Faces of Security

Faces of Security: Dr. Dawn Beyer from Lockheed Martin

Dr. Dawn Beyer, a Senior Fellow at global aerospace company Lockheed Martin, is a distinguished cybersecurity expert with over 30 years of experience and a proud industry advocate for women.

Beyer has held various positions at Lockheed Martin over the past 21 years. During her tenure, she has spearheaded several research and development initiatives, including the company’s Cyber Resiliency Level (CRL) framework and recent 2022 Cyber Defense Technology Strategy.

Beyer is a retired U.S. Air Force intelligence officer with 24 years of service. She is a recipient of the Nova Southeastern University (NSU) Distinguished Alumni Achievement Award for the College of Engineering and Computing—the highest and most prestigious honor NSU bestows upon its graduates.

Beyer earned her Ph.D., M.S., and B.S. degrees in Information Systems. She maintains a host of certifications, including PMI’s PMP, (ISC)2’s CISSP and CSSLP, ISACA’s CISM, and Six Sigma Black Belt.

In her mission to support women in the workplace, Beyer founded and was the first chair of Lockheed Martin’s Women’s Fellows Network, and she also sits on the board of governors of the Women in Cybersecurity (WiCyS) organization.

To learn more about Beyer and her take on the cybersecurity industry, please check out her “Faces of Security” interview below:

How did you get your start in the field?

I got my start in security while I was on active duty in the U.S. Air Force. There wasn’t a security role to perform; it was taskers assigned as additional duties. There wasn’t formal training, so I learned a lot through trial and error. I had a couple of opportunities in which I learned fast…very, very fast—not by choice!

Over time, my additional duties became my role responsibilities and I started to pursue formal training and education. My thesis and dissertation topics are both related to security. In my early Lockheed Martin career, I was asked to join the security engineering team. As my responsibilities in security engineering increased, so did my network and opportunities.

Who is/was your biggest influence in the industry?

I’ve had several influencers over the past 30+ years. Today, the personnel that influence me the most are Maria Demaree, Vice President and General Manager of Special Programs within Lockheed Martin Space, and Jim Keffer, Lockheed Martin Vice President for Future Warfare Concepts and Cyber.

Both are brilliant in their field. They’re visionaries and insightful leaders within our organization who are willing to share their knowledge, expertise, and wisdom.

As mentors, they’re active listeners, non-judgmental, and tailor their advice, recommendations, and feedback to our discussion. Both have championed and invested in my professional growth and career development. Their positive encouragement has contributed to setting and achieving my goals.

What’s your best mistake, and what did you learn from it?

Great question! This is one I learned early in my career. I applied for a new leadership position on the team I was already supporting. I assumed since my direct supervisor was the hiring manager and led the interview panel that I didn’t need to detail my accomplishments and capabilities during the three-person panel interview. The interview was scheduled for one hour—I took 15 minutes.

Every question asked, I thought, “He, my manager, knows what I’m capable of, he knows I accomplished this, he knows I’m doing this, why do I need to tell him?” The down-selection came to two people: myself and a co-worker. The other candidate took the complete hour and addressed the questions as if no one on the panel knew who he was. In the end, I didn’t get the position.

My lessons were: 1) I shouldn’t have put the responsibility of advocating for me on my manager—the biggest advocate for you is yourself; 2) I shouldn’t have assumed that my manager knew everything I was doing. I never needed to reach back to him for support to mitigate any challenges, obstacles, or barriers I encountered, I just handled it—this was information I could have leveraged as examples supporting my capability to perform in the new position; and 3) the interview was an opportunity for me to show interest in the position and how I could perform in the role, but my attitude came across as indifferent and apathetic.

That experience was a big lesson for me. I did a lot of reflection and changed my approach to many opportunities because of it. I share this experience and lesson with my mentees.

What’s your favorite part about working in the industry?

Cybersecurity is a complex, challenging field! Accurate and timely information is essential; continuous learning is a necessity; and responsibilities can become demanding, intricate, and relentless. Moreover, cyber isn’t just a discipline (security engineering), it’s a domain different from the other four physical domains (air, land, sea, space).

Cyber threat actors are mostly persistent, stealthy, patient, manipulative, and covert. In addition to understanding technology and its capability; policies, law, and processes; the customer’s mission, concept of operations, and technical possibilities, there is also the need to understand the threat actor’s tactics, techniques, and procedures and perform assessments on their capability, intent, and opportunity. Cybersecurity encompasses identifying, assessing, mitigating, and managing risk.

These are reasons why this field is so interesting and stimulating. My favorite part is leveraging my cyber and intelligence experience, knowledge, skills, and network to help personnel, programs, and organizations succeed.

I love giving personnel stretch assignments, mentoring them through their experience, and reducing their learning curve; I love helping programs find the cyber resources, technology, and capability to apply to their challenges; and I love helping organizations with developing processes that become best practices, transforming ideas to reality, and defining roadmaps that outline the direction to achieve their strategic goals.

What changes would you like to see in the security industry?

Across industry, I would like to see cybersecurity as everyone’s responsibility. In addition to annual security awareness training or compliance training, personnel should be briefed on the risks/threats to the organization, why they should care if the threats materialize and if the organization was attacked, and their role in reducing the cyber risk to the organization.

In engineering, it should be a necessity that security practices are integrated across all engineering processes. For example, software engineers should be responsible for applying secure coding techniques, practices, and guidelines and performing code reviews and security testing to prevent security flaws and improve software security. All engineers should have cybersecurity responsibilities and know how to identify, assess, mitigate, and manage cyber risk.

How can company leaders make security a value within their organization?

Develop and implement a cyber strategy; invest in a cyber workforce and recognize your top talent; and build a Cyber Center of Excellence to enable your cyber community to connect, collaborate, and innovate.

Where do you see the industry heading in five years? Are you noticing any major trends?

Major trends lean towards cyber-resilient solutions to increase intelligence and autonomous protection, detection, response, and recovery; leveraging artificial intelligence and machine learning to enhance anomaly and intrusion detection, malware identification, and advanced analytics; and leveraging digital twins and cyber ranges to perform effects-based modeling. I also notice, across industry, a rise in cyber attrition and the increase of the cybersecurity skills gap.

What are you most proud of?

I’m most proud and grateful for a lot. Two main areas include:

  1. Advocacy for Women: I’ve championed several women in and toward STEM careers. Mentored women in achieving Associate Fellow, Fellow, next job levels, transition into security engineering, leadership development, cyber certifications, and industry association membership and leadership positions.
  2. Professional Career: Achieving Senior Fellow. There are approximately 60,000 Engineers, Scientists, and Technologists within Lockheed Martin—only .15% are Senior Fellows.

Do you have any advice for people entering the profession?

A couple of recommendations that have helped me throughout my career…

  • Have more than one mentor.
  • Identify career champions.
  • Tell your leaders/mentors what you want!
  • Join cyber industry associations. I recommend the Women in Cybersecurity (WiCyS) organization, a global community dedicated to championing women in cyber. WiCyS brings together women in cybersecurity to share their knowledge and experiences, network and collaborate, and mentor.
  • Build and nurture your network.
  • Pay attention to current events. 
  • Learn from others’ experiences and lessons.
  • Take risks—one of my favorite quotes is “You miss 100% of the shots you never take” (Wayne Gretzky)
  • Stop and smell the roses!

ALSO READ: Faces of Security: Best Quotes of 2022