The finalists for WashingtonExec’s Pinnacle Awards were announced Oct. 8, and we’ll be highlighting some of them until the event takes place virtually Nov. 12.
Next up is Cybersecurity Industry Executive of the Year (Public Company) finalist Alicia Lynch, who’s chief information security officer at Science Applications International Corp. Here, she talks key achievements, shaping new leadership and career advice.
What key achievements did you have in 2019/2020?
In the past year, my team completed two high-confidence assessments by U.S. government and achieved Defense Industrial Base Cybersecurity Assessment Center compliance with Defense Federal Acquisition Regulation Supplement 252.204-7012, passing with a perfect score. (The DIBCAC was established by the Defense Contract Management Agency to ensure contractor compliance in safeguarding information about the weapons, equipment and systems they build.)
We have stood up a Cyber Threat Intelligence & Integration Center that is maturing SAIC’s capabilities to fuse the data we collect from a multitude of threat sources to focus us on discovering and prioritizing the most likely potential threat vectors.
What has made you successful in your current role?
Building and training a team of highly trained, certified and operationally high-performing leaders who can execute on strategy, and empowering them to lead/mentor their direct teams.
Continuous education of the cyber workforce, especially since the cybersecurity landscape is constantly evolving. Examples of things we are currently training toward include zero trust, threat-informed defense, security orchestration, automation and response, among many others.
Being successful in cybersecurity requires an adaptive team, and the key to that is education.
What are you most proud of having been a part of in your current organization?
Most recently, I’d have to point back to our DIBCAC assessment. It was a major undertaking that involved many teams across the company collaborating to ensure we had properly architected and employed tools to protect our customers data.
What are your primary focus areas going forward, and why are those so important to the future of the nation?
There are several areas we are exploring for maturity over the next year. As noted in the education question, we are well underway in implementing the zero trust model across the layers in our environment. With our CTIIC, we have matured our threat intelligence, alignment with MITRE ATT&CK framework, and threat-informed defense capabilities.
We are also looking to evolve our incident response by implementing the 1/10/60 model for incident identification and response. (The 1/10/60 rule recommends 1 minute to detect a cyberattack, 10 minutes to investigate it and 60 minutes to remediate.)
How do you help shape the next generation of government leaders/industry leaders?
Mentorship is key. I have built a strong leadership team who actively participates in furthering their technical education and mentoring and educating their direct reports to ensure we maintain a world class team. Also, we have identified junior personnel who exhibit the ability to become great leaders and have started immersing them in training and opportunities.
We’ve also rolled out a yearly scholarship program at SAIC in partnership with the International Information System Security Certification Consortium that provides veterans with educational/certification opportunities in cybersecurity.
We also participate in many forums outside the company to help influence the next great ideas and leaders, such as the National Defense Information Sharing and Analysis Center, the Center for Strategic and International Studies and Northern Virginia Technology Council.
What’s your best career advice for those who want to follow in your footsteps?
Always strive to be the best at what you are doing right now. Be technically proficient, really understand your craft. People you work with will recognize that and you can become an influencer and go-to person in your area of expertise.
Also, lay out a personal plan on where you want to be in 2, 5 and 10 years, and always stay focused on your goal. Push yourself to leave jobs you are comfortable in and get one at the next level.