Audioboom

Transcript for Cybersecurity: What You Should Know with Dr. Nikki Robinson

00:00:02,940 → 00:00:05,820

Narrator: You're listening to the Humans of DevOps Podcast, a

00:00:05,820 → 00:00:09,450

podcast focused on advancing the humans of DevOps through skills,

00:00:09,480 → 00:00:13,800

knowledge, ideas and learning, or the SKIL framework.

00:00:17,070 → 00:00:19,200

Dr. Nikki Robinson: You know, it can be it was almost there was

00:00:19,230 → 00:00:22,740

this friction between IT and security. And then when I got

00:00:22,740 → 00:00:24,990

really interested in specifically vulnerability

00:00:24,990 → 00:00:28,560

management and sort of made the hop over to security, I started

00:00:28,560 → 00:00:31,650

seeing those same patterns but from the security side.

00:00:33,970 → 00:00:37,600

Eveline Oehrlich: Welcome to Humans of DevOps Podcast. I'm

00:00:37,600 → 00:00:42,040

Eveline Oehrilch, Chief Research Officer at DevOps Institute. Our

00:00:42,040 → 00:00:46,270

topic today is focused on Cybersecurity: What You Should

00:00:46,270 → 00:00:52,300

Know. Today we have with us Dr. Nikki Robinson. Let me give you

00:00:52,450 → 00:00:56,830

a little bit about Nikki and her background. I of course, did

00:00:57,100 → 00:01:01,870

some digging into what she has done and give me some time. So

00:01:01,870 → 00:01:06,910

Dr. Robinson, earned a Doctor of Science in cybersecurity has

00:01:06,910 → 00:01:11,470

several industry certifications and is a security architect at

00:01:11,500 → 00:01:16,000

IBM right now and also an adjunct professor. She has more

00:01:16,000 → 00:01:19,570

than 10 years of experience in IT Ops. So Nikki that we have in

00:01:19,570 → 00:01:23,170

common before moving into the security field about three years

00:01:23,170 → 00:01:28,390

ago. She studied vulnerability chaining concepts and completed

00:01:28,390 → 00:01:33,340

her PhD in human factors to combine psychological and

00:01:33,340 → 00:01:38,140

technical aspects to improve security programs. She has a

00:01:38,140 → 00:01:41,710

passion for teaching, obviously, yes, she's an adjunct and

00:01:41,740 → 00:01:45,490

mentoring others on risk management, network defense

00:01:45,490 → 00:01:49,540

strategies, and digital forensics and incident response.

00:01:50,470 → 00:01:53,320

As I said, she's a security architect and has technical

00:01:53,320 → 00:01:56,800

experience and continuous monitoring, risk management,

00:01:56,800 → 00:02:01,030

digital forensics and incident response. She is a speaker at

00:02:01,030 → 00:02:04,360

many conferences on a variety of topics from human factor

00:02:04,360 → 00:02:08,680

security, engineering, malicious website, Grant, graphing and Dev

00:02:08,680 → 00:02:13,300

SecOps. She's also the co host of a podcast titled Resilient

00:02:13,300 → 00:02:17,530

Cyber Podcast with the goal to discuss variety of cybersecurity

00:02:17,530 → 00:02:21,610

and it with many, many subject experts, and many of you might

00:02:21,640 → 00:02:25,990

have listened to her podcast. Finally, one more important

00:02:25,990 → 00:02:30,580

thing. She is a volunteer speaking for InfraGard also

00:02:30,610 → 00:02:35,860

Women in Cyber Chapters, which is why size I think Information

00:02:35,860 → 00:02:41,230

Systems Security Association, which is ISSA, and Cyber Jitsu

00:02:41,260 → 00:02:44,470

Organization, welcome to our podcast. Nikki,

00:02:45,470 → 00:02:47,120

Dr. Nikki Robinson: Thank you so much for having me today.

00:02:47,960 → 00:02:51,080

Eveline Oehrlich: Very excited that you're here. Now, the first

00:02:51,080 → 00:02:56,630

thing you have to talk about is Cyber Jutsu. Can you help me on

00:02:56,630 → 00:02:57,110

that one?

00:02:57,860 → 00:02:59,960

Dr. Nikki Robinson: Sure. Yeah, this is actually a this is a

00:02:59,960 → 00:03:05,660

great organization that they their focus is really a to focus

00:03:05,660 → 00:03:09,890

on getting women into the cybersecurity field. So they're

00:03:09,890 → 00:03:13,940

working to close the gender gap. They're trying to help mentor

00:03:13,940 → 00:03:17,930

young women to get into cybersecurity. And they host all

00:03:17,930 → 00:03:22,520

kinds of events, they do webinars, they do workshops on

00:03:22,520 → 00:03:25,400

everything from Python Programming, and then they do

00:03:25,400 → 00:03:29,990

cyber competitions and capture the flags or CTFs. So they do a

00:03:29,990 → 00:03:33,590

lot of different events to sort of help help encourage young

00:03:33,590 → 00:03:37,580

women to get into cybersecurity. And and they host a lot of

00:03:37,580 → 00:03:38,720

conferences as well.

00:03:39,710 → 00:03:41,810

Eveline Oehrlich: Are they global? Or are they are also

00:03:41,810 → 00:03:42,770

regional events?

00:03:43,730 → 00:03:46,130

Dr. Nikki Robinson: I think I believe both. I know that they

00:03:46,130 → 00:03:48,560

do a lot of regional because I think they have different

00:03:48,560 → 00:03:53,210

chapters, sort of like women in cyber or Rhesus. But But yeah,

00:03:53,210 → 00:03:54,980

so they do have a lot of regional events.

