05 Oct Rockwell Automation’s Dawn Cappelli Is No Ordinary CISO
From afraid of computers to global cyber leader
Northport, N.Y. – Oct. 5, 2020
Dawn Cappelli was conflicted in college. A people person, she wanted to work alongside others. But her love for numbers drove her to math, where she met an unexpected adversary — the computer.
It made her tremble.
“This was a long time ago,” she laughs.
There were no PCs in peoples’ homes, no laptops, no cell phones. The days of giant mainframes. Even mini computers were a beast.
“I was really afraid of those computers.”
One programming class changed everything.
Explosive launch of an unexpected journey to CISO.
First gig: software engineer. Programming nuclear power plants for Westinghouse.
Then Carnegie Mellon University. Working a bioterrorism project; bit by the cyber bug.
Infectious, she couldn’t get cyber off her brain. Said incomprehensible things like, “Geez, I’ll try and get a job at CERT.”
Hoping the first cybersecurity organization in the world could cure her cyber fever, she checked herself in.
Cybercrime TV: Dawn Cappelli, CISO at Rockwell Automation
Co-author of “The CERT Guide to Insider Threats”
Voilà: CERT hired Cappelli to help the U.S. Secret Service protect the Salt Lake City Olympics from insider threats and terrorism. “This is the coolest job in the world,” she had thought.
After nearly 1,000 insider threat cases, and years of research on how to prevent, detect, and respond to information technology crimes, Cappelli co-authored The CERT Guide to Insider Threats.
She also founded and directed the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute.
Today Cappelli is vice president, global security and CISO at Rockwell Automation (NYSE: ROK), a Fortune 500 company — a role with responsibility for protecting a vast ecosystem of customers, suppliers, distributors, and partners from an ever-changing threat landscape. She’s also responsible for securing 23,000 employees, thousands of contractors, and more than 100 locations around the world.
Who said women can’t hack Fortune 500 CISO ranks!
Well, the stats say it.
Women rarely excel to executive levels like Cappelli did. Women represent only 14 percent of Fortune 500 CISO positions. Yet they have more college degrees in computer science than their male colleagues.
Cappelli hits the heart of it.
Women are hard on themselves. They don’t see the value they bring to the table.
“We are working hard to mentor early career young women in security,” she says. “Helping them to advocate for themselves.”
Not only women. She’s a huge fan of STEM initiatives aimed at girls in elementary, middle, and high schools.
“Let’s make TV shows where the smart girl is the hero,” she laughs. “I love security because it’s the good guys against the bad guys. Kids love to play good guys vs. bad guys. You can do that in security — you can do that as a woman. We have to start influencing at young ages. It’s not only OK — it’s cool!”
It’s also cool that hundreds of thousands of Girl Scouts of the USA have earned cyber badges.
Even 7-year-old Brownies understand cyber. Cybercrime Magazine recently had a troop of them in its studio: “They thought of themselves as cyber fighters. They actually knew what ransomware was,” says Steve Morgan, founder of Cybersecurity Ventures and editor-in-chief at Cybercrime Magazine in his interview with Cappelli.
Want to up your CISO game?
Cappelli is not surprised everyone wants to be a CISO.
Her take on getting there (sorry bullet haters — she’s a sharpshooter):
- Learn to communicate with all kinds of people in your company.
- Know your company’s business. Who it is. Its role. Risk profile and tolerance.
- Stay abreast of threat landscape.
- Get firm grips on security domains.
- Get your CISSP badge!
Cybersecurity needs more female heroes like Cappelli. It’s totally possible — just ask the little Brownies.
– Eli Kirtman is a freelance writer based in Cincinnati, Ohio.