This episode dives into the crucial topic of Cybersecurity as Eveline Oehrlich and Dr. Nikki Robinson provide key insights about what we should be aware of in this ever-evolving digital world.
Dr. Nikki Robinson is an experienced Security Architect with a demonstrated history of working in the IT and Cyber fields. Skilled in Statistical Data Analysis, Windows Server, Team Leadership, Penetration Testing, and Risk Management. Strong IT professional with a Doctorate of Science focused in Cybersecurity from Capitol Technology University. Recently completed a PhD in Human Factors to help bridge the gaps between users, technology, and security.
Enjoy the Humans of DevOps Podcast? We’re incredibly grateful to be voted one of the Best 25 DevOps Podcasts by Feedspot.
Want access to more DevOps-focused content and learning? When you join SKILup IT Learning you gain the tools, resources and knowledge to help your organization adapt and respond to the challenges of today.
Have questions, feedback or just want to chat about the podcast? Send us an email at podcast@devopsinstitute.com
Transcript
Narrator 0:02
You’re listening to the Humans of DevOps Podcast, a podcast focused on advancing the humans of DevOps through skills, knowledge, ideas and learning, or the SKIL framework.
Dr. Nikki Robinson 0:17
You know, it can be it was almost there was this friction between IT and security. And then when I got really interested in specifically vulnerability management and sort of made the hop over to security, I started seeing those same patterns but from the security side.
Eveline Oehrlich 0:33
Welcome to the Humans of DevOps Podcast. I’m Eveline Oehrilch, Chief Research Officer at DevOps Institute. Our topic today is focused on Cybersecurity: What You Should Know. Today we have with us Dr. Nikki Robinson. Let me give you a little bit about Nikki and her background. I of course, did some digging into what she has done and give me some time. So Dr. Robinson, earned a Doctor of Science in cybersecurity has several industry certifications and is a security architect at IBM right now and also an adjunct professor. She has more than 10 years of experience in IT Ops. So Nikki that we have in common before moving into the security field about three years ago. She studied vulnerability chaining concepts and completed her PhD in human factors to combine psychological and technical aspects to improve security programs. She has a passion for teaching, obviously, yes, she’s an adjunct and mentoring others on risk management, network defense strategies, and digital forensics and incident response. As I said, she’s a security architect and has technical experience and continuous monitoring, risk management, digital forensics and incident response. She is a speaker at many conferences on a variety of topics from human factor security, engineering, malicious website, Grant, graphing and Dev SecOps. She’s also the co host of a podcast titled Resilient Cyber Podcast with the goal to discuss variety of cybersecurity and it with many, many subject experts, and many of you might have listened to her podcast. Finally, one more important thing. She is a volunteer speaking for InfraGard also Women in Cyber Chapters, which is why size I think Information Systems Security Association, which is ISSA, and Cyber Jitsu Organization, welcome to our podcast. Nikki,
Dr. Nikki Robinson 2:45
Thank you so much for having me today.
Eveline Oehrlich 2:47
Very excited that you’re here. Now, the first thing you have to talk about is Cyber Jutsu. Can you help me on that one?
Dr. Nikki Robinson 2:57
Sure. Yeah, this is actually a this is a great organization that they their focus is really a to focus on getting women into the cybersecurity field. So they’re working to close the gender gap. They’re trying to help mentor young women to get into cybersecurity. And they host all kinds of events, they do webinars, they do workshops on everything from Python Programming, and then they do cyber competitions and capture the flags or CTFs. So they do a lot of different events to sort of help help encourage young women to get into cybersecurity. And and they host a lot of conferences as well.
Eveline Oehrlich 3:39
Are they global? Or are they are also regional events?
Dr. Nikki Robinson 3:44
I think I believe both. I know that they do a lot of regional because I think they have different chapters, sort of like women in cyber or Rhesus. But But yeah, so they do have a lot of regional events.