00:03:55,160 → 00:03:57,440

Eveline Oehrlich: Okay, worth checking into. Super. Thank

00:03:57,440 → 00:04:03,500

you.. So as you can imagine, when I did research on your, on

00:04:03,500 → 00:04:07,610

your background, and what you do, and all, all the wonderful

00:04:07,610 → 00:04:11,840

things you have been through and have been studying, and there

00:04:11,840 → 00:04:14,540

was a lot of things I was like, Oh, I would love to talk to you

00:04:14,540 → 00:04:17,540

about that. I would love to talk to you about that. But, of

00:04:17,540 → 00:04:21,350

course, we cannot cover these all. So there are two key things

00:04:21,380 → 00:04:25,670

we want to cover today. First, I want to dive a little bit into

00:04:25,670 → 00:04:28,940

your book minds, the tech, the tech gap, addressing the

00:04:28,940 → 00:04:33,710

conflicts between IT and security. And then second, of

00:04:33,710 → 00:04:37,940

course, because I am a woman and I know we have some women on the

00:04:38,030 → 00:04:41,780

on the show. I want to I want you to share your experience as

00:04:41,780 → 00:04:45,650

women in technology. So those are the two things we're honing

00:04:45,650 → 00:04:48,650

in. I hope you are ready for that. I know you are ready for

00:04:48,650 → 00:04:53,150

that. Thank you. So let's get to the book first. I think that's

00:04:53,150 → 00:04:56,060

the most important one because I think it was published in

00:04:56,090 → 00:05:00,740

October of 22. So not that far, and not that long ago. As I

00:05:00,740 → 00:05:05,090

said, the book was called, or is called Mind the tech gap,

00:05:05,330 → 00:05:09,620

addressing the conflicts between IT and security. So first of

00:05:09,620 → 00:05:14,240

all, congratulations to the application. Fantastic. I think

00:05:14,240 → 00:05:17,540

I'm going to order it because that topic is something which is

00:05:17,570 → 00:05:21,830

also I have something I've researched in my career over the

00:05:21,830 → 00:05:26,300

years. Now in the book, you address, and I quote from the

00:05:26,300 → 00:05:29,990

book from a book review, you're saying, or it says, the long

00:05:29,990 → 00:05:34,850

standing challenges between it and cybersecurity teams, and

00:05:34,850 → 00:05:37,460

you're exploring the different job functions, goals,

00:05:37,460 → 00:05:41,210

relationships, and other factors that might impact how it and

00:05:41,210 → 00:05:45,260

cyber security teams interact. Give us a little bit of an

00:05:45,290 → 00:05:48,680

overview of the book, because I think there are some powerful

00:05:48,680 → 00:05:52,190

things in there, which I would like people to kind of listen

00:05:52,190 → 00:05:57,080

to. So enticing them to actually buy a book, and I'm not trying

00:05:57,080 → 00:06:00,770

to sell your book, I think this is an important piece. Most

00:06:00,770 → 00:06:05,450

folks have not even thought about, and I want you to do a

00:06:05,450 → 00:06:06,500

little bit of a review.

00:06:07,550 → 00:06:11,090

Dr. Nikki Robinson: Yeah, thank you,, it's funny, because I'd

00:06:11,090 → 00:06:14,960

had this idea for this book for at least five years now, even

00:06:14,960 → 00:06:19,550

before I got into cybersecurity. So when I was on the IT side of

00:06:19,550 → 00:06:22,580

the house, you know, and working with sort of my security

00:06:22,580 → 00:06:27,050

counterparts on assessments or audits, and literally sitting

00:06:27,050 → 00:06:30,950

through four or five hour long meetings on, you know, security

00:06:30,950 → 00:06:34,880

controls and configurations. And so I was sort of getting this

00:06:34,880 → 00:06:38,810

idea of you it can be it was almost there was this friction

00:06:38,810 → 00:06:41,480

between IT and security, because it was like, Oh, we're having

00:06:41,480 → 00:06:43,940

another audit, or oh, we have another assessment or this or

00:06:43,940 → 00:06:47,360

that, or all security does this or security does that. And then

00:06:47,420 → 00:06:50,360

when I got really interested in specifically vulnerability

00:06:50,360 → 00:06:53,960

management, and sort of made the hop over to security, I started

00:06:53,960 → 00:06:57,110

seeing those same patterns. But from the security side, you

00:06:57,110 → 00:07:00,680

know, seeing sort of the frustration, and the, it won't

00:07:00,680 → 00:07:03,200

do this, or I'm trying to work with development, and we're

00:07:03,200 → 00:07:05,390

trying to get this done. And it's difficult, or it's

00:07:05,390 → 00:07:10,550

challenging. And so that was really what sort of even having

00:07:10,550 → 00:07:12,950

that idea but coming into security and saying, Oh, I'm

00:07:12,950 → 00:07:16,130

seeing this, you know, sort of this frustration and this

00:07:16,130 → 00:07:19,160

friction from both sides. You know, we're both having

00:07:19,160 → 00:07:22,310

challenges working with each other. And it's not because, you

00:07:22,310 → 00:07:26,600

know, we both have important missions, we both have important

00:07:26,600 → 00:07:29,750

goals, but most of the time, those are somewhat conflicting.

00:07:30,140 → 00:07:33,980

So having teams that have conflicting goals and missions,

00:07:34,130 → 00:07:37,460

makes it really challenging to, you know, sort of get together

00:07:37,460 → 00:07:40,820

and make these things happen. And so that was really what

00:07:40,820 → 00:07:43,640

spurred the the idea of the book, and I wanted to dive into

00:07:43,640 → 00:07:48,020

sort of, from a historical context to what traditional job

00:07:48,020 → 00:07:51,500

roles look like, you know, 20 years ago, and how we built, you

00:07:51,500 → 00:07:56,600

know, IT teams and how they look now, and how that sort of plays

00:07:56,600 → 00:08:00,530

into why relationships can sometimes be fractured between

00:08:00,530 → 00:08:04,400

the teams, and ultimately, that that leads to concerns with

00:08:04,400 → 00:08:06,530

risk, you know, and risk management and how do you how do

00:08:06,530 → 00:08:09,350

you manage risk with the people that you know, need to work

00:08:09,350 → 00:08:13,370

together? So that's really sort of the spirit of the book, and,

00:08:13,520 → 00:08:18,170

you know, hoping to shed some light on why these challenges

00:08:18,170 → 00:08:20,930

exist. And then, you know, at the end of the book, I provide

00:08:20,930 → 00:08:23,390

sort of a roadmap for Hey, these are the questions you need to

00:08:23,390 → 00:08:26,840

start asking yourself and your teams, depending on the type of

00:08:26,840 → 00:08:28,040

job role that you have.

00:08:29,350 → 00:08:31,300

Eveline Oehrlich: I love that last part, you said, I think

00:08:31,300 → 00:08:36,760

that is essential for folks listening in having a roadmap to

00:08:36,760 → 00:08:40,060

understand what what can they actually do that actionable

00:08:40,060 → 00:08:43,210

advice, because sometimes, you know, there are books out there,

00:08:43,510 → 00:08:47,230

and I'm done with it. And I put it aside and I'm thinking, Okay,

00:08:47,260 → 00:08:52,780

now what? Yeah, right. It's like, okay, I'm not really sure

00:08:52,810 → 00:08:56,110

I understand, but I don't know what so that is beautiful. Now,

00:08:56,470 → 00:09:00,520

one thing you were under, in the book review, which talks about

00:09:00,520 → 00:09:03,550

that also, of course, you are honing into into something

00:09:03,550 → 00:09:07,660

called empathy, and emotional intelligence. And that is

00:09:07,660 → 00:09:11,560

something which I have keen interest in, as I've done

00:09:11,560 → 00:09:14,500

research for the DevOps Institute on upskilling for the

00:09:14,500 → 00:09:19,150

past five years. And you would not be surprised that I tell you

00:09:19,150 → 00:09:24,010

that the human skills, are there significant gaps there within

00:09:24,010 → 00:09:28,780

it, and they don't go away these and they're particularly around,

00:09:29,020 → 00:09:32,230

you know, having that empathy, having these inter interpersonal

00:09:32,230 → 00:09:36,250

skills and really working and developing collaboration and

00:09:36,250 → 00:09:40,600

coordination with others. So that is quite interesting.

