February 20, 2024 By Sue Poremba 3 min read

As generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interset, an AI cybersecurity company acquired by MicroFocus and then by OpenText. She continues as part of that team today.

Did you go to college? What did you go to school for?

Pospelova: I graduated with a bachelor’s degree in computer science and a master’s degree in computer science with a specialization in data science from Carleton University (Ottawa, Canada). At that point, the degree was so new, I was the first graduate from this program.

What certifications have you obtained?

Pospelova: When I started my work in the cybersecurity domain, it was important for me to have a deep understanding of the problems we are trying to solve. I’ve taken countless courses and read books, blogs, reports, etc. I also obtained CompTIA Security+ certification to gain the cybersecurity perspective of someone whose role is to defend organizations from cyberattacks.

What was your first role in IT?

Pospelova: I worked as a developer at a startup, Bedarra Research Labs, that was building an analytical application. As commonly happens in startups, I had the opportunity to work on both front-end and back-end development, forming a strong passion for discovering valuable insights behind a mess of data.

What pushed you to pursue security?

Pospelova: I was enchanted by an opportunity to “catch bad guys with math,” as Stephan Jou (formerly CTO of Interset, now Senior Director, Security Analytics at OpenText Cybersecurity) put it. Stephan and the rest of the Interset team were so passionate about their mission, innovative with the technology and supportive among the teammates that I could not resist joining the gang and beginning my journey on the path to a career as a cybersecurity data scientist.

What is the most valuable skill you learned in your role?

Pospelova: I am still learning; I guess that would be the most important skill: never stop learning. Both cybersecurity and data science are incredibly fast-paced domains; new threats and algorithms emerge on a weekly, if not daily, basis. We must constantly innovate, develop and challenge the status quo to be on top of the game — especially with AI entering the scene.

What soft skills do you think make a person successful in cybersecurity?

Pospelova: The ability to see the signal among distraction and the resilience to proceed with the persuasion of the main goal. And I’m not talking only about the data. It is extremely important to not lose the “why” beyond “how.” If we are wandering into a “wilderness” of cutting-edge technologies or cutting-edge threat research, never lose sight of a problem that we are solving. Focus on what matters the most and what will bring customers the most value.

Any parting thoughts about your career?

Pospelova: I think in any tech career, you have to find the place of work that is right for you. The three aspects that distinguish it are passion, communication and team culture.

Passion: We spend a large portion of our day at work; if you and your teammates do not care about the product you are working on or problems you are trying to solve, if motivation is external or lacking altogether — both you and the organization suffer.

Communication: A workplace where you feel you work in silos is not an enjoyable nor fruitful place to grow your career. Note that effective communication goes both ways: Do you express your thoughts and ideas effectively enough to your peers and management to understand, and do you put enough effort into hearing and understanding the ideas of your teammates?

Team culture: Passion and communication are the foundation of a team culture, but it goes beyond. It must be inclusive and inspiring, providing fertile ground for innovation. When you go to work with a feeling of the mission and comradery, when you show up excited to get things done, you are in the right place.

Harness AI to accelerate your security defenses

More from Artificial Intelligence

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

GenAI: The next frontier in AI security threats

3 min read - Threat actors aren’t attacking generative AI (GenAI) at scale yet, but these AI security threats are coming. That prediction comes from the 2024 X-Force Threat Intelligence Index. Here’s a review of the threat intelligence types underpinning that report.Cyber criminals are shifting focusIncreased chatter in illicit markets and dark web forums is a sign of interest. X-Force hasn’t seen any AI-engineered campaigns yet. However, cyber criminals are actively exploring the topic. In 2023, X-Force found the terms “AI” and “GPT” mentioned…

How AI can be hacked with prompt injection: NIST report

3 min read - The National Institute of Standards and Technology (NIST) closely observes the AI lifecycle, and for good reason. As AI proliferates, so does the discovery and exploitation of AI cybersecurity vulnerabilities. Prompt injection is one such vulnerability that specifically attacks generative AI. In Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations, NIST defines various adversarial machine learning (AML) tactics and cyberattacks, like prompt injection, and advises users on how to mitigate and manage them. AML tactics extract information…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today