BT's Security Boss: Tech Has No Age
Kate Kuehn's job may now consist of fighting sophisticated cyber criminals in a virtual environment, but it started with taking apart a push button phone and putting it back together to prove she could keep up in the world of telecom.
Fast forward 20 years and Kuehn is now the deputy CISO (chief information security officer) and head of security practice at BT Americas. BT Americas is the North and South American operation of BT Group plc (NYSE: BT; London: BTA). The UK-based company has had operations in 36 cities in this region for more than 30 years, focusing on providing cloud-based managed business services to the enterprise. (See BT Deploys Zscaler to Secure Managed Cloud Services.)
Enterprise security is, of course, crucial to BT Americas' platform. Kuehn's team provides threat monitoring, visual analytics and related managed security services to its customers across the globe.
For Kuehn, what makes the field exciting is that the technology is ageless. It's always changing and evolving, which makes it appealing for both the young and young-at-heart to pursue. (See BT Seeking 900 Cybersecurity Folks.)
She began her career at MCI and Verizon, where she led the industry's first projects -- Ethernet as a network (CPA) and IAAS -- and helped develop the first Secured Proximity Financial Hosting Centers globally to facilitate electronic trading. Now, as deputy CISO for BT Americas, a role she has held since April 2015, Kuehn's job is to stay one step ahead -- of new attacks, trends and technology advances.
Here, she tells WiC more about why technology excites her, how the field has changed and why she's optimistic about the changes still to come.
Women in Comms: Tell us a little about your professional background and how the world of network security has evolved in the past 20 years.
Kate Kuehn: A career in technology was not my dream or plan. I went to college for politics, public relations and theater design. It was a critique on a website called Hotjobs.com that led to my first job at WorldCom. During the interview process, I even called bandwidth, bandwich to a vice president at the company -- not my finest moment. The only prior experience I had in IT was creating a website for Sen. Tom Harkin (D-IA) when I was his media intern in Washington, D.C. Needless to say, I definitely utilized HTML for Dummies over the semester.
Looking back now, I cannot imagine a more perfect career for me, but 20 years ago, the idea of security as a career was just beginning. Women pursuing an education or a job in technology was in its infancy. I remember my first week on the job like it was yesterday. Without much prior knowledge, I had to take a test to see if I could take apart a push-button phone and put it back together. I remember listening to the engineers presenting lunch-and-learns over emerging technologies -- it sounded like they were speaking a different language! Moreover, I secured sales leads by cold calling or driving around office parks and walking door-to-door. One of the first awards I received was getting 19 appointments in one day from literally calling companies out of the phone book. It's funny to reminisce about where my career started because at the time, I didn't realize this was just the beginning.
Over the years, the technology evolution has been swift and I am extremely proud (and lucky) to have been a part of so many key trend shifts. Security, beyond the idea of a firewall, was really born with the convergence of Internet on private architecture and Ethernet as a network. When we first started, there were no tools to manage bandwidth, latency or intrusion detection. We would stand in long narrow rooms with one or two TV screens on the news and maybe one or two screens projecting the limited architecture statistics we had. We waited for the Fed to announce a change to the US interest rate index to ensure we had enough bandwidth and weren't experiencing any anomalies on the network. The 8 milliseconds after this index change was our best indication of "peak" traffic.
For security, the first major breaches we tracked were basic nation-state attacks or organized crime-related activities. These types of breaches were also often linked to some type of physical breach. We primarily dealt with DDoS and physical data injection attacks. Many times we needed to gain client approval to pull beta or half-tested solutions out of lab to combat an emerging threat. Sleepless nights and many prayers were the norm.
The idea that SOCs/NOCs were in basements, that tools to scrub DDOS didn't exist and clouds were either circles you used in a diagram to depict the Internet or the fluffy things in the sky, is a marvel to some of the young people I mentor today. I love seeing what one of my mentors calls the brave new world, filled with schools, universities and STEM groups focusing on technology education. The fact you can have a masters in cybersecurity amazes me. Admittedly, a part of me is thankful these programs weren't around when I began my academic career. If they had been, I'm not sure my career would have evolved into what it is today. (I am sure I would never have made the grades!)
WiC: What has been the biggest lesson you learned, either personal or professional, over the course of your career so far?
KK: At a very young professional age, I was taught not to be afraid to say, "I don't know." Always ask why, and always keep learning. If you don't know the answer, work to make sure you can find it. As IT and security professionals, I believe we are so incredibly lucky that there is an infinite amount of evolving technologies we can take apart, break, fix and improve as we continue our collective path on the "Digital Revolution."
WiC: What does BT Women's Network entail?
KK: For the past 30 years, the BT Women's Network's main objective has been to create a gender-equal workforce at BT. Our purpose at BT has always been the same: drive gender equality in BT and across the industry, as well as connect BT's men and women with key opportunities and people. Through regional chapters, events, mentoring, education and community outreach, the network strives to make BT a leader in the promotion of gender equality in the workplace. Some of the best examples are events like our Women in Engineering Day, the #15000 program and our mentorship initiatives. Developing young talent is a passion of mine, and the network allows me to work with people from all parts of our business that I may not normally come in contact with in my day-to-day role. Ultimately, we strive to enable our team members to make the most of the opportunities BT has to offer and these types of events help promote that mission.
WiC: Why is mentoring so important, and how do you make it a priority while also balancing the demands of your day-to-day job?
KK: I think Vint Cerf said it best when he said, "You don't have to be young to learn about technology; you just have to feel young." The technology field is changing so fast that it is almost impossible to keep up with the pace but having the eagerness to learn is crucial as we try to evolve at the same rate. In my opinion, how to think, how to lead, how to question and how to determine what to focus on next are almost more critical than understanding current threats or trends. The reality is they will be obsolete before most of the young people we mentor, whether in a STEM program or university, enter the workforce. I make mentoring a priority because technology is cool, and I want to ensure more young people view IT as "hip" and a viable career option. As an industry, we are facing a massive candidate shortage, specifically to fill the roles forecast in security over the next ten years. I think it is every security leader's responsibility to help bring more young people into our world.
From a balance perspective, I have a clear rule that my day-to-day must come first. Our team and our customers are always my top priority, but they know mentorship and outreach are extremely important to me as well. We work together to coordinate schedules and allocate time for me to focus on mentoring and other technology initiatives. I am blessed with a team that fully supports the programs I'm involved in and encourages my passion for education and mentoring.
WiC: As a mother, mentor, Girl Scout troop leader and advocate for STEM, what makes you feel optimistic about the future of our industry and females' role in it?
KK: As a mother of four, three of whom are girls, I feel a lot of responsibility to not only be a mentor, but an industry leader. My hope is that my children will one day want to emulate this sense of responsibility in their own careers. From my experience, 20 years ago there weren't established roles for women in technology, and my ultimate goal is to facilitate a path for my daughters and all women to have a viable choice to take on any role they choose within technology without having to face bias.
In terms of how the industry is evolving, I am extremely optimistic that the gender gap in technology is lessening and women are increasingly playing more prevalent roles. In my daughter's Brownie meeting a few weeks ago, NASA gave a talk about the most important women in space exploration, and the next week my children built rockets. STEM and creativity are converging in ways we never imagined, and this is creating a wider appeal to young people to learn and be a part of the digital revolution. Technology is ageless, and I'm confident we will pass the torch to a very accomplished and well prepared next generation, who hopefully will never have to focus on the topic of gender equality.
— Sarah Thomas, , Director, Women in Comms