00:09:40,630 → 00:09:45,190

Interesting. And of course, there is action, which means

00:09:45,190 → 00:09:48,400

people should upskill and human skills and we've been kinda like

00:09:48,400 → 00:09:52,900

a preacher pin saying that, but why is it so hard? Why is it so

00:09:52,900 → 00:09:57,220

hard for a reverse it people I'm an IT person, I think I have

00:09:57,220 → 00:10:01,210

human skills plenty. And my kids would tell AMI you do, ma'am.

00:10:01,240 → 00:10:05,560

But why is it so hard sometimes for folks in either on the

00:10:05,560 → 00:10:09,490

security side or on the IT side, no matter what role to think

00:10:09,490 → 00:10:16,090

about that human skill and and adding or working on them? What

00:10:16,090 → 00:10:17,170

are your thoughts on that?

00:10:17,410 → 00:10:19,630

Dr. Nikki Robinson: Yeah, I think it's such an important

00:10:19,630 → 00:10:22,570

question to ask because and it's a question I started asking

00:10:22,570 → 00:10:27,640

myself too, because I, you know, working in it, and security for

00:10:27,640 → 00:10:31,750

almost 15 years now, it's one of those things I haven't seen as

00:10:31,750 → 00:10:36,580

part of it programs, traditional IT, whether it's academic or

00:10:36,580 → 00:10:40,660

certification programs, and insecurity as well, I know that

00:10:40,660 → 00:10:43,900

there are some universities out there that teach emotional

00:10:43,900 → 00:10:46,510

intelligence in their IT programs, but I think that's a

00:10:46,510 → 00:10:50,890

newer thing. And I just haven't seen as many programs that tout,

00:10:51,220 → 00:10:54,100

you know, emotion, emotional intelligence, empathy,

00:10:54,100 → 00:10:58,330

relationship, building, all of those pieces that we need to

00:10:58,330 → 00:11:01,120

sort of operate in these big teams and in these big

00:11:01,120 → 00:11:04,960

organizations. So I think the first piece of it is sort of the

00:11:04,960 → 00:11:08,770

education component, in that it's not really taught to us,

00:11:08,770 → 00:11:10,660

you know, we're taught Python, and we're taught Pope

00:11:10,660 → 00:11:13,150

programming, and we're taught, you know, SQL and all these

00:11:13,150 → 00:11:15,460

other things, but we're not really taught well, what does

00:11:15,460 → 00:11:19,540

that mean to somebody else? You know, if I'm on the IT side, or

00:11:19,540 → 00:11:22,600

if I'm a developer, what does that mean to security? And I

00:11:22,600 → 00:11:25,840

think it's really important on the security side, to have that

00:11:25,840 → 00:11:29,770

understanding, and that empathy for what other teams are working

00:11:29,770 → 00:11:33,250

on. Because if I can't speak to a developer and understand, you

00:11:33,250 → 00:11:35,800

know, what they're going through, or what they need to

00:11:35,800 → 00:11:38,380

do, you know, what their deadlines or requirements are,

00:11:38,440 → 00:11:40,570

it's going to be really difficult to work together. So I

00:11:40,570 → 00:11:43,300

think that's part of the challenges is we don't really

00:11:43,300 → 00:11:47,050

have this educational component, it's, it's not a part of any

00:11:47,050 → 00:11:49,900

certifications that I've at least seen, you know, this sort

00:11:49,900 → 00:11:54,520

of emotional intelligence piece. And I've really, especially when

00:11:54,520 → 00:11:57,190

I was doing research for the book really came across a lot of

00:11:57,190 → 00:11:59,680

leadership and management books that talk about emotional

00:11:59,680 → 00:12:03,940

intelligence. I had a really hard time finding anything out

00:12:03,940 → 00:12:08,530

there, whether it was a book, or anything like that, that could

00:12:08,530 → 00:12:11,290

be used as a textbook or used, you know, sort of as a guide

00:12:11,950 → 00:12:14,110

that talks about emotional intelligence, really, for

00:12:14,110 → 00:12:16,480

practitioners. You know, there's there's some stuff out there,

00:12:16,480 → 00:12:19,210

but there really isn't a lot. And I think that that's, that's,

00:12:19,240 → 00:12:22,570

you know, one of the biggest challenges is we encourage our

00:12:22,570 → 00:12:25,270

technical people to go for certifications to go for

00:12:25,270 → 00:12:28,090

technical certifications, you know, that that's a great thing.

00:12:28,300 → 00:12:32,110

But we don't encourage them to apply empathy to what they're

00:12:32,110 → 00:12:34,810

doing. And so I think that's, that's probably where that that

00:12:34,810 → 00:12:35,980

gap came from.

00:12:36,700 → 00:12:39,130

Eveline Oehrlich: Here, here, here, I'm hoping that my co

00:12:39,130 → 00:12:42,580

partner is listening into this podcast. If not, I will point

00:12:42,580 → 00:12:45,880

her for that, because we have been saying that we need to

00:12:45,880 → 00:12:49,540

start figuring out how can we actually help our community

00:12:49,540 → 00:12:54,340

members to expand on their existing human skills or build

00:12:54,340 → 00:12:58,240

upon the ones they have? Or start working on if they don't

00:12:58,240 → 00:13:02,050

think they have any? I think the other thing I was just speaking

00:13:02,050 → 00:13:07,120

to Gallup CEO, he was talking about the engagement of

00:13:07,150 → 00:13:12,250

individuals in the in a job well, today has been really,

00:13:12,250 → 00:13:16,120

really low. But one of his points was that as we are

00:13:16,150 → 00:13:19,660

lacking, or as we are not developing these human skills,

00:13:20,200 → 00:13:24,850

work becomes less fun, not just because of its in cybersecurity,

00:13:24,850 → 00:13:28,570

or its insecurity or in the DevOps, or wherever. But because

00:13:28,570 → 00:13:32,050

it's so difficult to bridge across in, we can only talk

00:13:32,050 → 00:13:34,840

tech, and we could talk processes, but we really don't

00:13:34,840 → 00:13:38,980

have that connectability anymore. Mostly, maybe it's

00:13:38,980 → 00:13:42,970

gotten worse, because of the pandemic. He was saying that

00:13:43,060 → 00:13:46,300

they're doing a lot of work at the Gallup as well to start

00:13:46,810 → 00:13:50,110

assessing and developing that. So it is a great opportunity for

00:13:50,110 → 00:13:53,680

us. Thank you for that. All right, let's shift gears a

00:13:53,680 → 00:13:57,100

little bit. The clock is always ticking when we have great

00:13:57,100 → 00:13:59,530

conversation. So I want to switch a little bit towards the

00:13:59,530 → 00:14:04,780

topic of cybersecurity. And particularly, where do you think

00:14:04,780 → 00:14:09,130

it stands today, in terms of its priority from what you've seen?

