Sunday 8 March marked International Women’s Day 2020, a global day celebrating the social, economic, cultural and political achievements of women.
In honor of the event, and to highlight some of the talented, innovative and thought-leading women helping to drive the information security industry forward, Infosecurity sat down with IBM’s senior technical staff member, Elaine Palmer, to discuss her entry into the infosec industry, career regrets and areas in need of change.
Palmer is a cloud and systems security specialist working within the IBM Academy of Technology.
What was your route into the information security industry?
I was recruited by an IBM anti-virus and hardware security research team that needed my expertise in operating systems. To be totally honest, I wasn’t motivated by a particular interest in cybersecurity, but I really liked the team. They were welcoming, egoless experts in their respective fields, they valued my suggestions (even in the job interview) and they were led by a brilliant and supportive manager, Dr Steve White.
What’s your biggest career-related regret?
Some women seem to be masters at balancing their careers and personal lives, but I admit that I still struggle. How can this be, when my dear husband, Dr Charles Palmer (who also works in cybersecurity) and IBM are so supportive in this area? I very much appreciate and take advantage of IBM’s flexible and part-time working hours, the ability to work from home when necessary and dependent care assistance. Even then, conflicts arise. What do you do when you have a long-awaited appointment with an executive to present the work you are passionate about, and 10 minutes before that, the school nurse calls to ask you to pick up your teenager, who is in her office covered with hives?
If you could change one thing about the security industry, what would it be?
I would encourage businesses and governments to use the power of procurement contracts to mandate compliance with standards that assess the security of their systems. While not perfect, certification under an international standard like Common Criteria, for example, requires developers to follow good practices in software development, testing and product lifecycle support.