Blog 1

I’m often asked how it was that I got into Information Security, so here is my story.

I think my mom had a big influence in me. She worked in information systems in IBM since she was very young – first in Germany (where she was born), and later in El Salvador (where my dad was born). I remember seeing pictures of her in congresses all over the world, where she was the only woman. I later found out that this was not that typical for a woman, especially in those times and in this country, where a woman’s traditional role did not include studying, making a career and holding demanding jobs. Instead, the normal path was a life dedicated to care for their families. I guess seeing that since I was very little influenced me quite a bit in not feeling intimidated later when pursuing male-dominated careers and at work or in congresses, when I was the only woman. It is difficult to believe that this continued happening even 40 years later!

My dad also had a huge influence in me. I studied Engineering because he and my brother studied that – and because I loved math and physics in school. While I was studying my Engineering undergrad, I also worked in one of the first ISPs (Internet Service Providers) in the country, in web development. This was a family business my parents built. My mom had this vision of what Internet would be in the future, and to become one of the first and best ISPs in the country. And we actually were one of the first companies to provide Internet connectivity in El Salvador, and I believe one of the best! This was in the very early days of the Internet. So much so that I remember we gave free Internet classes to each of our customers when they contracted our services, teaching them how to use email and how to navigate the Internet. I helped in the business, focusing on website development. I was in charge of the website sales and design, lead the development team, and client support. The whole family devoted their time to the business. My dad and even my brother, who lived in Germany, moved temporarily back to El Salvador to help out. Unfortunately, in El Salvador there was no room for startups to get a part of the Internet business pie. Only big companies ended up taking it all, stepping all over the small ones. I think this is what happened everywhere in the world, but the difference here was that we were victim of some unethical practices and were sabotaged by these big companies, so our company did not grow as we had envisioned. In fact, they almost brought us to bankruptcy and after that after that it has been a struggle to keep the business alive. A very tough experience, but one I learned a lot from, as I was constantly exposed to new technologies. I remember wanting to get more and more into information systems, and reading every book I could find about stuff that looked interesting but I didn’t understand at all. I read them all and eventually I started understanding a little. 

Around the year 2000, I started applying for an MBA. That’s what you did in El Salvador – you got an MBA after your undergrad. Several of my friends did that. In those days, the way one got information about the different universities and programs in the US was via a huge book, that looked like a telephone book, I think the US Embassy or a US organization made available to the public. In this book, all the US universities and programs were listed, ordered by their ranking. I applied to the Wharton School at the University of Pennsylvania, NYU’s Stern School of Business, and American University’s Kogod School of Business. I was able to visit the three schools and got to know the campus of the universities. In Wharton, I even had the opportunity to sit in one of their most famous finance classes with Professor Jeremy Siegel. I was fascinated! He started each class talking about how the stock market was that day. After the class, I went to a Barnes & Noble and got one of his books (Stocks for the Long Run), and sat in the same class again (the afternoon one). Fascinating! Back home, I sent the applications – all printed out and via snail mail, as no uploading on their website was available back then. But, I did not get into Wharton or Stern, which were the programs where I wanted to go. I was accepted into the Kogod program, but I asked for an admission extension, so I could join the program the following year.

While all this was happening, at work I started noticing that the topics I enjoyed the most were related to security, even though the customers I worked with were not giving this topic much attention. This was early 2000s, and Information Security was not really a thing – at least not around me. So, when I was selecting which master’s program to apply next, I changed from an MBA to Information Security – a very uncommon choice, compared to the more normal path of getting an MBA. I did some research and found that it was in the US where the most solid Information Security programs were offered. I remember finding one in Europe – I think it was in Paris – that was somewhat attractive, but it did not look as mature as the US ones.

During those days, I had a brake up with my then boyfriend of seven years and was a bit down. It was around my birthday and a good friend of mine invited me to go with him to Pittsburgh, where he was doing his masters, to spend my birthday there and clear my mind. I went, and one day visited the university where he was studying. It was Carnegie Mellon University. CMU is on of the – if not the – university with the best computer science and information systems programs in the world! That day, my friend casually introduced me to Ann English, the Director of the Admissions office of the Heinz School at CMU at that time, and we started talking about what I did and my plans for further study. She then told me that their admission was still open for two weeks or so, and encouraged me to apply. She gave me a bunch of brochures for the different programs and when I read all the material I found out that they offered a specialization in Information Security! So, when I got back home I had about one week to apply and I did. I applied to their Master of Information Systems Management program with specialization in Information Security. When a few months later I got their acceptance letter, I couldn’t believe it! This was the best place to study this! CMU partnered with the Software Engineering Institute (SEI), which was home of CERT (Computer Emergency Response Team) – the first CERT in history in the world!  

When my brother heard about this, he said that I was going there, no matter what! He immediately started getting a credit to finance my masters. I’m forever thankful for this. I was applying in parallel to a local scholarship, and I got it, so I was able to fund my masters without my brother’s help. It was happening! I was going! This was going to be quite a ride!

To be continued in Part 2…

---