00:14:09,190 → 00:14:13,450

And from who you've been visiting with? Where does it

00:14:13,450 → 00:14:17,890

stand in terms of priority in executives, leaders, investors

00:14:17,890 → 00:14:22,300

and individual contributors? Because I think there is, at

00:14:22,300 → 00:14:25,390

least from the research I've done, there might be a shift and

00:14:25,420 → 00:14:28,750

which is good. But I was curious what your thoughts are on that.

00:14:29,590 → 00:14:31,570

Dr. Nikki Robinson: Yeah, I would absolutely agree that

00:14:31,570 → 00:14:34,240

there's been a shift and I think, a shift really in the

00:14:34,240 → 00:14:37,270

last year. You know, I think this it all really sort of

00:14:37,270 → 00:14:41,830

started with solar winds. You know, that? I think because it

00:14:41,830 → 00:14:45,280

had so much media attention, you know, it wasn't just Oh, random

00:14:45,310 → 00:14:48,700

data breach here or random cyber attack here. Solar Winds

00:14:48,730 → 00:14:53,350

affected lots of different types of organizations, lots of

00:14:53,350 → 00:14:57,790

different domains, and it became a business risk. You know, it

00:14:57,790 → 00:15:01,450

wasn't just a cyber risk anymore or an incident It was, Oh, my

00:15:01,450 → 00:15:04,510

business is in trouble. And not just from a security

00:15:04,510 → 00:15:08,020

perspective, but a lot of the people that consumed and use

00:15:08,050 → 00:15:13,780

SolarWinds were IT operations groups. And so it that of not

00:15:13,780 → 00:15:16,150

having that tool in place, you know, having to find an

00:15:16,150 → 00:15:19,300

alternative or not having visibility to your systems or,

00:15:19,540 → 00:15:22,360

you know, the potential of an incident, and then you can, you

00:15:22,360 → 00:15:25,870

know, it becomes a snowball effect to the business. And I

00:15:25,870 → 00:15:29,050

think that was really what sort of, at least opened people's

00:15:29,050 → 00:15:32,080

eyes to, oh, there's, there's sort of this cascading effect

00:15:32,080 → 00:15:35,770

when there is an incident that sort of, I think, started to

00:15:35,770 → 00:15:38,680

change people's minds. And then I think blog for J was another

00:15:38,680 → 00:15:42,010

big one, partially because it got so much media attention, but

00:15:42,010 → 00:15:47,140

also because it opened people's eyes to open source software,

00:15:47,440 → 00:15:52,060

how do how are we actually developing? And how can we

00:15:52,060 → 00:15:55,720

support developers, while still making sure that we understand

00:15:55,720 → 00:15:58,750

the risk. So I think it was sort of an eye opener for both

00:15:58,870 → 00:16:02,710

developers and for security professionals to say, oh, we

00:16:02,710 → 00:16:05,260

need to really understand how this is going to work, and how

00:16:05,260 → 00:16:08,800

we can support open source software, but by you know,

00:16:08,830 → 00:16:12,310

understanding what that means to our risk. So I think, as far as

00:16:12,310 → 00:16:15,190

what those things sort of started to change people's

00:16:15,190 → 00:16:20,260

minds, I do think a lot more leadership boards, they're much

00:16:20,260 → 00:16:23,350

more interested in in having sort of cybersecurity expertise,

00:16:23,350 → 00:16:27,940

at least available as consultants or advisors. So I

00:16:27,940 → 00:16:31,030

would say there's definitely a shift in the industry as far as

00:16:31,030 → 00:16:34,030

leadership goes. And I think they see the benefit of

00:16:34,720 → 00:16:38,260

cybersecurity, not just being, you know, a security assessment,

00:16:38,260 → 00:16:42,310

or an audit or an inhibitor, but more of a, hey, if we work

00:16:42,310 → 00:16:46,000

together with the cyber team, with our developers, with our T

00:16:46,000 → 00:16:50,440

with our leadership, we can help provide strategic, you know, we

00:16:50,440 → 00:16:53,560

can help with those five year plans, we can help make sure

00:16:53,560 → 00:16:56,950

that five years out 10 years out that the business is healthy,

00:16:56,980 → 00:17:00,250

thriving and resilient, especially towards cyber

00:17:00,250 → 00:17:03,700

attacks. Because if if an organization isn't resilient,

00:17:03,730 → 00:17:06,070

let's say for example, ransomware, I think that's

00:17:06,070 → 00:17:10,150

another really big one that's hit organizations and the amount

00:17:10,150 → 00:17:14,170

of cost associated with ransomware. Plenty businesses

00:17:14,170 → 00:17:16,780

have shut down because they've been hit by ransomware. And it

00:17:16,780 → 00:17:20,350

was so costly that they couldn't recover. So I think I think

00:17:20,350 → 00:17:23,290

those kinds of situations have really changed how people feel

00:17:23,290 → 00:17:27,220

and now they're starting to seek out security advisors and not

00:17:27,220 → 00:17:30,250

just from a, Hey, what is our secure configuration look like?

00:17:30,250 → 00:17:33,880

Or how do we pass this audit? But hey, how do we, how do we

00:17:33,880 → 00:17:37,000

plan our strategic it and development vision with a

00:17:37,000 → 00:17:40,180

cybersecurity, you know, professional there to help us?

