Amanda Fennell: There's a cyber warrior in all of us [Information] [Career Notes] - CyberWire Daily

Summary5 min read

CyberWire Daily Podcast

Guest: Amanda Fennell, Chief Security Officer & Chief Information Officer, Relativity
Episode: "There's a cyber warrior in all of us"
Date: December 14, 2025
Host: N2K Networks
Series: Career Notes

Episode Overview

This episode features Amanda Fennell sharing her unconventional journey from aspiring archaeologist to leading cybersecurity executive. Amanda reflects on the pivots, lessons, and motivations that drove her from academic ambitions in archaeology to a thriving, impactful career in cyber. Her story highlights resilience, embracing uncertainty, and the belief that everyone has the potential to be a "cyber warrior."

Key Discussion Points & Insights

Early Aspirations & Realizations

Childhood Dreams: Amanda initially aspired to be an archaeologist – “maybe an archaeologist in its own way” as a librarian – and was inspired at age 12 by news of Ramses II’s tomb discovery.
Educational Journey: Driven to break family patterns, Amanda attended college due to financial aid opportunities, excelling academically after a disengaged high school experience.

The Reality Check of Academia

Internship Lessons (01:03–02:52)
- Amanda realized through archaeology internships that “what you think something is in academia is not what it is in real life.”
- Found real-world archaeology “lonely and boring,” not the adventurous career envisioned.
- A grad course at the Smithsonian further illustrated the scarcity of jobs in the field:
  
  “There are 32 of you, and there is one full-time paying job in this industry in the entire country. And I currently am in that role. So none of you are going to be spending $150,000 in student debt to get a job.”
  (~03:20, Amanda quoting her professor)

Discovering & Diving into Cyber

Pivot to Digital Forensics (~03:40–04:30)
- Stumbled into digital forensics, initially intimidated by technology but drawn by its investigative nature:
  
  “I could do the same skill set, but with technology where I am able to take a small piece of something and extrapolate what happened and how to fix it.”
- Industry rapid growth led to “baptism by fire”—opportunities at leading organizations: Guidance Software, Booz Allen Hamilton, Symantec, work with federal agencies.
A Defining Opportunity at Relativity (05:00)
- Amanda received an unexpected job offer:
  
  “I don’t want to sell to you. I want you to work for me... I will let you build the program you’ve always wanted. Here you go.”
- Embraced the chance to lead and innovate, learning the balance between moving fast and slowing down for thoughtful decision-making.

Leadership, Growth, & Personal Philosophy

Adapting to Remote Work (06:15)
- COVID-19 “put it into overdrive” for remote work:
  
  “I come to my desk in my home office, sit here, get through my emails, make sure there’s nothing crazy on fire, and then work on developing and strategy for making sure that we’re just innovating in the security space and doing what we can to make sure that we contribute, making things better.”
Advice & Self-Reflection (07:00–08:30)
- Amanda encourages curiosity, adaptability, and seizing opportunities:
  
  “The only thing that really got me to where I am more than anything is enjoying what I do and being good at it... But curiosity. I think that’s how I came upon a lot of different opportunities.”
- On conflict management:
  
  “Nowadays [my approach] is to stop and breathe and give the other person or party opportunity to speak and listen with open ears... I prefer to do the unexpected — be thoughtful and open to the idea that I could be wrong.”

Inspiring the Next Generation

Legacy & Aspirations (08:20–08:45)
- Amanda hopes her impact goes beyond technology:
  
  “I believe strongly that every person has a little cyber warrior inside of them and can become something really great to contribute back into the security of the world.”
- She aims for her legacy to be inspiring others to “be that cyber warrior and that they look back and think that this was a really great opportunity, that they learned more about security.”

Notable Quotes & Memorable Moments

On Real-World Reality vs. Academic Expectation:

“What you think something is in academia is not what it is in real life.” — Amanda (~01:50)
On Career Pivots:

“So none of you are going to be spending $150,000 in student debt to get a job.” — Smithsonian Professor, as quoted by Amanda (03:20)
On Cybersecurity as Archaeology:

“I could do the same skill set, but with technology... take a small piece of something and extrapolate what happened and how to fix it.” — Amanda (04:10)
On Speed & Leadership:

“It was a slingshot. You pull back... and you take off. And I learned that there are some mistakes and stumbling along the way when you go too fast and learned how to slow down...” — Amanda (05:40)
On the Cyber Warrior Spirit:

“I believe strongly that every person has a little cyber warrior inside of them and can become something really great to contribute back into the security of the world.” — Amanda (08:30)

Timestamps for Key Segments

01:03 — Amanda’s early career aspirations and the reality of archaeology
03:20 — Wake-up call on job prospects in academia
03:40–04:30 — Discovery and entry into digital forensics
05:00 — The opportunity and decision to join Relativity
05:40 — Lessons in leadership, slowing down, and culture shift
06:15 — Navigating remote work and security innovation
07:00 — Reflections on curiosity, learning, and personal growth
08:20–08:45 — Thoughts on legacy and the potential in all of us as cyber warriors

Final Reflection

Amanda Fennell’s story demystifies what it means to build an impactful cybersecurity career — emphasizing adaptability, the courage to pivot, and the conviction that everyone can be a “cyber warrior.” Her message is one of empowerment, humility, and commitment to inspiring others to seize their own opportunities in cyber.

