Invited speaker and Security expert Yesenia Yser recently took time out of her busy day to interview with PNSQC, and we know you'll enjoy all she shared! Remember that you can still sign up for October's conference and hear her talk entitled "Supply Chain Security: Threats, Defenses and How We Can Help."
Interviewer: You have a master's degree in digital forensics. Can you describe the field in a nutshell, and what drew you to pursuing this degree?
Yesenia Yser: Digital forensics is the digital practice of forensics, instead of a physical body or biometric, it is focused on digital data such as network, mobile devices. According to NIST, “Digital forensics is the field of forensic science that is concerned with retrieving, storing and analyzing electronic data that can be useful in criminal investigations.”
In high school, I was obsessed with the TV show, NCIS and their gothic forensics scientist, Abbey. She did a mixture of digital and criminal forensics. I was also so fascinated with this area of security work. When I was looking into my degree, I wanted to focus on cyber security, but there was no degree path with this focus outside of the Master’s degree at UCF. I focused my education on accomplishing this degree.
Interviewer: How are Quality and Security related from your perspective?
YY: Despite popular belief, security and quality are very similar. While security focuses on three top goals: Confidentiality, Integrity, and Availability; Quality ensures availability and expected functionality.
Interviewer: Without sharing any spoilers from your talk, are there any evolving security vulnerabilities that keep you up at night?
YY: Threats and breaches are documented daily. There isn't specifically one, but developing security conscious engineers is one thing I’m passionate about.
Interviewer: Your abstract mentions the balance between Security and Innovation. Are the two always at odds, or can they work together?
YY: Engineers do not like security. Our work is impactful to timelines and innovation if done in a mandatory, policing enforcement way. The old mentality is that security is disturbing to the innovation and engineering process, but I'd argue differently. The old mentality has led to financial and personal loss for companies and the people affected. Now that technology is emerging into more of our daily lives, such as our cars, airplanes, mobile devices, working together to balance security and innovation will save lives.
YY: Time management and breaking down tasks into smaller pieces. I can have trouble focusing for too long of a period, so I’ll time box activity to at most 20 minutes. This all depends on my mental capacity that day or that hour. In the mornings, I determine my top 3 priorities for the day, break those into smaller tasks (5, 10, 15, 20 min), then use a digital calendar to dedicate time to them. I’d also take into consideration everything else I have in the day and where I may be mentally.
Interviewer: What tools or methodologies are you using most now, and why are they valuable?
YY: Similar to the earlier question, but adding on that I plan my week on Sunday. Taking my 3 high level goals for myself (things that’d take more than 20 minutes), and allocate days for them. This way I don't have to think too hard in the morning on what my top 3 goals are, but rather do these goals still align, where am I at with them, and have I completed them– potentially bringing in another goal for the day.
Interviewer: What is the number one piece of advice you'd give your younger self professionally, or anyone just starting their career in Quality?
YY: Two pieces of advice I'd give my younger self is a) You’re going to fail, break things, and that’s okay and b) To find balance in your life. Don't focus all your attention on work, ignoring spirituality, health, and family, but find a structure or way to enjoy the most of it while you can. If you take longer to get your degree or get promoted, it’s okay as long as you’re happy.