00:17:42,750 → 00:17:46,112

Narrator: Do you want to advance your career and organization, we

00:17:46,174 → 00:17:49,842

can help you do that DevOps Institute offers a wide range of

00:17:49,903 → 00:17:53,328

educational experiences for you to begin your upskilling

00:17:53,389 → 00:17:56,629

journey. Whether you're looking for a defined path to

00:17:56,691 → 00:18:00,359

certification, exploring the latest in DevOps, or connecting

00:18:00,420 → 00:18:04,395

with the large community, we can help you develop the specialized

00:18:04,456 → 00:18:08,186

skills needed for the future of IT. And it won't just be good

00:18:08,247 → 00:18:11,916

for your career. It will also make you indispensable at work

00:18:11,977 → 00:18:14,728

with our lineup of industry recognized DevOps

00:18:14,789 → 00:18:18,458

certifications, digital learning opportunities, and engaging

00:18:18,519 → 00:18:22,310

events, you can connect with our network of experts and expand

00:18:22,371 → 00:18:25,918

your potential today, visit DevOpsI nstitute.com and join

00:18:25,979 → 00:18:27,080

our community now.

00:18:27,930 → 00:18:30,616

Eveline Oehrlich: So as a summary, I would say it is fair

00:18:30,684 → 00:18:34,886

to say that cybersecurity is a strategic line item for all of

00:18:34,955 → 00:18:37,710

those particular executives and leaders.

00:18:38,490 → 00:18:41,280

Dr. Nikki Robinson: I guess that is my hope I

00:18:43,470 → 00:18:45,660

Eveline Oehrlich: Lets frame it as a hope I love that. Yes,

00:18:45,690 → 00:18:50,160

Dr. Nikki Robinson: I hope so. Because I think there is there's

00:18:50,160 → 00:18:53,430

so much positivity, it's one of the reasons why I wanted to get

00:18:53,430 → 00:18:57,360

into cybersecurity, because it's it's not just cybersecurity, it

00:18:57,360 → 00:19:01,410

really is it and a function of technology. And so I think if we

00:19:01,410 → 00:19:05,040

can start to change that idea of, you know, I joke with

00:19:05,040 → 00:19:07,320

people, you know, I'm a security architect, but I really joke,

00:19:07,320 → 00:19:09,720

I'm really just an infrastructure architect. It's

00:19:09,870 → 00:19:13,410

security is, you know, security by design. But really what I'm

00:19:13,410 → 00:19:16,350

doing is helping to build environments that are secure.

00:19:16,650 → 00:19:22,080

And, and that's still in it a component of it. So I think, I

00:19:22,080 → 00:19:24,690

think it's starting to change. But yes, it's a lot of hope

00:19:24,690 → 00:19:25,050

there.

00:19:25,440 → 00:19:28,380

Eveline Oehrlich: Yep. You know, this is, this reminds me of

00:19:28,650 → 00:19:31,680

philosophical discussion we have had when I was at Forrester,

00:19:32,010 → 00:19:35,010

where we had a security and risk team and an infrastructure and

00:19:35,010 → 00:19:38,310

operations team. And of course, you know, enterprise architects,

00:19:38,310 → 00:19:42,390

application developers, CIOs. And I remember the folks from

00:19:42,390 → 00:19:47,520

the security and risk team, not wanting to do at the time, this

00:19:47,520 → 00:19:51,870

is 2018 When I left but at that time, they were doing their own

00:19:51,870 → 00:19:54,810

research. Of course, we always wanted to collaborate because

00:19:54,810 → 00:19:58,470

infrastructure and operations we have to have our heads out and

00:19:58,740 → 00:20:04,680

get stuck sometimes was in, in the nasty fixing the mess. And

00:20:04,770 → 00:20:09,480

we always had the conversation and and said, why do you why are

00:20:09,480 → 00:20:12,870

you in a separate group? Why are we not bringing us together into

00:20:12,870 → 00:20:17,040

a research? team so we can do things together? I don't think

00:20:17,040 → 00:20:23,520

that has happened. But But I think having the risk, sometimes

00:20:23,550 → 00:20:27,090

it takes, it just takes challenges which are so

00:20:27,090 → 00:20:31,470

overwhelming that people are enough pain that people are

00:20:32,400 → 00:20:35,820

changing. And I think one of the other factors and I'm curious

00:20:35,820 → 00:20:40,110

what your thoughts or is there a metric which executives should

00:20:40,110 → 00:20:43,350

have relative to that? I think it's some companies, a CEO

00:20:43,350 → 00:20:48,150

already has the resilience and sustainability. We're seeing ESG

00:20:48,150 → 00:20:52,050

as a topic come up quite a bit. But in your, in your mind,

00:20:52,050 → 00:20:54,960

should there be metrics for all of those folks around this

00:20:54,960 → 00:20:57,390

topic? Because it impacts like you said the business

00:20:57,390 → 00:20:58,350

significantly?

00:20:59,340 → 00:21:01,380

Dr. Nikki Robinson: Yes, absolutely. There's definitely

00:21:01,380 → 00:21:05,220

been a big push in the last two, three, maybe four years for

00:21:05,220 → 00:21:09,000

quantifying cyber risk, you know, really making it much

00:21:09,030 → 00:21:12,450

easier, I think, to digest, because it's interesting, I

00:21:12,450 → 00:21:14,880

think, when people talk about qualitative versus quantitative,

00:21:14,880 → 00:21:19,260

but this idea that if we can help quantify some of that risk,

00:21:19,260 → 00:21:23,610

make it easier to digest and help to, to help to show what

00:21:23,610 → 00:21:26,910

we're talking about, tell that story a little bit better. And

00:21:27,330 → 00:21:31,260

metrics, I think, when it comes to, you know, here's my, here's

00:21:31,260 → 00:21:34,020

my bias here, because I love vulnerability management, but,

00:21:34,230 → 00:21:37,110

you know, anything highly exploitable vulnerabilities, if

00:21:37,110 → 00:21:39,570

I'm using threat intelligence, what do I need to be concerned?

00:21:39,570 → 00:21:42,240

What are the top three concerns that I have? You know, so I

00:21:42,240 → 00:21:46,500

think breaking it down into smaller chunks. And, you know,

00:21:46,500 → 00:21:49,980

my, the bane of my existence are like 300 Page vulnerability

00:21:49,980 → 00:21:53,070

reports. And I think that's, you know, one of those big

00:21:53,070 → 00:21:55,740

challenges is don't send those 300 page, you know,

00:21:55,740 → 00:21:58,530

vulnerability reports. Let's let's break this down into

00:21:58,680 → 00:22:02,040

metrics that makes sense for leadership. That's, it's, it's

00:22:02,040 → 00:22:06,810

absolutely imperative, I think, to not just the cybersecurity

00:22:06,810 → 00:22:08,910

mission, but to the business mission, you know, to help break

00:22:08,910 → 00:22:12,300

those things down and make it easier to digest.

