Move over Carol Danvers, there's a new defender of the universe – the cybersecurity universe. Women in Comms recently caught up with Edith Santos, director of Global Incident Response for NTT, aka "a defender of the cyber universe," to discuss how NTT equips enterprise customers with the tools to protect their networks from security threats.
Prior to joining NTT, Santos worked in law enforcement for nearly two decades as an investigator on multiple federal task forces and also worked in forensics and network intrusion at the Dallas field office of the US Secret Service.
Santos later applied her cybersecurity skills to leading the global Cyber Forensics Team at Bank of America. For her current efforts on NTT's global cyber threat intelligence network team, Santos received the 2019 Cyber Defense Global Award for the Women in Cybersecurity category from Cyber Defense Magazine.
In this Mentor Spotlight, Santos explains how NTT is addressing the cybersecurity threat landscape in light of COVID-19, how she applies her law enforcement expertise to her current security work at NTT, and why enterprises need buy-in at the top to implement a successful cybersecurity strategy.
Women in Comms: At NTT you're known as "defender of the cyber universe." How did you get that nickname and what does such a defender do?
Edith Santos: I'm not exactly sure who gave me that nickname. But, as we all know, cybercrime has no borders and attackers are located across the globe. As defenders, my team's mission is to assist our clients when they are under attack and help them get back into business as quickly as possible. Right now, for example, we're providing hospitals treating COVID-19 patients with much-needed incident response support at no cost.
WiC: You also used to work as an investigator and on the Dallas Secret Service task force. How do you apply your background in forensics and network intrusion to your work at NTT?
ES: In my previous law enforcement capacity, I was assigned to the USSS Electronic Crimes Task Force, and I can't thank them enough for everything they taught me. The skills I obtained from the task force allowed me to expand my investigative skills focusing on finding evidence located on computers and networks. I am able to leverage my previous experience to support our clients at NTT to recover from cyberattacks.
WiC: You also have experience leading the global Cyber Forensics Team at Bank of America. What are some of the major cybersecurity challenges enterprises are facing today?
ES: The shortage in cybersecurity skills. According to Center for Cyber Safety and Education, the "cybersecurity workforce gap is on pace to hit 1.8 million by 2022." We need to do more, attract people into cybersecurity and teach new skills to those already in our talent pool.
WiC: How can service providers better support their enterprise customers when it comes to cybersecurity?
ES: When it comes to cybersecurity, service providers can help their customers by teaching them. I am a public servant at heart, and for me, my goal is to teach customers how to respond to cyberattacks so they can become self-sufficient and not have to rely on outside assistance.
WiC: What are some of the biggest challenges service providers face in securing their networks?
ES: Based on my experience, customers lack the resources, skills and many times the authority to deploy basic security measures in their networks. The threat landscape is very fluid with a revolving door of new vulnerabilities and new techniques of attacks. There must be support and buy-in at the executive level so that policies and procedures are implemented as a proactive approach to security.
— Kelsey Kusterer Ziser, Senior Editor, Light Reading