This post is based on an interview with Ms. Cameron Forbes Over. It is part of our series of interviews of OODA Network members. Our objective with these interviews is to provide actionable information of interest to the community, including insights that can help with your own career progression. We also really like highlighting some of the great people that make our continued research and reporting possible.  For the full series see: OODA Expert Network Bio Series.

 Career Progression: As the daughter of a US Army Signal Battalion officer, Cameron moved many times and spent much of her childhood overseas before high school.  Despite being an introvert, she learned how to make friends quickly.  From an early age, her mother drove one message home: “Learn how to depend on yourself and chart your own course.” Cameron quickly discovered that she could accomplish what she set out to do – if she leaned in and put her mind to it!

While still in high school, she landed a summer internship at the Defense Information Systems Agency (DISA) and obtained her first security clearance as a GS-02. What could have been a boring summer answering phones got much more interesting when a branch chief offered her the chance to learn some simple Windows DOS Commands. Facing imminent boredom otherwise, she willingly learned how to use a few simple commands, and resolved close to 300,000 IP addresses that summer. She learned how those addresses mapped to the ATM Backbone, and was exposed to early network architecture. While not clear at the time, this started her long career in information security.

Cameron got a degree in Computer Science from the University of Mary Washington. DISA tried to scoop her up when she graduated, but she wanted to try her skills in the commercial sector.  She continued to support the Warfighter Mission through work with Electronic Data Systems (EDS).  Between her technical skills and her intimate knowledge of the DISN from her work with DISA, Cameron found herself working on increasingly complex missions with DISA Field Security Operations (FSO). She travelled the world performing tests and evaluations of DNS Servers, Unix and Linux variants, and Cross Domain Guards. She identified risks, cracked passwords, and briefed senior federal officials through communicating risk assessment results and security findings. She was on the road about 90% of the time.   “All labs look the same from the inside.  I was traveling to some great places, but not really seeing much! I wanted to find a job where I could take a more holistic view of the problem sets.” Cameron says.

For her next challenge, Cameron signed on with Booz Allen Hamilton to work across a number of clients within the federal domain, building and owning a significant portfolio of business over her tenure of a decade with the firm. One of those roles lasted several years, where she assumed the responsibility as the ISSO of the DoD Teleport Program.  She enjoyed working closely with the people and the equipment that kept this critical infrastructure operational 24X7X365.   She particularly enjoyed helping her clients prepare for critical COMMS missions and remediating issues that were identified in the tests she performed.  The travel and work schedule were grueling, but the satisfaction she derived by being part of the solution was up-lifting. Above all else, she enjoyed the team members that worked tirelessly to support client challenges.

One Saturday, as she was pounding away on her computer, preparing for her next work trip, her husband and young children returned from an afternoon at the playground.  She later found her daughter crying in the hallway, and when asked what was wrong, she shared: “All my friends have mommies but me!”.  (OUCH!!) Shortly after that she got a call from a recruiter asking if she would be interested in changing jobs.  CrossCountry Consulting  offered her a position at EXACTLY the right time. They were looking for a leader to build a new service line from the ground up.  She jumped at it.  She loves the work she currently does and especially the great people she gets to work with every day.

Over the last four years, Cameron has built a thriving cybersecurity and privacy practice focused on the commercial sector. They support leading organizations in financial services, technology, healthcare, critical infrastructure, and other industries with services including strategy and transformation, cloud security, privacy and data protection, threat intelligence and attack simulation.

Surprises:  Cameron recalls “I always felt that I was good at what I did, but still could be sucked into the “imposter syndrome”: the feeling I’m not good enough. I can usually see past it.  But sometimes I’m surprised by my own success and how lucky I am to have a career that I really love.”

Advice for Decision Makers: Cameron advises leaders to “Share your mission and vision with the entire team.  Be transparent so they understand how much their contributions mean to the mission. Allow them to innovate and own their ideas to build a high performing team.” 

Risks in the Near Future:  One thing that concerns Cameron is the growing disconnect between security professionals and the senior leaders.  “If executives don’t clearly understand the risk, he/she won’t make the right investments to translate it into action. We have to jointly create a common language to build an effective communication bridge.”   

Technology of Interest:    Cameron is excited about automated penetration testing platforms, like SCYTHE .  Putting this capability into the hands of skilled penetration testers is extremely useful, and a force multiplier.

Views on Thought Leaders:   Cameron was mentored by John Wilson at DoD Teleport.  She learned “Always come with a solution.  Don’t ever just bring me a problem!”

Quick Hits:

• Book Recommendation: The Cult of the Dead Cow by Joseph Menn.
• Favorite piece of content on OODAloop: Special articles such as the one recently done on Quantum Computing by Bob Gourley.
• LinkedIn: https://www.linkedin.com/in/cameron-forbes-over-239780/