00:22:12,870 → 00:22:16,680

Eveline Oehrlich: Yep, absolutely. All right. Now, I

00:22:16,680 → 00:22:20,400

came across a fantastic short piece by Stefan Napo, who is the

00:22:20,400 → 00:22:24,720

VP cybersecurity director and global CFO, I group, SCB, that's

00:22:24,720 → 00:22:29,040

a French company, that doing a lot of small appliances, and

00:22:29,040 → 00:22:31,440

it's actually the world's largest manufacturer of

00:22:31,440 → 00:22:36,060

cookware, and I'm a cook so I love their products, but not

00:22:36,180 → 00:22:40,080

talking about the cookware but really talking about what Stefan

00:22:40,170 → 00:22:44,250

said he talked about the swarm cybersecurity or swarm

00:22:44,250 → 00:22:47,700

cybersecurity. And, of course, in DevOps and development, we

00:22:47,700 → 00:22:52,080

talk about swarming. Have you heard this term? I'm sure you

00:22:52,080 → 00:22:56,160

have any? If you haven't, and let's move on. But I am sure you

00:22:56,160 → 00:22:59,850

have your thoughts on that. Tell me tell me what you think when

00:22:59,850 → 00:23:02,970

that comes to your mind when I say swarm or cybersecurity.

00:23:03,390 → 00:23:07,230

Dr. Nikki Robinson: Yeah, so for, for me, swarming. I also

00:23:07,230 → 00:23:10,290

think about in a very it context, because, you know,

00:23:10,290 → 00:23:14,100

typically you have this tiered model, and that's sort of an

00:23:14,100 → 00:23:16,620

older model right of it. But if you let's say you have your

00:23:16,620 → 00:23:18,720

helpdesk, and then your systems administrators, and then your

00:23:18,720 → 00:23:22,530

senior sis admins or maybe engineering above that, but

00:23:22,530 → 00:23:26,550

instead of having these sort of siloed, tears, you have this

00:23:26,580 → 00:23:31,620

giving this power to, you know, in IT systems administrator that

00:23:31,620 → 00:23:35,100

can sort of help to resolve these things without taking up

00:23:35,100 → 00:23:37,590

the chain, because, you know, you don't learn anything that

00:23:37,590 → 00:23:41,370

way. So it's this more collaborative effort of, hey, I

00:23:41,370 → 00:23:44,220

think I know how to fix this, I'm going to do this. And then

00:23:44,280 → 00:23:46,410

if they need help, they can always ask for help, and the

00:23:46,410 → 00:23:49,890

team can work together, but it becomes more of this group

00:23:49,890 → 00:23:52,560

effort, instead of you know, hey, I've got this thing, I'm

00:23:52,560 → 00:23:54,750

gonna pass it to you, they'll pass the ticket to you, and then

00:23:54,750 → 00:23:57,210

to you and then to you. So instead of this becoming this

00:23:57,240 → 00:24:01,470

endless chain of, you know, what happened to my issue, you know,

00:24:01,470 → 00:24:05,130

becomes this more of a collaborative and teamwork type

00:24:05,130 → 00:24:09,840

effort. And so applying that to cybersecurity, I think about the

00:24:10,320 → 00:24:15,180

cyber color wheel, if you're familiar with that, this idea of

00:24:15,210 → 00:24:17,790

you know, you have red teams and blue teams, and then you start

00:24:17,790 → 00:24:20,340

talking about threat intel, and you have yellow teams and orange

00:24:20,340 → 00:24:24,720

teams and purple teams that are red and blue teams combined into

00:24:24,720 → 00:24:28,560

purple teams. And so you're building this more of a

00:24:28,560 → 00:24:31,320

collaborative effort, instead of saying, you know, I'm on the red

00:24:31,320 → 00:24:33,930

team, and I have a pen test. And I'm going to lob it over to the

00:24:33,930 → 00:24:35,910

blue team. And they're just going to have to figure it out

00:24:36,090 → 00:24:38,640

and becomes a collaborative effort. And the blue team can go

00:24:38,640 → 00:24:40,710

back to the red team and say, Hey, actually, we found these

00:24:40,710 → 00:24:43,230

additional things. Can you verify that for us? Can you

00:24:43,230 → 00:24:46,680

check to make sure that this is fixed? And so it becomes this

00:24:46,860 → 00:24:50,910

more of an open type of team instead of you know, just the

00:24:50,910 → 00:24:53,070

silos? Well, I'm on the red team, or I'm on the blue team.

