I started out as an electrical engineer. I was doing space communications, satellite communications, long-distance, and telco.
Shortly before graduation, one of the major employers where I was living at the time suddenly laid off hundreds of people with qualifications that were significantly more advanced than what I had, which forced me to pivot. I went from the electrical engineering world to software.
One of the first companies that I worked for in the software world was in the business of putting control systems for heavy industries—oil refineries, manufacturing plants, food processors. At the time, that software had a critical challenge as well as a critical opportunity. Most of those plants were doing control systems that were largely based off relays—ladder logic.
When software came in, and software-defined things came into that world, there was great concern about the electrical impulses that would be associated with creating an environmental challenge—explosions, systems not turning off when they’re supposed to, and an overflow situation.
My first cybersecurity task was that if I didn’t get the code right and couldn’t prove that the code did what it was supposed to do, then bad things will happen. I was co-author of A Rootkit for Good, doing some deep certificate work all the way into owning product security.