Episode #133

Advancing Cybersecurity with CAMI

With Tasha Cornish
Executive Director at Cybersecurity Association of Maryland
April 18, 2022

Scott sits down with Tasha Cornish, Executive Director for the Cybersecurity Association of Maryland, Inc (CAMI). Tasha discusses CAMI’s mission, recent trends in cybersecurity, and more.

Check out the transcript below and listen along with the embed, Spotify, Apple Podcasts, or your favorite podcast app.

Transcript

Introduction

Scott Pruim: Yeah. All right. Welcome to The Helpdesk. We’re very excited to have Tasha Cornish with us. She is the Executive Director for the Cybersecurity Association of Maryland, Inc. Which makes the “I” in CAMI, I’m assuming. So thank you for coming back on. I appreciate it. We –

Tasha Cornish: Absolutely.

Scott Pruim: – recorded a show back in September that due to on our side, got pushed back.

Very thankful that you can come back on and talk and we’re looking forward to hearing from you. So I guess the easiest way to start well, even before I get into the questions we like to throw some zingers at people, but one of the other hosts, our VP of Sales, like the ask that people are Apple or Android users, which, I like this question and I don’t know how you can answer it if you want, but then I’ll just throw a random one out there about what your plans are for the weekend, what you’re getting into, because I know you have a tiny little dog that you love. So if he’s involved, feel free to let us know, we go to town on either of those.

Tasha Cornish: There you go. Well, the first one’s pretty easy. I’m an Android user. I don’t use anything else in the Apple ecosystem. So figured my phone might as well just be an Android. And I don’t have a lot going on this weekend specifically. We do like to take our dog.

We have a one, almost one year old Shiba Inu puppy. So we like to take him to dog parks and other socialization things. We are also always renovating our 140 year old row house here in historic Baltimore. So I’m sure there’ll be something involved with a hardware store and painting.

Scott Pruim: What percentage of being actually completed is the row house, you think?

Tasha Cornish: You know, I think it’s going to be one of those, it never ends. It just keeps getting renovated. And my husband is one of those people, just going to optimize the house until we sell it.

What is CAMI

Scott Pruim: Perfect. Perfect. Okay. So I mentioned CAMI when we first started, but why don’t you let us know what CAMI is, why it exists and more specifically what you do internally with CAMI?

Tasha Cornish: Yeah. So I’m the Executive Director of CAMI. I’ve been here since about February of last year. So just came up on my one-year anniversary and we are really leading the advancement of cybersecurity through collaboration and advocacy. And we do that through our three pillars that we care very much about.

First is business growth and innovation. We know that cyber companies are looking for ways to grow constantly, their customer base, their operations, their marketing, their storytelling, all of those great things. So we wrap services around that to provide our companies with what they need to grow and thrive.

We also are very into cyber resilience. So it’s a little bit of a hot topic right now, but certainly people are getting thrown information from every which direction, that information doesn’t always come with actionable resources. So we really prioritize actionable specific education and resources that really help people start to build a culture of cyber resilience.

And we’re really focused on the government contracting space, of course, small, medium sized businesses, which we know are constant threats and constantly underfunded. And also state and local government, which experience very similar challenges.

And in line with that cybersecurity talent is really our last leg of the stool that we’re really interested in. There are lots of great programs out here trying to solve this 500,000 person challenge countrywide. So we, we see ourselves really bringing those resources together, making sure that training is fitting with industry needs and equipping industry with the different things they need to build a secure, diverse, and skilled pipeline.

So I was going to ask, and you hit on a little bit of it. That last thing you mentioned, as far as the trainings, what do you all specifically do? Or how does that get done?

So our big goal right now is just to aggregate and assemble all of the things that exist for training. So there are wonderful resources here, nationally, online, really just kind of aggregating all of those. And, you know, one of the things we hear in the labor market is that people don’t have the experience that industry is looking for.

So one of our goals to create these on-ramps within an industry for people who have gotten their training. How do you now gain that experience and how do you get that on the job training that you still need when you’re starting your career?

Scott Pruim: Interesting. I know that we run into that quite a bit, we’re always growing and finding talent and it’s tough.

Just building off of that. How’s CAMI building the community across cybersecurity in that ecosystem? What else are you doing?

Building a cybersecurity community

Tasha Cornish: Yeah. So that’s a great question. One of the things, so CAMI really started as an association for cyber companies based here in Maryland. And since then, that’s certainly core to our mission still, through our center on business growth and innovation. But we also recognize that there’s power in bringing together people across the ecosystem.

