Hey all!
Time for another edition of “twenty questions”! Last time featured a fashion/style person, so I’m switching things up this time to feature a cybersecurity/InfoSec person. I have passions for both of these interests, so why not feature both, right? Right! 😊
If you’re not familiar with how this works, I reach out to a blogger, content creator, business professional, etc. that reside within my realms of interest: fashion and style, and cybersecurity and InfoSec. I ask them twenty questions to get to know them, and their areas of interest better, and then I share what I learn with you. It’s a great way to network, and learn more about people.
Ready to dive in?
One professional, twenty questions. Let’s go!
Name: Catherine Demesa
Where can you be found on the internet:
- LinkedIn: https://linkedin.com/in/nyanscripter
- Website: https://demesa.ju.mp
Personal Background
1. What inspired you to start a career in cybersecurity/infosec?
I originally was a Psychology Major! Although it’s such a fun topic (and I still research that in my personal time) it does not pay dividends, and is what I call a service career. Meaning you dedicate more energy than you give back. I always had an interest in tech and didn’t want to do the full software engineering thing. So I opted for security instead!
2. How did you first become interested in blogging about cybersecurity?
I actually wanted to do it for YEARS but didn’t know when and where to get started, but I’m glad I have a blog now! I had a lot of soul searching this year and started it when I switched to trust and safety
3. What’s the story behind the name of your blog?
Nothing unique 🤣🤣🤣 I just slapped a name onto Tumblr and hooked it up to my carrd site. It’s based off my last name. Maybe I should be a database admin considering my last name literally means “Of Table”.
4. What are your favorite topics to write about and why?
I really really love talking about trust and safety, how psychology and cybersecurity combine, social media/wellness etc. All of those tie in together and it’s like… a more holistic and human side of security that I don’t think many talk about. Trust & Safety doesn’t have many folks in it but it is growing.
Career Insights
5. What has been the most challenging aspect of working in cybersecurity?
The REAL struggle is Getting a job post-Pandemic😭 but also having companies actually hire robust security people AND not overspending. A lot of vendors are actually pretty pricey (and I’ve apparently learned many people during the Pandemic asked for double or triple what they deserve for salary.) so I understand why companies take a step back from spending $$$ on necessary security protections.
6. Can you share a memorable success story from your cybersecurity career?
Oooo, so not 100% security but I do believe that customers and end users are definitely a huge part of security efforts. When I was at a past startup, I directly contributed to improving customer relations and moderation efforts with the technical and marketing teams. Of course they were grateful and I’m super happy they gave me an opportunity to help out in whatever ways I could. It took me a while to think of this answer, I think because many folks expect a sort of “You saved the day and found the biggest 0-day ever!!” Lol
7. What skills do you think are most underrated in the field of cybersecurity?
If it wasn’t obvious from previous answers, PEOPLE SKILLS. Whether it be explaining concepts at work or networking, this is so underrated. There’s quite a number of people I have noticed who have trouble with this. I also, over the years, fell for the whole “introvert works in tech and will never talk to anyone” trope. That is so far from the truth. You will only stop talking with other people when you’re dead or in a ghost town😆
8. How do you stay updated with the ever-evolving cybersecurity landscape?
I don’t read up on stuff as often as I used to during the Pandemic but I do see stuff on my Instagram feed and recommended. I also read stuff on Reddit. There’s so many Subreddits I can’t list here lol… but there’s plenty to choose from. Also, learn to Google-Fu into learning necessary skills and up skill for your job. Just saying!
Blogging Experience
9. What motivates you to keep blogging in such a competitive space?
I feel like it’s necessary – Like obviously don’t be obsessive about it but it’s one small thing in a vast list of things you should be doing to get your next gig. Kind of like drinking water or keeping up your network. Ya gotta do it!
10. How do you balance your professional work with blogging?
Don’t take it so seriously that you obsess over it but also don’t joke around too much to where you become complacent. There is a concept (if any of yall have been to therapy) called Compartmentalization. Imagine in your mind you have a bunch of boxes labeled with different things. You put certain things in these boxes to deal with later when you’re ready or when it’s appropriate. I can apply this concept to this question as well so everything can be more balanced. In combination with time management, you can be more efficient with that. 😀
11. What’s the most surprising feedback you’ve received from your blog?
Before I started my blog I had everything in GDrive. (Shush don’t hate…) someone in a final round interview commented how much they loved how well I documented EVERYTHING so well, it was as if she was reading actual documentation from a developer website.
12. Have you ever faced criticism for your blog posts? How did you handle it?
So far not yet but I’d love constructive criticism!
Industry Perspective
13. What do you think is the biggest cybersecurity threat today?
I have several answers for that for different reasons. Moderation at-scale is a HUGE issue, as is combatting disinformation within social media itself. No one is immune. Also, threat actors and the ever-evolving landscape and how that’s playing out. I believe that many are advancing and improving their attacks and tools faster than we can ever keep up.
14. Which cybersecurity trends or technologies are you most excited about?
AI! I know and am aware of potential dangers, and I totally feel what people say about it. But in terms of security and tooling etc, I do think AI has potential to really automate and assist in our field. I believe there are some use cases already to assist in logging actually!
15. If you could change one thing about how cybersecurity is approached globally, what would it be?
I think that we should re-prioritize and shift our thinking to a more human approach and how data is being impacted. Because I think many managers and folks are too busy building tools and playing around with them, and not doing the much needed day to day efforts we so desperately need. Obviously corporations are corporations they are doing this for profits and numbers. But overall, they are ultimately the ones with power and influence right now.
16. How do you think AI and automation will impact the cybersecurity industry in the next decade?
Many folks in other fields are definitely seeing their jobs being impacted by automation and AI-driven setups. This will definitely not impact our field to that point, but I do think that we’ll see a lot more logging and data reports being automated. Also, we could see AI-assisted or testing or engagements overall.
Personal Preferences and Advice
17. Who are your favorite cybersecurity experts or influencers?
Ali Diamond and Snubs (current and previous Hak5 host!), UWU Underground, John Jackson of Sakura Samurai, Jessica Crosby of GoFundMe, SecureinStyle (of course!!) , JonathanData1 (Joking!!) uhhhh I can’t think of anymore but all of these people except for JD1 are pretty awesome
18. What’s one piece of advice you would give to someone starting in cybersecurity?
You gotta be in this for the long game . You might have a terrible salary starting out and that’s gotta be okay with you. But network your heart out and level up every few years and you’ll be ok 🙂
19. Are there any books, courses, or resources you recommend for aspiring cybersecurity professionals?
I know this sounds cheesy, but networking on Discord and LinkedIn is such a lifesaver and will help you so much more than a boot camp. Also, avoid security boot camps like the plague. You’ll thank me later.
20. What’s the best piece of advice you’ve received in your cybersecurity journey?
Be careful with what certs you get and how many you get too! You’re definitely gonna have to pay for a few of them at the start. But don’t get like 3-5+ at the beginning and then have no experience/projects. HR and managers will pass you on as much as the guy with no degree. You’ll look goofy. lol
And there you have it! I hope you enjoyed it. If you know someone who should be featured, or if you would like to be featured, please feel free to reach out at:
terry@secureinstyle.tech
Leave a Reply