Eveline Oehrlich 3:55
Okay, worth checking into. Super. Thank you.. So as you can imagine, when I did research on your, on your background, and what you do, and all, all the wonderful things you have been through and have been studying, and there was a lot of things I was like, Oh, I would love to talk to you about that. I would love to talk to you about that. But, of course, we cannot cover these all. So there are two key things we want to cover today. First, I want to dive a little bit into your book minds, the tech, the tech gap, addressing the conflicts between IT and security. And then second, of course, because I am a woman and I know we have some women on the on the show. I want to I want you to share your experience as women in technology. So those are the two things we’re honing in. I hope you are ready for that. I know you are ready for that. Thank you. So let’s get to the book first. I think that’s the most important one because I think it was published in October of 22. So not that far, and not that long ago. As I said, the book was called, or is called Mind the tech gap, addressing the conflicts between IT and security. So first of all, congratulations to the application. Fantastic. I think I’m going to order it because that topic is something which is also I have something I’ve researched in my career over the years. Now in the book, you address, and I quote from the book from a book review, you’re saying, or it says, the long standing challenges between it and cybersecurity teams, and you’re exploring the different job functions, goals, relationships, and other factors that might impact how it and cyber security teams interact. Give us a little bit of an overview of the book, because I think there are some powerful things in there, which I would like people to kind of listen to. So enticing them to actually buy a book, and I’m not trying to sell your book, I think this is an important piece. Most folks have not even thought about, and I want you to do a little bit of a review.
Dr. Nikki Robinson 6:07
Yeah, thank you,, it’s funny, because I’d had this idea for this book for at least five years now, even before I got into cybersecurity. So when I was on the IT side of the house, you know, and working with sort of my security counterparts on assessments or audits, and literally sitting through four or five hour long meetings on, you know, security controls and configurations. And so I was sort of getting this idea of you it can be it was almost there was this friction between IT and security, because it was like, Oh, we’re having another audit, or oh, we have another assessment or this or that, or all security does this or security does that. And then when I got really interested in specifically vulnerability management, and sort of made the hop over to security, I started seeing those same patterns. But from the security side, you know, seeing sort of the frustration, and the, it won’t do this, or I’m trying to work with development, and we’re trying to get this done. And it’s difficult, or it’s challenging. And so that was really what sort of even having that idea but coming into security and saying, Oh, I’m seeing this, you know, sort of this frustration and this friction from both sides. You know, we’re both having challenges working with each other. And it’s not because, you know, we both have important missions, we both have important goals, but most of the time, those are somewhat conflicting. So having teams that have conflicting goals and missions, makes it really challenging to, you know, sort of get together and make these things happen. And so that was really what spurred the the idea of the book, and I wanted to dive into sort of, from a historical context to what traditional job roles look like, you know, 20 years ago, and how we built, you know, IT teams and how they look now, and how that sort of plays into why relationships can sometimes be fractured between the teams, and ultimately, that that leads to concerns with risk, you know, and risk management and how do you how do you manage risk with the people that you know, need to work together? So that’s really sort of the spirit of the book, and, you know, hoping to shed some light on why these challenges exist. And then, you know, at the end of the book, I provide sort of a roadmap for Hey, these are the questions you need to start asking yourself and your teams, depending on the type of job role that you have.
Eveline Oehrlich 8:29
I love that last part, you said, I think that is essential for folks listening in having a roadmap to understand what what can they actually do that actionable advice, because sometimes, you know, there are books out there, and I’m done with it. And I put it aside and I’m thinking, Okay, now what? Yeah, right. It’s like, okay, I’m not really sure I understand, but I don’t know what so that is beautiful. Now, one thing you were under, in the book review, which talks about that also, of course, you are honing into into something called empathy, and emotional intelligence. And that is something which I have keen interest in, as I’ve done research for the DevOps Institute on upskilling for the past five years. And you would not be surprised that I tell you that the human skills, are there significant gaps there within it, and they don’t go away these and they’re particularly around, you know, having that empathy, having these inter interpersonal skills and really working and developing collaboration and coordination with others. So that is quite interesting. Interesting. And of course, there is action, which means people should upskill and human skills and we’ve been kinda like a preacher pin saying that, but why is it so hard? Why is it so hard for a reverse it people I’m an IT person, I think I have human skills plenty. And my kids would tell AMI you do, ma’am. But why is it so hard sometimes for folks in either on the security side or on the IT side, no matter what role to think about that human skill and and adding or working on them? What are your thoughts on that?
