Crystal Morin discusses combining a love for cyber intelligence with her determination to make a difference in the world.
Before she was a cybersecurity strategist at cloud security company Sysdig, Crystal Morin studied forensic science and had a strong desire to make the world a safer place.
Aptitude tests indicated that she should consider military careers that prioritised analysis and intellect. This, coupled with a wish to be deployed where she could serve the greater good, led her to become an Arabic cryptologic language analyst.
For the next couple of years, including post-service as a defence contractor, Morin worked on counter-threat finance, counterterrorism and cyberterrorism projects. “I was making a difference and it felt good,” she told SiliconRepublic.com.
In 2021, she joined a team tasked with teaching others how to recognise cyberthreat actors, moving from a career that previously focused on preventing terrorism to one that encompassed all cybercriminals. Using logs and SIEM (security information and event management), she continued to do online what she had already been doing in the real world, threat hunting.
“I’ve always kept an eye out to see what organisations are hiring for and what kind of qualifications they need. This is how I came across an opening on Sysdig’s threat research team and for me, the appeal was in the name. I could continue finding bad guys but I’d learn how to do it in cloud environments.
“When I started, it was hard (it’s still hard!) but I was able to contribute my passion, dedication and inquisitive nature to the analysis of honeypot data and novel cloud threat reporting,” she said.
About a year ago, Morin moved to Sysdig’s cybersecurity strategy office. She explained that though there have been challenges with her new responsibilities, a passion for security has made it a fulfilling journey.
Jump in and be ready to learn
Morin credits much of her happiness in the role to the ever-changing nature of her chosen career path, stating that within cybersecurity and threat hunting, she is thankful that each day brings something new.
“There are an endless number of projects I can contribute to, research to conduct, articles to write and interesting people to talk to.
“Cybersecurity itself is a fluid career field where there is always something new to learn, analyse and understand. Every day, I have a plethora of these things to work on.”
When asked about the prediction that by 2025 more than half of significant cyber security incidents will be driven by a lack of skill and human oversight, Morin noted it would be a shame if a deficit of talent were responsible for decreased safety.
Talent, she says, “can be discovered and taught, just like it was for me”.
“I don’t think we have any shortage of intelligent and capable people looking to break into the cybersecurity industry.
“Human oversight or error will always be the greatest detriment to security. People make mistakes, but everyone needs to be proactive and cyber aware these days. It cannot fall solely on the shoulders of security professionals any longer.”
According to Morin, it is frequently those who are the furthest from security that are targeted in social engineering campaigns. “Security personnel, or those who work for security companies, are typically terrible targets because they see and hear the horrors all the time, they’re hyper-sceptical and they doubt everything.”
Fostering the next generation of cyber warriors
For Morin, an original outlook, unique skillset and an in-depth understanding of the industry have been key to her success. “I bring a different perspective to this field because I know intimately how bad guys operate and I can analyse and assess threats and provide context.”
Skills can be cultivated along the way, but for Morin, the next generation of cyber experts, who have passion, drive and the desire to be a part of the wider cyber landscape, are the ones who bring immense value to the sector.
She would encourage people from all walks of life to educate themselves on the basics and get involved in the protective element of cybersecurity at an early age, as even her young children are aware of threat actors on the internet and the importance of taking security precautions.
“Every aspect of our lives in this digital age relies on a supply chain that includes software and applications. Unless we take major steps back toward a pre-industrial revolution way of life, the digital world and cybersecurity will continue to play a major role well into our future.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
