Team Reflections have had the privilege of interviewing Vandana Verma Sehgal who is a SCIT alumnus and seasoned security professional with over 14 years of experience. Vandana currently works with IBM Software Labs as an Architect, she is also one of the leaders for the IBM community WISE. She is the first Asian to be appointed as the Board of Director for OWASP foundation. She works with various communities (InfoSecGirls, OWASP, WoSec and null) and is passionate about increasing female participation in Infosec space. She has trained over 3000 Diversity Participants around the globe on Information Security. She was a keynote speaker at OWASP Global AppSec DC, 2019. She has spoken and trained at various conferences AppSec Europe, AppSec USA, NullCon, Security Guild 2019, BSides Delhi, c0c0n (Kerala Police Conference), Global AppSec Tel Aviv and Blackhat US 2019. She is part of the crew for OWASP Seasides and BSides Delhi conferences. She also does CFP Reviews for AppSec Europe, Global AppSec Tel Aviv, Global AppSec DC and Grace Hopper US 2019 (Security/Privacy Review Track).
Vandana is a global speaker and Women in Cyber Security Advocate. She received Global cybersecurity influencer among IFSEC Global’s “Top Influencers in Security and Fire” Category for 2019. She recently received Cybersecurity Women of the year award by Women Cyberjutsu Society in the Category “Secure Coder”. She has also been listed as one of the top women leaders in this field of technology and cybersecurity in India by Instasafe. Her community InfoSecGirls has recently won the “Program of the Year” at AYA 2020 awards by RSA Conference.
So, let us get in conversation with her without further delay:
Q: You have been in the industry since 2005, tell us about the evolution of women in all these years in Infosec?
A: Over these years the mindset of everyone around the Information Security strata has torrentially evolved. Initially, there wasn’t much involvement and exposure for women in these domains but with time the numbers have started increasing. Even for me, I started exploring various horizons of Information Security from 2013 because earlier I was mostly involved with my office work. This exposure came with my participation in various communities like null, OWASP etc. Even there, the participation of women wasn’t that big in numbers initially, but it has also grown with time.
Q: How do you handle so many community contributions all together along with office?
A: Over these years, I have learnt to prioritize things. This comes out of the experience and a little bit of self-discipline; it basically teaches you how to manage your time well. We all have 24 hours but how to make the most of it is all about your mindset and choices. Community work brings me peace. To be able to contribute to the community which has given me an ocean of opportunities to bask upon is something that satiates my conscience. My journey started with becoming a Chapter Lead for OWASP. Then came Infosec Girls which now has 13 Chapters around and many more coming up. I feel a sense of belongingness with these community involvements.
Q: How do keep yourself updated in AppSec along with so many engagements?
A: I have the habit of reading one blog at least every day. I follow websites where I get to know about the critical vulnerabilities that are coming. I don’t just read but I also try to replicate it in a VM and then try to find ways to exploit it in an isolated environment. And when I learn something, I make sure I train people about it. It’s like learning and sharing.
Q: Message for girls who want to grow in Infosec?
A: Stay curious and do not hesitate to ask questions. It is absolutely ok not to know something but not wanting to know something because of the hesitation is not. Practice hands-on as much as you can, read a lot, reach out and learn to talk it out. This is how you will learn and grow.
Q: Nullcon experience and its impact on your life?
A: Nullcon to me is a Hacker’s pilgrimage. People around the globe visit this conference to share and learn about Security. It’s is a summer camp for all the curious Infosec aficionados out there who want to learn, share and grow. I won the first WINJA CTF that was released in 2015 and it indeed was an amazing experience. I have met some of the most brilliant minds in the industry there and had an amazing learning experience with them. If we talk about the numbers in participation, it has also outgrown and Nullcon is one of the biggest Security Conference in India.
Q: Tell us about IBM WISE and your role in it.
A: Women in Security Excelling (WISE), an IBM community was established with hopes to bring awareness and change to this staggering statistic. It is a collaborative initiative of dynamic ladies who have turned the tides to chart new paths and are now anchored in the world of cybersecurity.
I am mostly involved in the Branding and Communications of WISE. I am also heavily involved in the CTF and Security for Developers initiatives for IBM Security Summit 2020.
Your hobbies: Cooking, listening to music
Favourite go-to place: Goa and London
Novel: Recently P.S: I Love You
Your inspiration in Infosec: Tanya Janca, Akash Mahajan and Anant Srivastava
Music: Punjabi music
Food: Dal Makhni and Garlic Naan