Dr. Nikki Robinson 10:17
Yeah, I think it’s such an important question to ask because and it’s a question I started asking myself too, because I, you know, working in it, and security for almost 15 years now, it’s one of those things I haven’t seen as part of it programs, traditional IT, whether it’s academic or certification programs, and insecurity as well, I know that there are some universities out there that teach emotional intelligence in their IT programs, but I think that’s a newer thing. And I just haven’t seen as many programs that tout, you know, emotion, emotional intelligence, empathy, relationship, building, all of those pieces that we need to sort of operate in these big teams and in these big organizations. So I think the first piece of it is sort of the education component, in that it’s not really taught to us, you know, we’re taught Python, and we’re taught Pope programming, and we’re taught, you know, SQL and all these other things, but we’re not really taught well, what does that mean to somebody else? You know, if I’m on the IT side, or if I’m a developer, what does that mean to security? And I think it’s really important on the security side, to have that understanding, and that empathy for what other teams are working on. Because if I can’t speak to a developer and understand, you know, what they’re going through, or what they need to do, you know, what their deadlines or requirements are, it’s going to be really difficult to work together. So I think that’s part of the challenges is we don’t really have this educational component, it’s, it’s not a part of any certifications that I’ve at least seen, you know, this sort of emotional intelligence piece. And I’ve really, especially when I was doing research for the book really came across a lot of leadership and management books that talk about emotional intelligence. I had a really hard time finding anything out there, whether it was a book, or anything like that, that could be used as a textbook or used, you know, sort of as a guide that talks about emotional intelligence, really, for practitioners. You know, there’s there’s some stuff out there, but there really isn’t a lot. And I think that that’s, that’s, you know, one of the biggest challenges is we encourage our technical people to go for certifications to go for technical certifications, you know, that that’s a great thing. But we don’t encourage them to apply empathy to what they’re doing. And so I think that’s, that’s probably where that that gap came from.
Eveline Oehrlich 12:36
Here, here, here, I’m hoping that my co partner is listening into this podcast. If not, I will point her for that, because we have been saying that we need to start figuring out how can we actually help our community members to expand on their existing human skills or build upon the ones they have? Or start working on if they don’t think they have any? I think the other thing I was just speaking to Gallup CEO, he was talking about the engagement of individuals in the in a job well, today has been really, really low. But one of his points was that as we are lacking, or as we are not developing these human skills, work becomes less fun, not just because of its in cybersecurity, or its insecurity or in the DevOps, or wherever. But because it’s so difficult to bridge across in, we can only talk tech, and we could talk processes, but we really don’t have that connectability anymore. Mostly, maybe it’s gotten worse, because of the pandemic. He was saying that they’re doing a lot of work at the Gallup as well to start assessing and developing that. So it is a great opportunity for us. Thank you for that. All right, let’s shift gears a little bit. The clock is always ticking when we have great conversation. So I want to switch a little bit towards the topic of cybersecurity. And particularly, where do you think it stands today, in terms of its priority from what you’ve seen? And from who you’ve been visiting with? Where does it stand in terms of priority in executives, leaders, investors and individual contributors? Because I think there is, at least from the research I’ve done, there might be a shift and which is good. But I was curious what your thoughts are on that.
Dr. Nikki Robinson 14:30
Yeah, I would absolutely agree that there’s been a shift and I think, a shift really in the last year. You know, I think this it all really sort of started with solar winds. You know, that? I think because it had so much media attention, you know, it wasn’t just Oh, random data breach here or random cyber attack here. Solar Winds affected lots of different types of organizations, lots of different domains, and it became a business risk. You know, it wasn’t just a cyber risk anymore or an incident It was, Oh, my business is in trouble. And not just from a security perspective, but a lot of the people that consumed and use SolarWinds were IT operations groups. And so it that of not having that tool in place, you know, having to find an alternative or not having visibility to your systems or, you know, the potential of an incident, and then you can, you know, it becomes a snowball effect to the business. And I think that was really what sort of, at least opened people’s eyes to, oh, there’s, there’s sort of this cascading effect when there is an incident that sort of, I think, started to change people’s minds. And then I think blog for J was another big one, partially because it got so much media attention, but also because it opened people’s eyes to open source software, how do how are we actually developing? And how can we support developers, while still making sure that we understand the risk. So I think it was sort of an eye opener for both developers and for security professionals to say, oh, we need to really understand how this is going to work, and how we can support open source software, but by you know, understanding what that means to our risk. So I think, as far as what those things sort of started to change people’s minds, I do think a lot more leadership boards, they’re much more interested in in having sort of cybersecurity expertise, at least available as consultants or advisors. So I would say there’s definitely a shift in the industry as far as leadership goes. And I think they see the benefit of cybersecurity, not just being, you know, a security assessment, or an audit or an inhibitor, but more of a, hey, if we work together with the cyber team, with our developers, with our T with our leadership, we can help provide strategic, you know, we can help with those five year plans, we can help make sure that five years out 10 years out that the business is healthy, thriving and resilient, especially towards cyber attacks. Because if if an organization isn’t resilient, let’s say for example, ransomware, I think that’s another really big one that’s hit organizations and the amount of cost associated with ransomware. Plenty businesses have shut down because they’ve been hit by ransomware. And it was so costly that they couldn’t recover. So I think I think those kinds of situations have really changed how people feel and now they’re starting to seek out security advisors and not just from a, Hey, what is our secure configuration look like? Or how do we pass this audit? But hey, how do we, how do we plan our strategic it and development vision with a cybersecurity, you know, professional there to help us?
