Student Spotlight: Kathleen Rooney
Student Spotlight: Kathleen Rooney
Welcome back to CyberVista’s Student Spotlight Series. In this series we talk with InfoSec professionals who used the CyberVista system. This episode we talked with Community and Communications Lead, Kathleen Rooney, of QTNA fame. The following interview has been edited for clarity and brevity.
CyberVista: Why did you decide to take on Security+?
Kathleen Rooney: I was working in strategic communications for the government and military. While our work didn’t directly deal with cybersecurity, I noticed that every discussion around emerging technologies eventually came back to security. I wanted to be more cyber literate and aware so I could understand and discuss the implication of the emerging technologies that we were implementing.
CV: What part of Security+ content is most interesting to you?
KR: The DevOps (Secure Development) part was fun. I play a lot of basketball so I appreciate that development security is basically a team sport; the security, development, and operations teams all have to work together from the beginning to build a working and secure application. Basketball is a team sport too, unless you’re LeBron.
CV: You mean LABron?
KR: Haha he would have been better off in Philly.
CV: What’s the future of cybersecurity?
KR: I was just reading an article about the top breach of 2018 (so far). All of them were, for the most part, preventable. For example, Under Armor used an outdated hashing algorithm to store passwords. Misconfigured databases lead to data exposure. Spear phishing attacks stole credentials. So the future of cybersecurity will be ensuring organizations avoid the the things that can be avoided. Both security practitioners and users alike need to be trained to get the easy stuff right.
CV: What was the most challenging part of the Security+ content?
KR: Being new to the industry, I was at first overwhelmed by the content. Not only was it a lot, but it was also all totally foreign to me. Domain 1 felt like I was learning a new language that was made up of only three-letter acronyms. FTP, DNS, XSS, port 22: All totally foreign words that I had to learn!
CV: You mentioned port 22. Pop Quiz: Which protocol operates out of port 22?
KR: Haha uhhhh…I have some more studying to do.
CV: Why did you choose CyberVista as your Security+ training provider?
KR: My busy work schedule wouldn’t allow me to either cram the material or miss work to take a bootcamp. I liked how the course was structured and spread out across 6 weeks. That gave me the time I needed to learn the security lexicon and digest the material. If you’re new to the industry, I wouldn’t recommend attempting Sec+ with less than a month of studying. It’s a lot!
CV: What was your favorite CyberVista study resource?
KR: I really enjoyed the live online sessions. EveryThursday evening when it was time for class I got the sensation that I was curling up with my computer for my favorite three-hour TV show! Ok it wasn’t that fun, but it was surprisingly painless. I had a good rapport with my instructor, TA, and fellow classmates. I liked that I was able to ask questions during class and even got to privately chat the TA on the side for extra help.
CV: Any advice for other women in the tech industry?
KR: Find female mentors that you respect in the field. I find it very important to gain perspective and advice from those that have been in my shoes once before and already experienced what it was like growing in a male-dominated industry. It helps build a community of advocates dedicated to your professional development beyond your current supervisor, team, and company.
Do You Want To Pass?
If you’re like Kathleen, hoping there’s another way to learn learn certification material besides the daunting task of self-study, then let us show you a better approach. At CyberVista we have two goals: help you learn the material so you can pass the exam, and help you retain the information so you can apply what you learn for the long term. Learn more about CyberVista’s Certify training courses including the CISSP, CISM, CEH, and Security+.