Loading summary

Transcript4 lines

[00:02]
A
You're listening to the Cyberwire Network, powered by N2K.
[00:12]
B
AI is transforming every industry, but it's also creating new risks that traditional frameworks can't keep up with. Assessments today are fragmented, overlapping, and often specific to industries, geographies or regulations. That's why Black kite created the BKGA3AI assessment framework to give cybersecurity and risk teams a unified, evolving standard for measuring AI risk across their own organizations and their vendors. AI use. It's global, research driven, built to evolve with the threat landscape, and free to use because Black Kite is committed to strengthening the entire cybersecurity community. Learn more@blackkite.com.
[01:03]
A
Hello, my name is Amanda Fennell, Chief Security Officer and Chief Information Officer at Relativity. The most common answer when somebody asked me what I wanted to be was typically an archaeologist, but the reality was a librarian, which I feel like is maybe an archaeologist in its own way. I came from a reasonably not well to do family and so like, college was where I was going to either become something different than everything that there had been, or I was going to not go to college and not have any specific direction. So I definitely was very emphatic about getting to college and I went to the college that gave me the most financial aid, essentially because again, aforementioned not any money. And that was quite a journey. And I turned out I actually did really great in college and not great in high school because I was really bored in high school. I knew from the time I was 12 years old sitting in a vet's office and there was a Time magazine that they had just discovered Ramses II's tomb in Egypt. And I said, that's it, that's for me. I was always told, because I loved history and reading, I could just be a lawyer or a teacher. And when I saw that, I said, no, no, no, I could be Indiana Jones, you know, I could do archaeology. Went straight in knowing what I wanted to be and going through archaeology, did it in three years and started working in anthropology and archaeology. The reason I love internships is because I learned a really valuable lesson that what you think something is in academia is not what it is in real life. So starting in archaeology, I realized, wow, you basically live in a hotel and you're very lonely and don't know anyone and you're spending all day in the ground with a little brush and a little trowel. So it's just not at all what you think it is as you're going through all of your academics. And, you know, I tried to keep going in IT and get a master's in it. But it just was really lonely and boring and not what you thought it was. So I decided to start looking for something that had more job security and could use my skills in different ways. I was sitting in a graduate course for Paleo hominid biology and the teacher came in at the Smithsonian and said, look around, there are 32 of you and there is one full time paying job in this industry in the entire country. And I currently am in that role. So none of you are going to be spending $150,000 in student debt to get a job. So I said, I'm going to look for something else. And I stumbled upon at the time, the very early industry of digital forensics. And I dug into it and thought, I don't know anything about computers. I barely got past my intro to computer science courses and everything. It just really wasn't a thing at the time. But as I dug into it, I really loved this and I thought I could do this. I could do the same skill set, but with technology where I am able to take a small piece of something and extrapolate what happened and how to fix it. Once the industry of digital forensics became known, it was just a frenzy of recruiting and really great opportunities. Everyone loved that there was a formal education coming from that industry. So really just baptism by fire. Worked for guidance software. And then Booz, Allen, HAMILTON, all the three letter agencies and everything in the D.C. area learned a lot. Symantec, these were all great names. But eventually you get to a point where you want to implement great security that you have been watching and not controlling for a long time. And so I tried it. And one day I got a phone call from the founder at the time, the CEO. He said, I don't know if you know about Relativity. Said, I do. Of course I know. I'm in investigations. I know about Relativity and Ediscovery. And I said, but I've got like 58 business units. You can't really sell to me. And he said, I don't want to sell to you. I want you to work for me. And you know, it starts like every conversation. It didn't feel like it was going to be the right fit or the right time, but what a compelling idea for somebody to say, I will let you build the program you've always wanted. Here you go. I had to take it. I learned the valuable lesson of what it looks like to move too fast for once. I think a lot of people in our industry, we complain that things go too Slow or that we have to take so much time. But I was finally in an arena where it was a slingshot. You know, you pull back and get ready to go and you take off. And I learned that there are some mistakes and stumbling along the way when you go too fast and learned how to slow down, which was really ironic to come to a startup industry and this really booming thing, but to learn that this was where I slow down and become a lot more thoughtful. So I'm pretty used to being on remote audio dial ins and video calls all the time. But Covid definitely put it into overdrive where now everything transitioned into this remote access capability. So I come to my desk in my home office, sit here, get through my emails, make sure there's nothing crazy on fire, and then work on developing and strategy for making sure that we're just innovating in the security space and doing what we can to make sure that we contribute, making things better. You know, it's hard to feel like you could be an inspiration. It's like you, you just finally one day you realize I can do this and I do my best and I'm giving it everything I have. And so looking back, I wish that probably I had access to technology earlier. I wish that I had been able to learn more about computers earlier on. But the only thing that really got me to where I am more than anything is enjoying what I do and being good at it. Hopefully or great is what I aspire to. But curiosity. I think that's how I came upon a lot of different opportunities. Seizing that opportunity when it showed up. I think that my go to when something really difficult comes at me is nowadays to stop and breathe and give the other person or party or etc opportunity to speak and listen with open ears about this. So often whenever something comes up that's not going your way, it's really quick to put up defenses and attack back or try to prove why you're right or something. I think a lot of times people expect that, but I prefer to do the unexpected. So instead I like to be thoughtful and open to the idea that I could be wrong and to listen very thoughtfully to what what's being put in front of me. I've thought of this before. How to be remembered. I do hope that I left things better than I found them. Not just the security of a product or a company, but I believe strongly that every person has a little cyber warrior inside of them and can become something really great to contribute back into the security of the world. So I just hope that I've inspired some of us and my company hopefully to be that cyber warrior and that they look back and think that this was a really great opportunity, that they learned more about security.
[08:52]
B
Most environments trust far more than they should, and attackers know it. Threat Locker solves that by enforcing default deny at the point of execution. With ThreatLocker allowlisting you stop unknown executables cold. With ring fencing you control how trusted applications behave and with threatlocker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. Its powerful protection that gives CISOs real visibility, real control and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source and regain control over their environments. Schedule your demo@threatlocker.com N2K today.