Narrator 17:42
Do you want to advance your career and organization, we can help you do that DevOps Institute offers a wide range of educational experiences for you to begin your upskilling journey. Whether you’re looking for a defined path to certification, exploring the latest in DevOps, or connecting with the large community, we can help you develop the specialized skills needed for the future of IT. And it won’t just be good for your career. It will also make you indispensable at work with our lineup of industry recognized DevOps certifications, digital learning opportunities, and engaging events, you can connect with our network of experts and expand your potential today, visit DevOpsI nstitute.com and join our community now.
Eveline Oehrlich 18:27
So as a summary, I would say it is fair to say that cybersecurity is a strategic line item for all of those particular executives and leaders.
Dr. Nikki Robinson 18:38
I guess that is my hope I
Eveline Oehrlich 18:43
Lets frame it as a hope I love that. Yes,
Dr. Nikki Robinson 18:45
I hope so. Because I think there is there’s so much positivity, it’s one of the reasons why I wanted to get into cybersecurity, because it’s it’s not just cybersecurity, it really is it and a function of technology. And so I think if we can start to change that idea of, you know, I joke with people, you know, I’m a security architect, but I really joke, I’m really just an infrastructure architect. It’s security is, you know, security by design. But really what I’m doing is helping to build environments that are secure. And, and that’s still in it a component of it. So I think, I think it’s starting to change. But yes, it’s a lot of hope there.
Eveline Oehrlich 19:25
Yep. You know, this is, this reminds me of philosophical discussion we have had when I was at Forrester, where we had a security and risk team and an infrastructure and operations team. And of course, you know, enterprise architects, application developers, CIOs. And I remember the folks from the security and risk team, not wanting to do at the time, this is 2018 When I left but at that time, they were doing their own research. Of course, we always wanted to collaborate because infrastructure and operations we have to have our heads out and get stuck sometimes was in, in the nasty fixing the mess. And we always had the conversation and and said, why do you why are you in a separate group? Why are we not bringing us together into a research? team so we can do things together? I don’t think that has happened. But But I think having the risk, sometimes it takes, it just takes challenges which are so overwhelming that people are enough pain that people are changing. And I think one of the other factors and I’m curious what your thoughts or is there a metric which executives should have relative to that? I think it’s some companies, a CEO already has the resilience and sustainability. We’re seeing ESG as a topic come up quite a bit. But in your, in your mind, should there be metrics for all of those folks around this topic? Because it impacts like you said the business significantly?
Dr. Nikki Robinson 20:59
Yes, absolutely. There’s definitely been a big push in the last two, three, maybe four years for quantifying cyber risk, you know, really making it much easier, I think, to digest, because it’s interesting, I think, when people talk about qualitative versus quantitative, but this idea that if we can help quantify some of that risk, make it easier to digest and help to, to help to show what we’re talking about, tell that story a little bit better. And metrics, I think, when it comes to, you know, here’s my, here’s my bias here, because I love vulnerability management, but, you know, anything highly exploitable vulnerabilities, if I’m using threat intelligence, what do I need to be concerned? What are the top three concerns that I have? You know, so I think breaking it down into smaller chunks. And, you know, my, the bane of my existence are like 300 Page vulnerability reports. And I think that’s, you know, one of those big challenges is don’t send those 300 page, you know, vulnerability reports. Let’s let’s break this down into metrics that makes sense for leadership. That’s, it’s, it’s absolutely imperative, I think, to not just the cybersecurity mission, but to the business mission, you know, to help break those things down and make it easier to digest.
