As part of Cybersecurity Month, Executive Mosaic spoke with Amanda Satterwhite, senior director of cyber defense and enablement at Novetta. Here’s what she had to say:
EM: What is your cyber background?
My background runs the gamut of software engineering, program management, and leadership in organizational growth strategy in cyber solutions. I have supported the development of digital media exploitation software, cyber analytics tools and information assurance/security accreditation programs. As part of this, I’ve overseen a security operations center and led a portfolio of offensive security programs, specializing in vulnerability research and tool development. Impressed with Novetta’s focus on innovation, I joined the team in June 2017.
EM: How did you get your start in cyber?
I started my career in the late 90s as a software developer and after 9/11, I joined a team focused on the development of a digital media exploitation system for counterterrorism missions. I enjoyed the mission set and impact that digital forensics and cyber analytics had in securing our country. So, for the last 13 years, I’ve been focused on security research and development programs that further our mission partners’ cyber (defense and enablement) tools, technologies and infrastructure.
EM: What are the greatest challenges facing federal cybersecurity initiatives and how is your department in Novetta helping to address them?
The clearance process is a challenge and often can be a roadblock to quicker innovation and new talent when supporting government contracts; there are many aspects of software development that should not require clearances at the initial stages. We’re hoping to work with our mission partners to develop a pipeline for clearing the next generation of talent without delaying innovation, through the build-out of secure, standalone development infrastructure and environments that are access-controlled but do not require clearances.
EM: POTUS recently released his Cyber Strategy. Were there any surprises?
Like past strategies, I found it to be broad and comprehensive, touching on everything from government supply chain and critical infrastructure to the development of our cybersecurity workforce. I see this strategy driving policy and acquisition – but feel that acquisition will need to move in a timelier fashion than in the past to be effective. I’m curious to see: what funding vehicles will support implementing the cyber tools necessary to deliver on these policy changes; which organizations will drive the acquisitions; or if acquisitions will be consolidated under a single mandate.