So that could be a company that views cyber as a strategic business issue. So we mentioned government contracting earlier. A lot of them don’t consider themselves to be cyber companies. But they certainly see the value in being a part of our association because they can be in those conversations and be on the cutting edge of what is coming through for cyber.

Additionally, we have cybersecurity teams that are in finance and utilities and really just bringing together, you know, regardless of your role to have these conversations. Stressful sales pressure-y way to learn from each other and grow. That also includes as mentioned our training partners, academia, students. We have a new student membership and we’re really trying to bring people into the fold early so we can share some of these great resources with them.

Scott Pruim: Interesting. So in terms of what’s going on in the world, what’s been the hot, the hot topic. For this first quarter, of the year into the second quarter?

Hot topics in the cybersecurity world

Tasha Cornish: Yeah. You know, we would be remiss not to mention the geo-political climate and how, certainly it’s always interesting in the world of cyber, because we’ve been saying these things for years, but, you know, now it’s getting some national attention.

So just being sure that people know about the resources that CAMI offers. For example, we have a cyber swap line that small businesses in Maryland, and actually beyond, could call if they suspect a breach that kind of helps walk them through that process of reporting and containing and recovery and all that good stuff.

Obviously we do support and uplift the messages of CISA and other agencies, but we always like to remind people that we have some local solutions right here as well, that can help them. Yeah. So that’s been a big focus of ours constantly ransomware and incidents.

We’re also very focused moving into the second quarter on application security and just looking down the supply chain and how that’s, you know ,so frequently an attack vector, because once people get in your software. Crypto jacking. There are so many kind of these things that we are we’re thinking about, but I would say going back to the basics of application security and patch management and, cyber, there’s all these exciting new technologies, part of that is our focus.

But the other part is just getting the tried and true into the hands of as many people as we can.

Scott Pruim: I think you’ve probably hit on a few of these things that kind of answer the question, but what currently excites you about the industry or at least gets your blood pumping and gets you out of bed every day.

Tasha Cornish: Yeah. So for me, I think that cybersecurity talent is really where we’re at.

We can build AI and machine learning solutions to help mitigate some of that. But unless you have folks who are trained to do this work. It’s going to be a severe limitation for our national security on a large scale and, just business growth on a more micro level. So that’s really, I wake up and we know that there are many enthusiastic students going through training and there are many companies that need talent.

So I think that’s the thing that really gets me going in the morning is figuring out how can we do our part to solve that.

Scott Pruim: That’s perfect. What can we do? And we, as a, as an IT community do to help CAMI to help you, and then also feel free to throw your website out there, whatever you want to give some love too.

Becoming part of the CAMI community

Tasha Cornish: Awesome. So as part of building our ecosystem, we like to have as many people involved as possible. We know that we don’t have all the ideas, and we really need to build coalitions around these big issues of getting cyber into everywhere and solving the cybersecurity talent issue.

So we have several levels of membership. We actually even have free memberships. For either cyber companies or other IT companies to come on, join CAMI, learn a little bit more about our programming, help drive the way that we’re going, and help just spread the good news and be a part of something bigger than any of us could ever be alone.

So our website is mdcyber.com. Nice and easy, and there’s some, become a member or a membership tab at the beginning, and you can always reach us at info@mdcyber.com.

Scott Pruim: Perfect. Tasha, thank you for the time and the information. I very much appreciate it. Get some information out on our sites and our social media about CAMI and again, happy to help in any way we can, especially getting more people involved in IT and the training and everything that goes along with that.

Really appreciate it. Thank you again.

Tasha Cornish: Absolutely. Thank you so much for the invite. Look forward to our work together.

Keep reading

Multifactor Authentication Breakdown

Multifactor Authentication Breakdown

Nick and Susan's monthly episode is joined by Lexie Nelson, a vCISO at Integris. Today's topic is multifactor authentication. We're going through a full breakdown into MFA: how much it really protects you and your organization, the things to look out for when...

“Anything We Can Do to Make It Right Is Our Thing”

“Anything We Can Do to Make It Right Is Our Thing”

Scott sits down with Jared Nolan, CEO of Norman & Young, a full service media company serving real estate agents. Jared talks about the highs and lows the pandemic has brought the industry, the new technology and standards raising the bar in the industry, and how...

How Companies Fail Vulnerability Management

How Companies Fail Vulnerability Management

Susan and Nick talk about Nick's must-haves for vulnerability management programs, and the best practices for whoever owns that process in an organization. Check out the transcript below and listen along with the embed, Spotify, Apple Podcasts, or your favorite...