Eveline Oehrlich 22:12
Yep, absolutely. All right. Now, I came across a fantastic short piece by Stefan Napo, who is the VP cybersecurity director and global CFO, I group, SCB, that’s a French company, that doing a lot of small appliances, and it’s actually the world’s largest manufacturer of cookware, and I’m a cook so I love their products, but not talking about the cookware but really talking about what Stefan said he talked about the swarm cybersecurity or swarm cybersecurity. And, of course, in DevOps and development, we talk about swarming. Have you heard this term? I’m sure you have any? If you haven’t, and let’s move on. But I am sure you have your thoughts on that. Tell me tell me what you think when that comes to your mind when I say swarm or cybersecurity.
Dr. Nikki Robinson 23:03
Yeah, so for, for me, swarming. I also think about in a very it context, because, you know, typically you have this tiered model, and that’s sort of an older model right of it. But if you let’s say you have your helpdesk, and then your systems administrators, and then your senior sis admins or maybe engineering above that, but instead of having these sort of siloed, tears, you have this giving this power to, you know, in IT systems administrator that can sort of help to resolve these things without taking up the chain, because, you know, you don’t learn anything that way. So it’s this more collaborative effort of, hey, I think I know how to fix this, I’m going to do this. And then if they need help, they can always ask for help, and the team can work together, but it becomes more of this group effort, instead of you know, hey, I’ve got this thing, I’m gonna pass it to you, they’ll pass the ticket to you, and then to you and then to you. So instead of this becoming this endless chain of, you know, what happened to my issue, you know, becomes this more of a collaborative and teamwork type effort. And so applying that to cybersecurity, I think about the cyber color wheel, if you’re familiar with that, this idea of you know, you have red teams and blue teams, and then you start talking about threat intel, and you have yellow teams and orange teams and purple teams that are red and blue teams combined into purple teams. And so you’re building this more of a collaborative effort, instead of saying, you know, I’m on the red team, and I have a pen test. And I’m going to lob it over to the blue team. And they’re just going to have to figure it out and becomes a collaborative effort. And the blue team can go back to the red team and say, Hey, actually, we found these additional things. Can you verify that for us? Can you check to make sure that this is fixed? And so it becomes this more of an open type of team instead of you know, just the silos? Well, I’m on the red team, or I’m on the blue team. Yep. You know, it’s much more collaborative. And so I think that’s 100% the way forward there’s a fantastic Stick. She’s on LinkedIn. Her name is marrow Vernon, she talks a lot about purple teaming. And when I came across her and some of the things that she’s written about purple teaming, that’s really what started getting me thinking about swarming. Right. It’s it’s a similar notion, right of collaboration and bringing people together. But I think it’s a big benefit to teams, because one, it empowers your employee or your cyber professional, or your developer. But it also improves their skills. It allows them to learn something new, it improves teamwork. And I think there’s a big reduction in how long it takes to identify and resolve specifically, you know, in a Red Team Blue Team context, versus Hey, I have this 200 Page pen test report, here you go, go ahead and figure it out, you know, it becomes more of this, like, hey, we found this vulnerability across 100 systems, can you guys work on this, and we can see if we can get this fixed, and then we can come back and retest. So So for me, it’s all about collaboration,
Eveline Oehrlich 26:01
super, we, I that reminded me of something I did with again, a former colleague of mine, where we looked at MTTR. And we found that not necessarily to security, but we found that the largest amount of time, I think it was 70% of time was found in the meantime to detect. And and that was because everybody was looking down their own their own pipe, right and their own data. So I think that’s an additional benefit, in terms of Meantime, detect at the pre at the predecessor of swarming, but as you said, MTTR overall, because we are bringing people together is an incredible impact has an incredible impact reducing that. And that, again, reduces business impact. So super. All right, let’s shift a little bit, we have about five minutes or so I want to cover two topics, one the skill, and then I want to really get into your thinking on the women in it, or women in tech. So the first one, let’s say I want to be successful in cybersecurity. And actually, I did lose an analyst in my former role to the security and risk team. And I was very sad loser, but she is a great analyst in this space. But if I wanted to go into cybersecurity, and maybe there’s a focus on here who are wanting to switch, what do you think are the necessary skill, maybe one or two to be successful? Besides what we already talked about in terms of, Hey, you gotta be having empathy. And so EQ, but what else do you think are essential?
