播放设置
On

专家访谈

Veronica Cuello Discusses a Holistic Approach to 网络安全 and Risk Management

维罗妮卡·奎洛的大头照
Veronica Cuello is a cybersecurity leader with the Tetra Tech 联邦它 Group specializing in risk management and program transformation.
She has been supporting clients for more than 20 years, consistently improving their security posture. 作为一名网络安全主管, Veronica is responsible for ensuring excellence in customer delivery, expanding Tetra Tech’s cybersecurity services into new markets, and continuing to develop cutting-edge cyber capabilities. Veronica also co-leads a women’s initiative program with the aim of empowering and advancing women in the workplace. She holds a Master of Science in Technology Management from George Mason University and a bachelor of arts degree from Vassar College.
问题:

What sparked your interest in establishing a career in cybersecurity?

I was initially headed toward a career in management consulting when I encountered a client who was struggling to implement a cybersecurity program in response to a federal regulation called the Computer Security Act of 1987. 我把剧本复印了一份带回家, 从头到尾读一遍, and helped my client implement it step-by-step. By doing so, I developed an interest in 技术, and more specifically in cybersecurity. I was attracted to the dynamic nature of the field—技术 is always evolving, 而且总有新的东西要学. It’s also a broad field with many interesting specializations to pick from.

问题:

How has cybersecurity evolved during your career?

In the beginning, there was little guidance on how to implement cyber programs. There were regulations stating what needed to be done, but how to get it done was left to interpretation. 多年来, 开发了许多框架和模型, and agencies like the National Institute of Standards and Technology and the Department of Homeland Security have done a lot to demystify cybersecurity. 最近, information 技术 (IT) modernization initiatives, 持续开发实践, and the increased use of cloud 技术 has really changed the way we approach cybersecurity. Some developments have streamlined cyber processes, such as more centralization and consolidation, and others have made securing data more complex, such as how to protect your data in a multi-tenant environment.

问题:

What is the biggest cybersecurity challenge our clients face today?

My experience has been that the biggest challenge our clients face is not about 技术—it is about the people and culture. Implementing robust cyber programs must be a coordinated effort and comes down to people. As demonstrated by the constant barrage and relative success rate of cyberattacks—like phishing attacks—aimed at end-users, 改变全球最大体育平台类的行为是很困难的. It takes a continuous effort aimed at all organizational levels to implement and maintain a robust cybersecurity program that can constantly evolve in response to new attack techniques. 另外, the shortage of skilled cybersecurity professionals available in the workforce is a real challenge in the industry.

问题:

How will cybersecurity evolve over the next three to five years?

在接下来的几年里, we will continue to face more sophisticated and evolving threats from groups of people who want to profit from increasingly valuable data or want to engage in cyberespionage, 网络战, 或黑客入侵. 同时, IT is becoming more integrated in our daily lives—with the number of Internet of Things (IoT) devices increasing—and even in our critical infrastructure. The convergence of these trends means that cybersecurity will become increasingly important to citizens and governments alike and will be an enabler for advancing IT in an increasingly connected world as we rely more on information systems.

问题:

What is Tetra Tech doing to address cybersecurity threats facing our clients?

We approach our clients at a holistic level by identifying the root of their cyber challenges and implementing transformative solutions that stretch from traditional accreditation of IT systems to applying cybersecurity controls to protect critical infrastructure. This includes making better use of existing tools and resources through analysis and automation, and through integration of cybersecurity into the acquisition and development life cycles. Tetra Tech views compliance with cybersecurity standards and guidelines as a by-product and not an objective. 最后, our expertise includes attracting and developing top talent through our internal training programs, which are aimed at keeping Tetra Tech’s experts at the leading edge of cybersecurity developments.

滚动到顶部