By Vishal Gupta
Technology and our personal values have always been closely intertwined. Whether it’s Uber upending the taxi business, drones being used for government surveillance, or artificial intelligence stealing jobs from humans, every debate about innovation boils down to a question about which principles we hold in the highest esteem.
This fact became especially apparent to me as I started my career in cybersecurity. On its most basic level, InfoSec boils down to good vs. evil: the bad guys (cyberciminals) try to inflict harm on the good guys (everyone else). Some may view this as an overly simplified analogy, but it also illustrates why cybersecurity, at its core, is about abstract principles and values.
When I first entered the industry, my work in the financial services sector quickly taught me that empathy is a critical factor for enjoying a career in cybersecurity. It is far easier to enjoy coming into the office when you see yourself as protecting people’s lives, not just a set of 0s and 1s.
In almost every situation, it is much more impactful when you can put a face to the name, as opposed to looking at a spreadsheet full of personal information. When I realized this, I began thinking in terms of who I needed to protect, not what. If our software was being used to protect credit card data, in my mind we were protecting the individual’s financial position – which could determine whether or not they received a loan to purchase a home. This may seem trivial, but understanding the real world implications of what we do goes a long way when trying to make it through a hectic day.
The second principle that I’ve grounded my career in is that everyone deserves privacy. This may seem obvious today, but in the early days of information security no one would have anticipated the amount of pressure governments would exert on the private sector when it comes to handling user data. And of course, a successful cyber attack potentially destroys any hopes for privacy.
Protecting privacy as a principle comes with its obvious challenges and two primary opponents: those who are willing to accept certain trade-offs for perceived benefits and those who don’t take the steps necessary to protect it.
I had a run in with the latter in the early 2000s, when I was going through the process of renewing my car insurance. Before I even had a chance to shop around, I began receiving calls from “overly informed” sales representatives at competing insurers.
The sales folks knew all of my information, including the make and model of my car, as well how much I was paying per month. While none of these details were incriminating or highly sensitive, they were personal. It was my information, and someone in the security chain failed to adequately protect it. In the end, I went with a different insurer, but I never forgot how it felt to be on the receiving end of an intrusion of privacy.
But in my opinion, in order to have a rewarding career in InfoSec, I believe it’s essential to find a greater purpose in your work by thinking about the implications of ensuring that the financial lives of our customers’ customers are well protected so they can purchase their first home, send their children to college, or enjoy their retirements comfortably.
About Vishal Gupta
As CEO and founder of Seclore, Vishal Gupta has lead Seclore from a niche Indian start-up to a global player in the Enterprise Digital Rights Management (EDRM) space, with more than 10 million users from 8,000 companies in 29 countries using the solution every day.