00:24:53,100 → 00:24:56,370

Yep. You know, it's much more collaborative. And so I think

00:24:56,370 → 00:25:01,230

that's 100% the way forward there's a fantastic Stick. She's

00:25:01,230 → 00:25:04,260

on LinkedIn. Her name is marrow Vernon, she talks a lot about

00:25:04,260 → 00:25:08,010

purple teaming. And when I came across her and some of the

00:25:08,010 → 00:25:10,800

things that she's written about purple teaming, that's really

00:25:10,800 → 00:25:14,430

what started getting me thinking about swarming. Right. It's it's

00:25:14,430 → 00:25:16,860

a similar notion, right of collaboration and bringing

00:25:16,860 → 00:25:20,880

people together. But I think it's a big benefit to teams,

00:25:20,880 → 00:25:24,480

because one, it empowers your employee or your cyber

00:25:24,480 → 00:25:29,460

professional, or your developer. But it also improves their

00:25:29,460 → 00:25:32,850

skills. It allows them to learn something new, it improves

00:25:32,850 → 00:25:37,080

teamwork. And I think there's a big reduction in how long it

00:25:37,080 → 00:25:40,560

takes to identify and resolve specifically, you know, in a Red

00:25:40,560 → 00:25:45,990

Team Blue Team context, versus Hey, I have this 200 Page pen

00:25:46,020 → 00:25:49,410

test report, here you go, go ahead and figure it out, you

00:25:49,410 → 00:25:52,530

know, it becomes more of this, like, hey, we found this

00:25:52,530 → 00:25:54,900

vulnerability across 100 systems, can you guys work on

00:25:54,900 → 00:25:57,090

this, and we can see if we can get this fixed, and then we can

00:25:57,090 → 00:26:00,900

come back and retest. So So for me, it's all about

00:26:00,900 → 00:26:01,650

collaboration,

00:26:02,190 → 00:26:06,210

Eveline Oehrlich: super, we, I that reminded me of something I

00:26:06,210 → 00:26:08,550

did with again, a former colleague of mine, where we

00:26:08,550 → 00:26:13,020

looked at MTTR. And we found that not necessarily to

00:26:13,020 → 00:26:16,800

security, but we found that the largest amount of time, I think

00:26:16,800 → 00:26:23,160

it was 70% of time was found in the meantime to detect. And and

00:26:23,160 → 00:26:26,850

that was because everybody was looking down their own their own

00:26:26,850 → 00:26:30,240

pipe, right and their own data. So I think that's an additional

00:26:30,450 → 00:26:34,230

benefit, in terms of Meantime, detect at the pre at the

00:26:34,230 → 00:26:38,850

predecessor of swarming, but as you said, MTTR overall, because

00:26:38,850 → 00:26:42,240

we are bringing people together is an incredible impact has an

00:26:42,240 → 00:26:45,510

incredible impact reducing that. And that, again, reduces

00:26:45,510 → 00:26:50,280

business impact. So super. All right, let's shift a little bit,

00:26:50,700 → 00:26:54,540

we have about five minutes or so I want to cover two topics, one

00:26:54,540 → 00:26:57,690

the skill, and then I want to really get into your thinking on

00:26:57,690 → 00:27:01,290

the women in it, or women in tech. So the first one, let's

00:27:01,290 → 00:27:05,250

say I want to be successful in cybersecurity. And actually, I

00:27:05,250 → 00:27:09,000

did lose an analyst in my former role to the security and risk

00:27:09,000 → 00:27:12,210

team. And I was very sad loser, but she is a great analyst in

00:27:12,210 → 00:27:15,510

this space. But if I wanted to go into cybersecurity, and maybe

00:27:15,510 → 00:27:19,230

there's a focus on here who are wanting to switch, what do you

00:27:19,230 → 00:27:23,250

think are the necessary skill, maybe one or two to be

00:27:23,250 → 00:27:26,010

successful? Besides what we already talked about in terms

00:27:26,010 → 00:27:30,210

of, Hey, you gotta be having empathy. And so EQ, but what

00:27:30,210 → 00:27:32,400

else do you think are essential?

00:27:33,420 → 00:27:35,940

Dr. Nikki Robinson: Yeah, I would say a lot of the skills

00:27:35,940 → 00:27:38,940

that I brought with me from it to cybersecurity, and you don't

00:27:38,940 → 00:27:42,780

have to have an IT background, to necessarily go into

00:27:42,780 → 00:27:46,110

cybersecurity, but I can say for me, it helped a lot. Because I

00:27:46,110 → 00:27:50,070

understand technology very well. Now, I would say troubleshooting

00:27:50,640 → 00:27:53,100

is a really, really big skill. And that's, you know,

00:27:53,100 → 00:27:55,980

troubleshooting, problem solving, being able to sort of

00:27:55,980 → 00:28:00,000

understand enough that you can figure out what's going on,

00:28:00,000 → 00:28:02,880

because that's, that's one of the big, big parts of

00:28:02,880 → 00:28:05,970

cybersecurity is typically you're handed, you know, a piece

00:28:05,970 → 00:28:08,520

of information, and you've got to go digging, and try to figure

00:28:08,520 → 00:28:12,150

out what's going on. And so I think that problems, problem

00:28:12,150 → 00:28:15,690

solving, troubleshooting, and natural curiosity, all three of

00:28:15,690 → 00:28:19,050

those sort of go hand in hand together this sort of, okay, let

00:28:19,050 → 00:28:22,260

me dig and try to figure out what this is. So I would say

00:28:22,260 → 00:28:24,990

that's the first and I know I said, three skills really, and

00:28:24,990 → 00:28:27,330

one that was sort of I was trying, it's kind of a cop out.

00:28:27,330 → 00:28:30,990

But that's sort of that. That's sort of how I would describe

00:28:30,990 → 00:28:35,280

that right problem solving as that big component there. I

00:28:35,280 → 00:28:37,650

would say the other really important skill, you know,

00:28:37,650 → 00:28:39,630

besides sort of that relationship building, and what

00:28:39,630 → 00:28:47,970

we call soft skills, would really be how, how do what was I

00:28:47,970 → 00:28:52,560

gonna say, how do how do we understand data. So data science

00:28:52,560 → 00:28:55,980

is a really important component of cybersecurity. And I've met a

00:28:55,980 → 00:28:59,250

lot of really great data scientists that have crossed

00:28:59,250 → 00:29:03,240

into cybersecurity and they are a huge asset, because they're

00:29:03,240 → 00:29:05,880

able to parse through all of this information that we've been

00:29:05,880 → 00:29:09,270

collecting in security with our sims for years and years and

00:29:09,270 → 00:29:12,120

years. And now we have data scientists to really help us.

00:29:12,570 → 00:29:17,460

One make that pipeline of data, easier to digest, easier to

00:29:17,460 → 00:29:22,200

bring in. But they also help us pull out the really important

00:29:22,200 → 00:29:26,670

information. They're helping us to leverage AI, machine learning

00:29:26,670 → 00:29:29,970

models and different techniques that we may not have had the

00:29:29,970 → 00:29:33,720

skills I say we, I may not have had the skills in before in data

00:29:33,720 → 00:29:35,790

science, but that's something in the last two years, I've learned

00:29:35,790 → 00:29:38,880

how important it is to sort of have those data science

00:29:38,880 → 00:29:42,030

principles in cybersecurity. So I would say you don't have to

00:29:42,030 → 00:29:45,300

know Python or machine learning in any sort of depth. But having

00:29:45,300 → 00:29:50,250

some of that understanding is really important. Can I give

00:29:50,250 → 00:29:54,120

three skills? Can I give one more? Of course you can. Okay,

00:29:54,270 → 00:29:56,700

one more I would say you know, since we're talking about

00:29:56,700 → 00:30:00,360

DevOps, right is the ability to communicate and work really well

00:30:00,360 → 00:30:03,000

with developers to be able to speak the language, if you have

00:30:03,000 → 00:30:05,880

some programming background, it's super helpful. Again, you

00:30:05,880 → 00:30:09,510

don't have to be a developer, but to be able to understand

00:30:09,510 → 00:30:12,030

enough that you can talk to a developer, when they're saying,

00:30:12,030 → 00:30:14,280

Hey, we have this requirement, we have to do this this way.

00:30:14,400 → 00:30:18,060

Let's figure out a new solution. So I think that sort of being

00:30:18,060 → 00:30:20,370

able to speak the language is really important.

00:30:21,119 → 00:30:24,809

Eveline Oehrlich: Excellent. Fantastic. All right, our last

00:30:24,809 → 00:30:28,319

question, and then I have a fun question for you. But this one

00:30:28,319 → 00:30:31,829

is around women and technology, both of us have been in

00:30:31,829 → 00:30:33,959

technology, I have my own challenges. But this is not

00:30:33,959 → 00:30:37,919

about me. This is about you. What would you would love to

00:30:37,919 → 00:30:41,249

hear? What was the biggest challenge for you you faced? And

00:30:41,309 → 00:30:44,219

of course, how did you overcome it? If you're willing to share?

