Women in Information Security: Valerie Thomas

In my last interview, I spoke with Jen Fox. She’s a Senior Security Consultant who specializes in compliance.

This time, I had the pleasure of speaking with Valerie Thomas. She has a lot of expertise in both penetration testing and industrial cybersecurity.

Kim Crawley: Please tell me about your cybersecurity role and how you got there.

Valerie Thomas: My current role is an Executive Consultant with Securicon, which equates to the lead technical consultant of the penetration testing group. The majority of my time is spent performing penetration testing and vulnerability assessments of various software and hardware, also known as hacking all the things. Securicon is heavily involved in industrial control systems (ICS) and supervisory control and acquisition (SCADA) spaces, so I spend a lot of time in power plants and other critical infrastructure facilities. My niches are physical penetration testing and social engineering, which means that I get paid to break into buildings.

I wasn’t aware that ethical hacking was a career option until my senior year of college after reading The Art of Deception by Kevin Mitnick. I graduated with a Bachelors Degree in Electronic Engineering and immediately began seeking a network security position. However, this was in the early 2000’s before cybersecurity was a mainstream career field, so a lot of knowledge was obtained by knowing someone who could teach you about ethical hacking and vulnerability assessment. I entered into a Department of Defense internship program for network engineering and basically sought out those who could educate me.

Read the entire cool interview at the source.

Source: tripwire

Topics: software vulnerability, Speaking Engagements, The Art of Deception, ICS, industrial cybersecurity, penetration testing, SCADA, security career, Valerie Thomas, ethical hacking, industrial systems, IoT, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Mitnick Security: Ransomware Awareness Training

Ransomware is a type of malware that prevents accessibility to either a single computer or an entire network until a ransom is paid. This can result i..

Read more ›

Mitnick Security: Phishing Awareness Training

Phishing emails are one of the most common social engineering techniques used by threat actors today due to such high success rates. About 3.4 billion..

Read more ›

Mitnick Security Training: QR Code Cybersecurity Test

Nearly 90 million smartphone users in the U.S. alone have used QR codes on their mobile devices. By 2025, that number is projected to grow to 100 mill..

Read more ›
tech-texture-bg