Like many of those recently thrust into remote working because of the COVID-19 pandemic, 2019 Infosec scholarship recipient Tanu Kaushik initially faced a now-common adjustment issue. This hard-working systems administration manager found herself working well into the evenings.
“I like it better now versus the first few weeks because it was quite overwhelming,” Tanu said. “It’s hard to limit your work schedule because your desk is only a few steps away. So you get an email and are tempted to answer it right away, but it never ends. It took me three or four weeks to adjust to the new normal and turn off my work mode every day. But I kind of like it now.”
Building blocks of thinking like a security pro
Tanu and her husband are Silicon Valley residents living in Mountain View, California. She works for eBay, where she started as a consultant in 2015.
“I was working with eBay when they were splitting the company and PayPal,” said Tanu. “I helped set up the entire infrastructure for PayPal. That included the core services and systems attackers like to target. I worked with the teams responding to account hacking tests from our internal security group. It became a daily exercise and helped me learn to think about what we could do to elevate our security posture.
“The experience helped me anticipate how attackers think. Learning to identify the security risks associated with the solutions we are implementing and thinking outside the box to prevent future red team hacks challenged me with a steep learning curve. That’s one of the reasons I chose the red team operation certificate as part of my scholarship program. I am intrigued by and want to learn more about how red teams hunt for security lapses. I want to understand their mindset even more so I can protect my work environment while designing solutions for the company.”
A challenging start instilled determination and perseverance
It’s been a long journey for Tanu, who grew up in a middle-class family in India. Her determination, deep interest in learning and perseverance helped her overcome hurdles — traits still guiding her today.
“I grew up in India at an age when the Internet was just starting to really pick up,” Tanu says. “We bought our first home computer when my brother was in engineering school and I was getting close to college graduation. Back then, we had to order computer parts. You’d go to a shop and choose the processor, what RAM and give your own specs and the tech in the shop would help build it. Now you just walk up and you have all the important options already built-in.”
Before her family installed a modem, Tanu would go to cyber cafes to get the hang of how computers work. Computer access time was minimal at school and during college, a concept many don’t understand in these days of smartphones, laptops, iPads and 24/7 Internet access. Tanu was a physics major in college, but little by little she learned coding and programming through coaches who taught in small cafes and apartments. She found coding monotonous, but it informed her thinking.
“Coding was hard for me because even a minor overlooked detail could cause an unexpected outcome. I would look for reasons programs failed. What can happen, what can go wrong with this? Instead of focusing on how to solve a problem, my mind was working differently. And then, in the final year of college, I got my first job at Infosys Technologies, one of the biggest tech firms in India. They trained me on all the Microsoft technologies, like MCSA and CCNA. And that’s when I developed a good understanding of networking and system administration work.”
Consulting solidified cybersecurity path and passion
Stints in IT support and consulting helped cement her interest in cybersecurity. Work as a consultant brought her to the U.S., first in Chicago and eventually to California.
“I loved consulting because I met so many people. I love learning how every company runs differently and how priorities differ. For instance, working with TransUnion and understanding its priorities — mostly remediating issues with older software at the time — versus other clients with very different priorities. It helped me understand how risk differs for each business model and how each business defines the cybersecurity strategy based on its priorities. It should never be a cookie-cutter plan, like follow these ten different strategies and you’ll be safe and secure. Every company has to define what is most important and how much to spend securing its environment.”
Supportive leadership at eBay
Consulting led her to eBay and eventually a full-time position. Tanu is thriving in a supportive environment where life-long learning and mentors are valued and encouraged. Last year, Tanu participated in a Stanford University leadership program and is currently in the University of California, Berkeley cybersecurity master’s degree program. She credits one of her leader’s personal story of juggling a busy career with a lifelong goal of earning his pilot’s license as inspiration to pursue her dreams.
“My management is very supportive, and it’s in the company culture,” said Tanu. “One of our leaders shared how he wanted to learn to fly a plane, so he joined a flight school. Every night he’d go home and study and do all the work. It inspired me because I felt if he could do it, I could do it as well with a master’s program in cybersecurity.”
What’s next for this super-busy cyber professional? Along with the coursework and certifications coming from her Infosec scholarship and earning her cybersecurity master’s degree, she recently took on a manager role with her team.
“I want to be helpful and useful in motivating people and help grow their careers. As a manager, I want to be the best leader possible and help people reach their goals.
“My team manages authentication, which is the process of signing in with username and password and a second factor. We explore industry concepts like zero-trust and help enforce security policies and streamline the user experience. But since I’ve grown upwards as an engineer, I thought It would be much harder to transition into managing individuals. Growing up, being the eldest kid, I was always looking out for my younger brothers. I was responsible, always trying to be an example for them. It helped me grow as a leader and helped me learn compassion and empathy. I like to motivate people and be involved in the work.”
Scholarship accents academics
Tanu is thankful for the Infosec scholarship because it is helping her become more well-rounded by adding the very practical CompTIA Network+ and Security+ certifications alongside the academic deep dive from the master’s program.
“The Security+ training was excellent, one of the best courses I’ve ever had,” said Tanu. “It means so much for my career. I’ve worked on many projects, but those are around my established skills and expertise. But wanting to become a cybersecurity leader, I have so much more to learn as the field is vast and evolves faster than any other field. Taking these courses while I’m also in the master’s program contributes to my understanding of the overall breadth and depth of cybersecurity. I’m feeling more accomplished and will be able to drive bigger and better projects in the future.”
There is more to cybersecurity than hackers in hoodies
“Most times, when you talk about cybersecurity, people imagine a hacker in a hoodie,” Tanu said. “That it’s all about attacking and preventing. But the cybersecurity landscape has various roles. This is the message I’d like to take to the younger generation today who are thinking about their careers. There are various roles requiring different skill sets and all of them are equally important. You need engineers, project managers, pen testers, developers, policy and legal experts.
“We’re living during a significant evolution of the Internet. The models are changing, and every year or so, the entire industry moves forward and it changes the way people work with their devices, for example, transitioning from a traditional computer to a minicomputer in your hand like smartphones or on your wrist like a smartwatch. The technology changes can make life simpler, but it creates new levels of hidden complexity behind the scenes. There are a place and role for everyone to come solve those problems and build a career in cybersecurity. Anyone with the aptitude and is willing to work hard, is ready to learn and put the time in, can have a successful career in cybersecurity. And I would love to see more young faces and more women joining hands in the field.”