Top Women in Cybersecurity: Kimber Dowsett

Kimber Dowsett, Security Architect, 18F

During a class graduation for Apple’s recently launched “Genius” training program in 2005, former Apple CEO Steve Jobs approached one of the few female graduates with a smile and handshake. Jobs expressed his delight at seeing a female in the typically male-heavy class. Today, 12 years later, and while Silicon Valley continues to struggle with diversity issues, that same graduate is one of the cybersecurity community’s best known engineers.

Kimber Dowsett is a security architect for 18F, a specialized technology division within the General Services Administration, or GSA, that’s been called the U.S. government’s startup. 18F is a unique organization in that its employees often work directly with a myriad of different government agencies; meaning that they come in contact with numerous computer networks.

Dowsett has worked over the past year to defend 18F from hackers and to make sure that if the organization were ever to be breached that an incident response plan is in place. In November, she helped author a vulnerability disclosure policy for GSA’s Technology Transformation Service, which now helps guide how security researchers can submit discovered software vulnerabilities to the U.S. government.

 What’s been the biggest challenge that you’ve faced in your career? How did you conquer it?

That’s a tough question. I’ve faced technical, political, and social challenges. In this field, keeping up with the fast-paced changes in security best practices is an ongoing technical challenge. With the weight of the 18F Infrastructure on my shoulders, I have to make sure I stay on top of breaking security news, process improvements, and vulnerabilities that potentially impact TTS, GSA, and/or government as a whole… all while maintaining an infrastructure and responding to security incidents. Today’s best practice can quickly become tomorrow’s misconfiguration incident. I try to book 15 minutes in my calendar each morning, afternoon, and evening to catch up on security news and events. I’ve also configured a ton of email and phone alerts, but parsing all of that data is nearly impossible. Time is almost always my blocker.

What would you say to young women who are thinking about starting a career in the cybersecurity or broader technology industry?

To young folks in general, the best advice I can offer is to learn to use your voices. The landscape will never change unless the faces representing our field do. Practice public speaking any time you can. Join a toastmasters group. Submit talks to conferences that offer speech mentors. For me, technical research has always been the easy part; presenting my findings to a group of talented people who are sure to ask complex questions is always nerve wracking. I can’t stress enough the importance of finding your confident voices, whether in a small team meeting or in front of thousands of conference attendees. Confidence only comes with practice.

Was there a moment you can remember, or an event or a specific person, who inspired you to get into this field?

I was recruited by Apple right out of graduate school. When I headed out to training in Cupertino, CA, I really had no direction and wasn’t sure what I wanted to do. Within two days, I was tearing apart computers and breaking into operating systems. At the core of my being, I absolutely love breaking things, so I found a way to make a career of it … Although I still occasionally find myself the lone female in the room, I’ve never looked back, and I’ve never regretted choosing a career in tech. I am inspired by, and eternally grateful for, the many folks in STEM fields who wake up every day and fight the good fight, often at the expense of their own self care and privacy.

Why is it important to you to empower women and minorities to join more technical and technology-related fields?

In the immortal words of Joss Whedon, “Because you’re still asking me that question.”