Jessica Williams is a Security Consultant at BT. She is a computer games programmer turned cyber consultant who is interested mostly in education and defence. Jessica enjoys taking part in capture the flags and she is one of the founding members of DMU Hackers! In her spare time, Jessica sits at her computer desk playing League of Legends or programming in python.
Tell us about yourself?
My name is Jessica Williams, I currently work for BT as a Security Consultant, and I attended DeMontfort University and studied Computer Games Programming.
What made you choose a career in Cyber Security?
Cyber Security chose me! During my time at university, I did a placement year at a penetration testing company, where I worked as a software developer. I was in the office every day working (on the same piece of code most of the time) while all my colleagues were coming in and out, travelling around the country ‘hacking’. I was quite intrigued and started becoming more and more interested in security, especially how security affects what I do, program.
One day we had a new person join the company. He told me he got his job through the Cyber Security Challenge and that the Challenge was possibly the best job interview ever, and that I should give it a shot!
I completed some fun challenges online, learning even more. And a couple of weeks later I received an invitation to the final, and it was there that I met BT, and I have been with BT for just over a year since.
Cyber Security as an industry is really attractive as it is so diverse. It’s not just about your computer getting hacked, its about keeping safe online and about making sure my code is secure.
I’m also really excited about the rise of IoT as I think it raises some really important security issues.
What are the greatest positives about working in Cyber Security?
One thing I love about security is that the industry is quite small, so you can accumulate contacts from lots of different companies and lots of cyber disciplines. I know if I have any kind of technical or ethical problem I can go to those people professionally.
I also love the amount of training on offer. Who doesn’t love to learn? Security is such a hot topic, there are so many interesting courses to take.
As a young person in the industry I am impressed by the progression opportunities, because the industry is so immature that there are lots of jobs that haven’t even been created yet. So, you can make your own way.
What are the greatest challenges in Cyber Security?
I find one of the greatest challenges to ‘practice what you preach’. I may always be lecturing others about staying secure online, keeping their computer up to date, using password safes etc. but sometimes it’s extremely hard to remember to do it yourself.
I would say another challenge is the ‘that would never happen to me’ mentality. I’ve met quite a few people who are so resistant to the idea of keeping secure just because of this attitude. The thing is it doesn’t need to happen to you, it only needs to happen to someone close to you, or a business you are a customer of. That is when your password reuse really does become a problem!
What are the highlights of your career?
The highlights of my career so far are representing the UK in the European Cyber Security Challenge. I had an absolutely fantastic time and I would recommend this to anyone. Another highlight would be the times I embarrassed myself on both Victoria Derbyshire and Sky News.
And my most recent highlight would be the SANS course I am going to take.
After only a year of being in the industry officially, and being at BT, I am having a fantastic time and I am hoping there will be many more highlights to come.
What/Who has been the biggest influence on you?
This is a tough question! I think the biggest influence on me has been both the lack of young people coming into the industry but also the lack of girls.
Where do you see Cyber Security in 10 years?
I think it would be really cool to have Cyber Security more in-built in our education, not just teaching kids to stay safe online in ICT, but learning about some important cyber events in history like Heartbleed.
Although Cyber Security is very important right now for big businesses, less so for the average person and his laptop. I can see this changing considerably. Just look at how many people got an Echo Dot this Christmas?! The internet of things is growing year on year and security right now is struggling to keep up.
What are your career ambitions?
My career ambition is that within the next couple of years I would like to build my own team, all around educating others about security but in a fun and interesting way. What’s the point in teaching if you aren’t making it relevant?
Then I guess, CISO?
What would you do if you were not a consultant?
If I was not a Consultant I would like to be involved in software, perhaps educating programmers about the importance of programming securely through security training, teaching them to exploit their own software etc.
My favourite thing is to help others solve security problems, and that’s kind of what I get to do now! My job is fantastic because I can do lots of things that I want to do, like running CTFs, programming cool security software; I don’t just have to do consultancy!
What advice would you give young people hoping to enter a career in the field?
My advice would be that your experience and love for what you do really trumps what any qualification could give you, especially when attending interviews. Get a github, program some stuff, get some security knowledge under your belt and that will impress them far more than some course!
If you can recite your multiplication tables but using IANA port numbers that helps.