00:30:45,119 → 00:30:47,699

Dr. Nikki Robinson: Absolutely, yeah, I would say the biggest

00:30:47,699 → 00:30:51,719

challenge I had, it was funny getting into it. You know,

00:30:51,719 → 00:30:53,969

starting on helpdesk, and sort of working my way up, I

00:30:53,969 → 00:30:57,929

actually, I had some really great mentors along the way, and

00:30:57,929 → 00:31:00,869

sort of, you know, working my way up in it. I think the

00:31:00,869 → 00:31:04,319

biggest challenge I honestly had was when I wanted to break into

00:31:04,319 → 00:31:09,929

cybersecurity, and I got so much pushback from my it friends on,

00:31:09,959 → 00:31:12,479

you know, why would you want to go into Security, you're never

00:31:12,479 → 00:31:14,999

going to be able to come back to it or, you know, you're just

00:31:14,999 → 00:31:18,719

going to be in security. And it was such, it was such an

00:31:18,719 → 00:31:22,679

interesting, I guess, sort of perspective that I had this sort

00:31:22,679 → 00:31:25,469

of, you know, you're not going to succeed in security, and

00:31:25,469 → 00:31:27,629

you're never going to be able to come back, you're you can never

00:31:27,629 → 00:31:31,019

cross the lines again, you know, it was this, like making it sort

00:31:31,019 → 00:31:34,949

of this like, well, you can't do both sort of a thing. That was a

00:31:34,949 → 00:31:39,089

big challenge, because I had to essentially go back and say,

00:31:39,209 → 00:31:42,329

Well, I can do this. And what I found was going on the

00:31:42,329 → 00:31:46,679

cybersecurity side, I actually am far more technical than I was

00:31:46,679 → 00:31:49,139

before I understand way more operating systems, I understand

00:31:49,139 → 00:31:53,609

development way better than I used to. And so I guess sort of

00:31:53,609 → 00:31:57,209

pushing through that barrier of a lot of people saying no, like,

00:31:57,209 → 00:32:00,209

No, you can't do this, No, you aren't going to be good at this.

00:32:00,209 → 00:32:04,109

No, you don't have the skill to do this. And really being given

00:32:04,109 → 00:32:07,529

a chance to show that I do that that was sort of tough that it

00:32:07,529 → 00:32:10,079

took me a couple of years to make that transition from it to

00:32:10,079 → 00:32:14,729

cybersecurity. And, you know, I had one very great mentor of

00:32:14,729 → 00:32:19,469

mine, Philip Culp, who gave me my first shot. And so, you know,

00:32:19,469 → 00:32:23,009

and then I was able to sort of go from there. But so I would

00:32:23,009 → 00:32:26,009

say that was the biggest challenge. But the biggest thing

00:32:26,009 → 00:32:29,399

that helped me was finding a great mentor and someone who was

00:32:29,399 → 00:32:32,009

willing to take a chance on me and for me to you know, show

00:32:32,009 → 00:32:34,409

them my skill. But yeah, that was that was pretty tough.

00:32:35,040 → 00:32:38,040

Eveline Oehrlich: Wow. Fantastic. Well, thanks to your

00:32:38,040 → 00:32:41,670

mentor for supporting you, and thanks to you for sticking it

00:32:41,670 → 00:32:45,360

through. That's quite impressive. So I have one more

00:32:45,360 → 00:32:48,270

question. I know you are very busy, and you do a lot of

00:32:48,270 → 00:32:51,240

things, but you must have some fun. What do you do for fun?

00:32:52,020 → 00:32:53,670

Dr. Nikki Robinson: Oh, yeah, I'd love this question. Yeah, I

00:32:53,670 → 00:32:58,470

actually, I I'm very big into fitness. Like I love all things,

00:32:58,500 → 00:33:03,120

outdoor activities, hiking and biking and running. So I love

00:33:04,200 → 00:33:07,380

I'm actually signed up for a couple triathlons. So I love

00:33:07,380 → 00:33:10,350

running and biking and swimming. And, and that's what I do for

00:33:10,350 → 00:33:10,770

fun.

00:33:11,220 → 00:33:14,370

Eveline Oehrlich: Wow. Wow, this has been a great conversation.

00:33:14,400 → 00:33:17,820

You and I could go on. I would love to stay connected. I think

00:33:17,820 → 00:33:20,070

there are some things maybe we want to do together.

00:33:21,119 → 00:33:22,079

Dr. Nikki Robinson: That would be great.

00:33:22,349 → 00:33:25,318

Eveline Oehrlich: Thank you so much for being on our podcast. I

00:33:25,384 → 00:33:29,607

really appreciate it. You are a wonderful, wonderful individual.

00:33:29,673 → 00:33:33,633

So thanks again. We have been talking to Dr. Nikki Robinson,

00:33:33,699 → 00:33:37,460

security architect, adjunct professor, volunteer and book

00:33:37,526 → 00:33:41,288

author, and many many other things again, Dr. Robinson or

00:33:41,354 → 00:33:45,181

Nikki, thank you so much for joining me today on Humans of

00:33:45,247 → 00:33:49,008

DevOps Podcast. For those who are listening. Yes. And for

00:33:49,074 → 00:33:53,298

those listening in make sure you check out the book Mind to Tech

00:33:53,364 → 00:33:57,257

Gap Addressing the Conflicts Between IT and Security Teams.

00:33:57,323 → 00:34:01,150

It is on my list order. I actually already pushed a button

00:34:01,216 → 00:34:05,110

on my Amazon. So this is great. Humans of DevOps podcast is

00:34:05,176 → 00:34:08,805

produced by DevOps Institute. Our audio production team

00:34:08,871 → 00:34:13,029

includes my good friend Julia, Pap, and our hardworking Brendan

00:34:13,095 → 00:34:17,120

Lay, thank you to both of those. I'm humans of DevOps podcast

00:34:17,186 → 00:34:20,947

executive producer Eveline Oehrlich. If you would like to

00:34:21,013 → 00:34:24,775

join us on a podcast, please contact us at this is a very

00:34:24,841 → 00:34:28,734

long name, but I'll read it out Humans of DevOps Podcast at

00:34:28,800 → 00:34:33,090

DevOpsInstitute.com. I'm Eveline Oehrlich, I'll talk to you soon.

00:34:35,399 → 00:34:38,262

Narrator: Thanks for listening to this episode of the Humans of

00:34:38,316 → 00:34:41,774

DevOps Podcast. Don't forget to join our global community to get

00:34:41,828 → 00:34:44,907

access to even more great resources like this. Until next

00:34:44,961 → 00:34:48,365

time, remember, you are part of something bigger than yourself.

00:34:48,419 → 00:34:48,960

You belong

Sorry, your browser isn't supported by Audioboom.

Page load failed