Over the last decade, I have worked in cybersecurity and cyber threat intelligence for a variety of organizations, both private and public, in the United States and abroad, and ranging from Fortune 50 to “mom and pop shops.” In this time, I have seen the landscape drastically evolve, and become much more tied to a broader community. In Washington, D.C., specifically, cybersecurity and the tech community are more intertwined than ever.

Defining cybersecurity

The term cybersecurity is pretty broad, and it’s often used in sensational and scary ways. Each type of business and industry face their own unique threats, but I view cybersecurity as the protection of electronic data and the means through which it is transferred. That electronic data can be anything, from personally identifiable information like social security numbers, credit card payment information, an organization’s intellectual property or control of automated systems, or a government’s state secrets. Cybersecurity exists to support companies or government organizations in executing their mission securely and privately. The greater D.C. region’s proximity to so many government organizations makes it a perfect location for the innovators trying to solve cybersecurity challenges.

Why cybersecurity is everyone’s problem

Cybersecurity is a shared responsibility. Users (everyday people, not security experts) should be able to trust those they provide their information to, but users must also be cautious about what data they share and be educated about how it is or could be used. Time and time again, we hear people say, “Oh, I don’t have to worry; I don’t have anything worth stealing.” This couldn’t be further from the truth. In the wrong hands, even seemingly minuscule data points about a person’s daily life could put them at risk.

Our lives have become digital and borderless, and with this growing convenience comes risk. Every cent pilfered and every password stolen has a value, so it’s imperative to follow basic cyber hygiene to prevent your personal information from being collected and used against you. Note that it’s not enough to just change your password or buy credit services to protect yourself after a breach. Given the ease with which it’s possible to purchase these services, it’s easy to have a false sense of security. The bad people stealing our information are doing so at computer speed, with unprecedented economic resources. As a result, your information can be gone before you are even notified that your password has been compromised.

Cybersecurity and #dctech

The #dctech community is uniquely poised to call on some of the brightest, most experienced security minds in the world. Cybersecurity may be new, in a sense, but the concepts are not. The professionals in this community have been creatively solving hard technology problems for a long time, and the evidence that it will have an impact on the broader cybersecurity community is obvious in the burgeoning commercial tech industry in the area. It is also important to acknowledge that a large part of the D.C. tech community works for or with the U.S. government, making them ripe targets for adversaries. This means that cybersecurity is even more critical for the D.C. community than for most individuals or companies out there.

Day-to-day cybersecurity recommendations

Especially as part of a potentially targeted group, the D.C. tech community should be actively thinking about their cyber hygiene. Here’s a few tips:

• Use a password manager and unique passwords for every account.
• Don’t open emails from people you don’t know.
• Be extremely cautious about the information posted on social media – nothing can ever truly be erased, and this information is mined for all kinds of nefarious reasons.
• Pay attention to where you use credit cards and digital payment methods.
• Enable two-factor or multi-factor authentication (where you need a password and a separate token) for any account that will allow it. This greatly reduces the chances someone can gain unauthorized access to your information.

Startups to watch

With cybersecurity becoming a prominent sector in the world of startups, the #dctech community should have a few of these companies on their radar.

I am a big fan of Endgame, a company that offers an endpoint protection platform for enterprise, because the more competition in the endpoint space, the better the industry is.

Wirewheel, provider of a software-as-a-service solution that supports all phases of a global privacy management and compliance programs, is an interesting one, too, because I see data privacy as probably one of the most defining issues of our times.

Finally, Thresher, a company that provides a platform for data scientists to label training data to teach and tune machine-learning models, is really interesting to me. Maybe because it’s outside my comfort zone of understanding and capability, but also because I think machine learning needs a lot of nurturing and care to be implemented properly. Plus, it’s a woman-run tech company (a cofounder in this case), and Rebecca Fair deserves the recognition for building a strong company on the cutting edge.