecurity efforts, Mrs. Evans was the National Director of the U.S. Cyber Challenge, a public-private program designed to help address the skills gap in the cybersecurity field. She also served as an independent director and outside manager for publicly-traded companies.

Mrs. Evans was previously a top IT official at the Office of Management and Budget under President George W. Bush in the position that is now known as the Federal CIO and also served as the Department of Energy’s Chief Information Officer.

She received her MBA and BA in Chemistry from West Virginia University.

Ms. Alexis Wales serves as a Deputy Associate Director in the Cybersecurity Division of CISA. Ms. Wales leads the Threat Hunting subdivision, comprised of cyber threat and technical analystswho perform operational and strategic-level analysis to support network defense and resilienceacross the DHS stakeholder community. Herteams focus on building a common operational picture of current threats to United States networks, detecting cyber incidents, responding to significant incidents, and sharing actionable analysis based on unique security insights.

Ms. Wales’s teams lead the federal government’s efforts to provide technical assistance to significant cyber incidents, including many large-scale data breaches in both the private sector and federal government. Her teams are focused on discovering and analyzing new forensic artifacts, finding new security controls to prevent and detect APT intrusions, and creating or enhancing opportunities for early detection and containment.

Ms. Wales brings a wealth of experience to herrole with over 15 years in various cybersecurity-and physical security-focused positions. Most recently, she served as a Deputy Assistant Director within the National Cybersecurity & Communications Integration Center (NCCIC), leading the Cyber Threat Detection & Analysis Division. Prior to that, Ms. Wales worked in several leadership positions throughout CISA providing risk-informed decision support to critical infrastructure owners and operators.

Ms. Wales holds a dual Bachelor of Arts degree in History and Anthropology from Brandeis University and earned her Master of Arts in Security Policy Studies from the George Washington University.

Teresa Shea is currently vice president of Cyber Offense and Defense Experts (CODEX) within Cybersecurity and Special Missions (CSM) for Raytheon Intelligence, Information and Services (IIS). Raytheon Company (NYSE: RTN), with 2018 sales of $27 billion and 67,000 employees, is a technology and innovation leader specializing in defense, civil government and cybersecurity solutions. Raytheon is headquartered in Waltham, Massachusetts.

IIS provides a full range of technical and professional services to intelligence, defense, federal and commercial customers worldwide. IIS specializes in global Intelligence, Surveillance and Reconnaissance (ISR); navigation; DoD space and weather solutions; cybersecurity; analytics; training; logistics; mission support; engineering; automation and sustainment solutions; and international and domestic Air Traffic Management (ATM) systems. Key customers include the U.S. Intelligence Community, the U.S. Armed Forces, the Federal Aviation Administration (FAA), the National Oceanic and Atmospheric Administration (NOAA), the Department of Homeland Security (DHS), NASA and a number of international customers.

Shea is an experienced executive, working within corporate and government environments. She served as executive vice president of Technology and director of Cyber-Reboot at In-Q-Tel. She joined In-Q-Tel after a distinguished 32-year career with the National Security Agency (NSA). She held several key leadership assignments during her career, culminating as the director of Signals Intelligence. In this position, she was the principal signals intelligence (SIGINT) advisor to the directors of the NSA, the director of National Intelligence (DNI), countless U.S. military officers and high-ranking U.S. government officials. She led a large global multifaceted organization during a critical period of operations to identify and thwart terrorist plots, support the military in combat operations and produce intelligence on our most strident adversaries. She advocated for the rapid development and operations insertion of innovative technologies to address crucial technology gap areas.

Shea has deep experience in leading change in complex organizations, executive development, crisis management, strategic planning, government budget process, technical innovation and cyber operations. She served as the leader of Tailored Access Operation (TAO) during the formative years of shaping the computer network exploitation mission for the nation. She also served as the senior liaison representative in London, England, strengthening a vital partnership with the United Kingdom. She was a Technical director or organizational leader at every level throughout her career at the NSA.

She is recognized within the community as a trusted partner and a mission-focused and creative leader. Shea received numerous awards during her career, including the President’s Distinguished Rank Award from President George W. Bush and President Barack Obama, the National Intelligence Distinguished Service Medal awarded by the Honorable James R. Clapper, Director of National Intelligence, the Central Intelligence Agency’s Donovan Award and the Department of Defense Medal for Distinguished Civilian Service by Secretary of Defense Ash Carter.

Shea holds a Bachelor of Science in electrical engineering from Georgia Tech and a Master of Science in electrical engineering from John Hopkins University.

Debbie Feinstein started at WTOP in 1990 and has since worked at the station as both a news anchor and reporter.

Prior to coming to WTOP Radio, Debbie was a radio reporter on Capitol Hill covering Congress, the White House and the U.S. Supreme Court. She also worked at USA Today where she wrote for the newspaper and helped launch USA Today Radio, which was syndicated by the ABC Radio Networks.

Debbie has been honored with awards from Achievement in Radio and The Associated Press.

Debbie stays busy checking out the local movie, theater, food and music scene. She follows in one of her son’s footsteps and volunteers for Interplayband.org. Join her for one of the group’s inspiring concerts. It will be an experience you’ll never forget!

You can email Debbie at dfeinstein@wtop.com.

Women leading the way in government cybersecurity

Staying Cyber Relevant

Threat Intelligence and Success Stories

The Role of Women in Cybersecurity

Panel of experts

COL Darcy Saint-Amant

Amélie Koran

Karen Evans

Alexis Wales

Teresa Shea

Debra Feinstein

Sign up for breaking news alerts

The latest in Government Events powered by:

Fed Photo of the Day

Seattle area law enforcement officers train with US Coast Guard