#9 - Heather Adkins

Avast Hacker Archives

内容由Avast提供。所有播客内容（包括剧集、图形和播客描述）均由 Avast 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品，您可以按照此处概述的流程进行操作https://zh.player.fm/legal。

2+ y ago 38:50

MP3•单集首页

已归档的系列专辑 ("不活跃的收取点" status)

When? This feed was archived on May 20, 2023 03:25 (11M ago). Last successful fetch was on September 14, 2021 13:05 (2+ y ago)

Why? 不活跃的收取点 status. 我们的伺服器已尝试了一段时间，但仍然无法截取有效的播客收取点

What now? You might be able to find a more up-to-date version using the search function. This series will no longer be checked for updates. If you believe this to be in error, please check if the publisher's feed link below is valid and contact support to request the feed be restored or if you have any other concerns about this.

She doesn’t just talk the talk, she also walks the walk every day in and day out for a service most of the planet has come to depend on,” says Avast CISO Jaya Baloo, introducing Heather Adkins, Senior Director of Information Security and Privacy at Google and founding member of the Google Security Team. That “service” Jaya mentions only happens to be keeping the most popular internet tool in the world safe and secure for all.

In Episode 9 of Avast Hacker Archives (AHA), Heather tells Jaya that she didn’t set out looking to work in cybersecurity, cybersecurity just happened to find her. She was studying marine biology at Humboldt University when she took a job at a local ISP. Then something fateful happened that changed the direction of her life – they got hacked.

All at once, Heather was intrigued, curious, and excited. This new cyber world fascinated her, and she headed down to Silicon Valley. She was referred to Google, got the job, and spent the next 19 years of her life dedicated to leading the pack in strong cybersecurity, tweaking as necessary to stay on top of the newest tech, tricks, and traps.

The old way of deploying cybersecurity was site-specific. A company would have a building full of employees, those employees would work within an internal network, and a firewall would be placed around it. This is known, Heather says, as “the bonbon model” – a hard exterior protecting a soft interior. It seemed a sensible and sound method, and at first it worked.

But then, in 2009, Operation Aurora struck. This was a series of cyberattacks that lasted for half a year targeting a variety of organizations like Adobe, Yahoo, Morgan Stanley, and Dow Chemical. The attacks originated from Chinese state-sponsored APT groups, and Heather and her team realized that things needed to change. The problem was that the bonbon model placed too much trust in the internal network. Cybersecurity needed to shift from protecting the building as a whole to protecting the individual machines. The shift would also cater to the emergent trend of remote workers. It required more stringent identity validation and authentication but allowed employees, in theory, to work safely from anywhere.

And that is approximately where we stand currently in the evolution of cybersecurity, but more changes are imminent. Cyberspace is experiencing something of a security paradox at the moment, where most people depend on collected data – search engines, trends, etc. – but at the same time, they want more privacy.

“If I were to make a prediction,” Heather confides to Jaya, “and this is not a Google opinion, this is a Heather prediction – I think consumers will get very comfortable with the idea that data yields solutions, but they’re going to want more control and more insight in simple ways over this data. And because of that, we will see more computing moving down to the endpoints, we will see more cloud-based storage and use by NCrypted, and more agency for the user.”

Heather continues, “It’s all going to come down to the endpoints. That, plus the presidential order that came down in 2021 will really drive this idea of reshaping the ecosystem because we really have to do things differently than we’ve been doing them for the last 30 years or so.”

That presidential order from Joe Biden mandates that all government agencies invest in stronger cybersecurity. This will affect the entire world of security, as vendors will find new solutions to meet the president’s order, and those solutions will then trickle down to the consumers.

Heather is a female leader in a male-dominated field, and she finds inspiration, even a bit of connection, with another female leader from centuries ago – Mary Queen of Scots. Not only was Mary a strong leader of Scotland in the mid-1500s, but she has a historical footnote that still resonates today with the security industry. She met her end due to lack of privacy. Her messages were intercepted. In a way, it was death by 16th-century data breach. She’s both a model of strength and a reminder of caution.

All this is only part of the info-packed conversation Jaya has with Heather. There’s a lot more, including the increased use of homomorphic encryption, the importance of “cyber hygiene,” and Heather’s secret formula for getting the masses comfortable with a new change. You could say Avast Hacker Archives Episode 9 is our only episode where a thought leader from the Googleplex shares a googolplex of her security insights with us. Click the link below to hear it all for yourself!

11集单集