Sep 11, 2024

Save article Crystal Morin discusses combining a love for cyber intelligence with her determination to make a genuine difference in the world. Before she was a cybersecurity strategist at cloud security platform Sysdig, Crystal Morin was a university student studying forensic science, with a burning desire to make the world a safer place to live in. Aptitude tests indicated that she should consider military careers that prioritised analysis and intellect. This, coupled with a wish to be deployed where she could serve the greater good, led her to become an Arabic cryptologic language analyst. For the next couple of years, including post-service, Morin worked as a defence contractor, on counter-threat finance, counterterrorism and cyberterrorism projects. “I was making a difference and it felt good,” she told SiliconRepublic.com. In 2021 she endeavoured to teach others how to recognise cyber threat actors, moving from a career that previously focused on preventing terrorism, to one that encompassed all cybercriminals. On logs and using SIEM (security information and event management), she continued to do online what she had already been doing in the real world, threat hunting. “I’ve always kept an eye out to see what organisations are hiring for and what kind of qualifications they need. This is how I came across an opening on Sysdig’s threat research team and for me, the appeal was in the name. I could continue finding bad guys but I’d learn how to do it in cloud environments.” “When I started, it was hard, it’s still hard, but I was able to contribute my passion, dedication and inquisitive nature to the analysis of honeypot data and novel cloud threat reporting,” stated Morin. For the past year, since moving to Sysdig’s office of cybersecurity strategy, she explained despite the challenges, a passion for security and her ambition to make the world a safer place, have made it a fulfilling journey. Jump in and be ready to learn Morin credits much of her happiness within the role to the ever-changing nature of her chosen career path, stating that within cybersecurity and threat hunting, she is thankful that each day brings something new. “There are an endless number of projects I can contribute to, research to conduct, articles to write, and interesting people to talk to. Cybersecurity itself is a fluid career field where there is always something new to learn, analyse and understand. Every day, I have a plethora of these things to work on.” She explained, the contributions she has made to the greater good, by identifying cybercriminals, removing their access to funding, tools and assets and then sharing with others within the industry the knowledge they need to detect threat actors, is a source of constant personal and professional fulfilment. When asked about the prediction that by 2025 more than half of significant cyber security incidents will be driven by a lack of skill and human oversight, Morin noted it would be a shame if a deficit of talent were responsible for decreased safety. Talent, “can be discovered and taught, just like it was for me. I don’t think we have any shortage of intelligent and capable people looking to break into the cybersecurity industry.” “Human oversight or error will always be the greatest detriment to security. People make mistakes, but everyone needs to be proactive and cyber aware these days. It cannot fall solely on the shoulders of security professionals any longer.” According to Morin, it is frequently those who are the furthest from security that are targeted in social engineering campaigns. “Security personnel, or those who work for security companies, are typically terrible targets because they see and hear the horrors all the time, they’re hyper-sceptical and they doubt everything.” Fostering the next generation of cyber warriors For Morin, an original outlook, unique skillset and an in-depth understanding of the industry have been key to her success. “I bring a different perspective to this field because I know intimately how bad guys operate and I can analyse and assess threats and provide context.” Skills, different points of view and industry-based learning can be cultivated along the way, but for Morin, the next generation of cyber experts, who have passion, drive and the desire to be a part of the wider cyber landscape, are the ones who bring immense value to the sector. By working together, cyber professionals, old and new, are powerful, she stated. She would encourage people from all walks of life to educate themselves on the basics and get involved in the protective element of cybersecurity at an early age, as even her young children are aware of threat actors on the internet and the importance of taking security precautions. “Every aspect of our lives in this digital age relies on a supply chain that includes software and applications. Unless we take major steps back toward a pre-industrial revolution way of life, the digital world and cybersecurity will continue to play a major role well into our future,” she said. Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief , Silicon Republic’s digest of need-to-know sci-tech news.