A (0:02)

You're listening to the Cyberwire network, powered by N2K.

B (0:09)

AI agents are now reading sensitive data, executing actions and making decisions across our environments. But are we managing their access safely? Join Dave Bittner and Barak Shalef from Oasis Security on on Wednesday, December 3rd at 1pm Eastern for a live discussion on agentic access management and how to secure non human identities without slowing. Innovation can't make it live. Register now to get on demand access after the event, visit events.thecyberwire.com that's events with an s.thecyberwire.com to save your spot.

C (1:00)

Most environments trust far more than they should, and attackers know it. Threat Locker solves that by enforcing default deny at the point of execution. With Threat Locker allow listing, you stop unknown executables cold. With ring Fencing you control how trusted applications behave. And with Threat Locker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control, and real peace of mind. Threat Locker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source, and regain control over their environments. Schedule your demo@threatlocker.com N2K today.

A (2:10)

Hello, my name is Danielle Jablansky and I'm an operational technology cybersecurity strategist with Nozomi Networks. I was kind of pushed into the lawyer path when I was younger. I think I was around 7 years old, I made a PowerPoint because my mom told me I couldn't go to a friend's house. And then I articulated and argued why I should be able to go. And she said, you know, I really can't argue with that. And I was able to go. And then they pushed me kind of the law path, and I had actually gone into my program with credits from a local school while I was in high school. So I was 18 credit hours ahead. And to graduate early I could just study abroad. I ended up going to Rwanda to study genocide, and that just kind of widened my aperture to the rest of the world. And at that point doing law for a single county in a state didn't seem like it had enough of an international perspective, even though I had really good internships and different experiences doing that. I worked for a local prosecutor's office. I was a victim specialist advocate at the time, but Studying that global crisis and international law around genocide, which is not a fun topic, really made me want to pursue international relations. So I graduated early from undergrad after I came back from Rwanda. I graduated in December, the month before I turned 21. So I was only 20 years old. And I started to apply to grad schools. And I identified maybe three programs in the US that were kind of peace studies based, but had a human rights aspect. And that's what brought me to the University of Denver. So I started out as a human rights student in grad school and the degree director of this international security program came to me after a couple conversations and get to know you discussions and said, you're actually a security student. And I was like, what do you mean? And he was like, talk to me about maybe your thesis or the things you did in Rwanda and what you studied. And we came to the consensus that my draw was always conditions of a state that would lead to international crisis or that would allow for civil conflict to occur. So I mentioned going into Middle east studies. And so I got a certification basically specializing in that because those were the only classes that were open when I jumped from human rights to security. But I also needed a language and I didn't have one and I needed one to graduate. So I just decided to learn Arabic. And I learned that in about a year and three months and tested out. I found some funding to go abroad and live in Jordan. And so that's how I was able to tie in some of the civil conflict and the language study to get the funding to go and study abroad. And when I came out of that, I was so burnt out, I just, I took on too much. And so I applied to very few basically within networks that I knew. And I ended up getting a job at the Stanley foundation in Iowa, which is now the Stanley center for Peace and Security. And that's where I found cyber and picked up the jargon and started learning the lay of the land. And it really drew me away from nuclear policy and into cyber. So that's the critical connection for me was that first job in nuclear. Cyber to me was so fresh and all of the theoretical frameworks that we know to be true. And the more I moved into cybersecurity, the more I realized there's actually more day to day decisions and impacts unfolding in the marketplace that we don't even think about in academia. So it just drew me in further and further and further after I kind of learned the jargon and the lingo and then kind of scoped out the market. And then I continued to tie those together, back to this international process of norms and definitions. And it's all still really unknown. So it's unchartered territory. And that was exciting for me in my career. So I went from the Stanley center to Stanford. The Stanford Cyber Policy center was born out of a program at another institution there known as csac. So I got to work with a lot of the true groundbreaking nuclear policy experts. But at the end of the day, I was missing the boom, right? And so it came to my attention that my career path from there would be basically get a PhD, come back and teach, or go anywhere and teach about these issues, or go to dc, work on the Hill. And I didn't really like either of those options. And so I kind of took a chance and walked away. Didn't use any networking or connections to get a job. I became an analyst for a year, and then I kind of weaseled my way into the OT and ICS world, which I actually joke with people now is me coming home because nuclear weapons, cybersecurity is operational technology. We just don't call it that because it's a weapons system. So I joke that it's actually a homecoming now that I've gotten back to industrial control systems and that, you know, big boom kind of world. When I was early in my career, somebody always told me that you might not be able to tell everyone what's next, exactly where you want to go and why, but you should be able to look back and tell the story. Actually, when I was taking my last job, my old boss said to me, danielle, you're not motivated by prestige. And I was like, wow, that, like, I just needed somebody to tell me that to make that thread understandable. Looking back, I've always been motivated by impacts. So even before I did human rights work, I was a youth care specialist and I worked with foster children in transitional living. And it was always focused on, you know, there's no glory for doing things alone. It was always like this group think, how can we make the world a better place? And that's the thread that runs through my whole career history, which is focusing on human rights, focusing on state centric, you know, circumstances that lead to catastrophic risks. Right. And then that translates into my world in cybersecurity as well. So it was always, wow, I want to make an impact, but I don't want that impact to have my name on it. I want it to be something worthwhile. And that stands, I would say that it's okay to spend a number of years figuring out what you don't like doing, rather than always feeling like you have to know exactly what you want, right? Because there are so many cybersecurity careers, nuances and specialties that you can only get to by starting kind of like three layers out if you're building out this target map. You know, when I was coming from international relations, everyone I knew wanted to be a foreign service officer. And I was like, statistically that's impossible, but let's play it out, right? If this is your target, how do you get there? You build out this target map. And so you build out that kind of target right where you want to be. And understand that getting to that point might mean doing things you don't enjoy for a number of years. But figuring that out is another way to get to that target without having, like a clear bullseye and other people like me. My grad director coming out said, you'll be successful at anything you do. And I was like, I just paid you for a degree to tell me exactly what I need to be doing. And we actually just met up not that long ago and joked about this because he was like, I was right. And I was like, you were right. But. But you have to figure that out for yourself and spend time understanding what you don't like doing. What I didn't like doing in my career, and I won't say where, because it happened kind of frequently, was we would have existential conversations about really big problems. For me, I really needed to drill in and say, well, where can we then create solutions, create impact, create a moment for people to care about things that have real world impact. And so that's really what led me to where I am now, which is basically my dream job.