Boeing product security engineer Anna Guthrie supports the Missile and Weapon Systems’ Ground-based Midcourse Defense program. She recently won the DEF CON Aviation Information Sharing and Analysis Center (A-ISAC) Capture the Flag challenge, a 24-hour cybersecurity competition. In this Q&A, she offers a glimpse into a day in her life plus three tips to staying cyber safe.
What do you do on a daily basis? With the clock counting down and the movie hero’s safety on the line, the techie character types frantically on the keyboard. “I’m in!” she says, coming to the rescue just in time. Those movie moments, although sped up and dramatized, often remind me of my role. I help make sure systems are able to withstand cyberattacks. Each day I come to work with permission and encouragement to break and fix systems — repeatedly!
My team and I also get to create and deploy new tools to make this process more efficient. The goal is to win the race, and we win by finding and fixing any potential vulnerabilities before adversaries discover or exploit them. My job feeds my naturally competitive spirit. Each day, I get to increase the cyber resiliency of Boeing products and help keep us safer as a company and as a nation.
Cybersecurity was a natural path for me. I’ve been into computers as long as my fingers could type on a keyboard.
I was the 5-year-old taking apart Mom’s printer, the 10-year-old bypassing the password on some of our home computers and the 14-year-old writing BAT files as pranks.
I was one of only two girls in my high school computer science classes and was advised that, as a woman, I wouldn’t succeed in a tech field. I took that as a challenge. That offhand comment helped decide my major in college.
When I finally got to Brigham Young University, I started in information technology. I then switched to cybersecurity as soon as the major became available my junior year. I ended up being the only female to graduate in cybersecurity from my school that year.
As I approached graduation, I knew I wanted to work with a defense contractor. I find a lot of value in creating more-resilient technology and systems for the cause of national defense.
Joining Boeing’s cyber program was an absolute dream come true. I’ve been able to work with and learn from fantastic teammates on engaging, technical, cross-enterprise projects while supporting national defense.
Boeing’s cyber program is still growing, and I’m thoroughly enjoying the opportunity to contribute to and steer the program. I love knowing that I make a difference and my voice is heard and considered.
What do you like about the job?
It’s gratifying to leave work for the day saying, “Today I helped make our nation safer!”
My favorite aspect of the cybersecurity field is it is always changing. It forces you to stay up to date and relevant. I continue to learn every day.
My team’s projects have been technical and hands-on, and I’m constantly creating new techniques and technologies to increase efficiency and effectiveness. There are many opportunities for simultaneous, technical, diverse projects too. I enjoy having the freedom to switch between projects and change it up each day.
I am also privileged to work with brilliant, dedicated, hardworking colleagues. I love being a part of a global team with a common goal.
Three must-know cybersecurity tips
1. Resist the click: Don’t click on links or open attachments from unknown sources. This applies to text messages, emails, online searches and anything else you can think of. Validate that any software, browser extension, app, update package or email attachment you decide to open, save, install or use comes from a trusted source.
2. Pass on passwords: Use passphrases instead of passwords (and don’t reuse them). While previous security suggestions for passwords included tips like “use numbers instead of letters and throw in some special characters,” these tips may not actually be as helpful as they may seem. A computer will guess “p455w0rd!” just as easily as “password!” Instead, use a passphrase, such as “PurpleElephantsWearBloomers.” Passphrases are usually longer than a typical password. (In fact, the longer they are, the better; this drastically increases password security.) And if they evoke a funny mental image, passphrases are much easier for a human to remember.
3. Freshen up: Update your systems regularly. Vendors release security patches for newly discovered vulnerabilities frequently. Stay up to date to avoid being attacked with these exploits. Also, although some systems will automatically update themselves, remember to consider the Internet of Things devices in your life — your watch, doorbell, security camera or thermostat will also need to be updated, just like a laptop, phone or computer tower.
-Anna Guthrie, product security engineer