As part of Cybersecurity Month, Executive Mosaic spoke with Amanda Satterwhite, senior director of cyber defense and enablement at Novetta. Here™s what she had to say:
EM: What is your cyber background?
My background runs the gamut of software engineering, program management, and leadership in organizational growth strategy in cyber solutions. I have supported the development of digital media exploitation software, cyber analytics tools and information assurance/security accreditation programs. As part of this, I™ve overseen a security operations center and led a portfolio of offensive security programs, specializing in vulnerability research and tool development. Impressed with Novetta™s focus on innovation, I joined the team in June 2017.
EM: How did you get your start in cyber?
I started my career in the late 90s as a software developer and after 9/11, I joined a team focused on the development of a digital media exploitation system for counterterrorism missions. I enjoyed the mission set and impact that digital forensics and cyber analytics had in securing our country. So, for the last 13 years, I™ve been focused on security research and development programs that further our mission partners™ cyber (defense and enablement) tools, technologies and infrastructure.
EM: What are the greatest challenges facing federal cybersecurity initiatives and how is your department in Novetta helping to address them?
The clearance process is a challenge and often can be a roadblock to quicker innovation and new talent when supporting government contracts; there are many aspects of software development that should not require clearances at the initial stages. We™re hoping to work with our mission partners to develop a pipeline for clearing the next generation of talent without delaying innovation, through the build-out of secure, standalone development infrastructure and environments that are access-controlled but do not require clearances.
EM: POTUS recently released his Cyber Strategy. Were there any surprises?
Like past strategies, I found it to be broad and comprehensive, touching on everything from government supply chain and critical infrastructure to the development of our cybersecurity workforce. I see this strategy driving policy and acquisition “ but feel that acquisition will need to move in a timelier fashion than in the past to be effective. I™m curious to see: what funding vehicles will support implementing the cyber tools necessary to deliver on these policy changes; which organizations will drive the acquisitions; or if acquisitions will be consolidated under a single mandate.