Dr. Nikki Robinson 27:33
Yeah, I would say a lot of the skills that I brought with me from it to cybersecurity, and you don’t have to have an IT background, to necessarily go into cybersecurity, but I can say for me, it helped a lot. Because I understand technology very well. Now, I would say troubleshooting is a really, really big skill. And that’s, you know, troubleshooting, problem solving, being able to sort of understand enough that you can figure out what’s going on, because that’s, that’s one of the big, big parts of cybersecurity is typically you’re handed, you know, a piece of information, and you’ve got to go digging, and try to figure out what’s going on. And so I think that problems, problem solving, troubleshooting, and natural curiosity, all three of those sort of go hand in hand together this sort of, okay, let me dig and try to figure out what this is. So I would say that’s the first and I know I said, three skills really, and one that was sort of I was trying, it’s kind of a cop out. But that’s sort of that. That’s sort of how I would describe that right problem solving as that big component there. I would say the other really important skill, you know, besides sort of that relationship building, and what we call soft skills, would really be how, how do what was I gonna say, how do how do we understand data. So data science is a really important component of cybersecurity. And I’ve met a lot of really great data scientists that have crossed into cybersecurity and they are a huge asset, because they’re able to parse through all of this information that we’ve been collecting in security with our sims for years and years and years. And now we have data scientists to really help us. One make that pipeline of data, easier to digest, easier to bring in. But they also help us pull out the really important information. They’re helping us to leverage AI, machine learning models and different techniques that we may not have had the skills I say we, I may not have had the skills in before in data science, but that’s something in the last two years, I’ve learned how important it is to sort of have those data science principles in cybersecurity. So I would say you don’t have to know Python or machine learning in any sort of depth. But having some of that understanding is really important. Can I give three skills? Can I give one more? Of course you can. Okay, one more I would say you know, since we’re talking about DevOps, right is the ability to communicate and work really well with developers to be able to speak the language, if you have some programming background, it’s super helpful. Again, you don’t have to be a developer, but to be able to understand enough that you can talk to a developer, when they’re saying, Hey, we have this requirement, we have to do this this way. Let’s figure out a new solution. So I think that sort of being able to speak the language is really important.
Eveline Oehrlich 30:21
Excellent. Fantastic. All right, our last question, and then I have a fun question for you. But this one is around women and technology, both of us have been in technology, I have my own challenges. But this is not about me. This is about you. What would you would love to hear? What was the biggest challenge for you you faced? And of course, how did you overcome it? If you’re willing to share?
Dr. Nikki Robinson 30:45
Absolutely, yeah, I would say the biggest challenge I had, it was funny getting into it. You know, starting on helpdesk, and sort of working my way up, I actually, I had some really great mentors along the way, and sort of, you know, working my way up in it. I think the biggest challenge I honestly had was when I wanted to break into cybersecurity, and I got so much pushback from my it friends on, you know, why would you want to go into Security, you’re never going to be able to come back to it or, you know, you’re just going to be in security. And it was such, it was such an interesting, I guess, sort of perspective that I had this sort of, you know, you’re not going to succeed in security, and you’re never going to be able to come back, you’re you can never cross the lines again, you know, it was this, like making it sort of this like, well, you can’t do both sort of a thing. That was a big challenge, because I had to essentially go back and say, Well, I can do this. And what I found was going on the cybersecurity side, I actually am far more technical than I was before I understand way more operating systems, I understand development way better than I used to. And so I guess sort of pushing through that barrier of a lot of people saying no, like, No, you can’t do this, No, you aren’t going to be good at this. No, you don’t have the skill to do this. And really being given a chance to show that I do that that was sort of tough that it took me a couple of years to make that transition from it to cybersecurity. And, you know, I had one very great mentor of mine, Philip Culp, who gave me my first shot. And so, you know, and then I was able to sort of go from there. But so I would say that was the biggest challenge. But the biggest thing that helped me was finding a great mentor and someone who was willing to take a chance on me and for me to you know, show them my skill. But yeah, that was that was pretty tough.
Eveline Oehrlich 32:35
Wow. Fantastic. Well, thanks to your mentor for supporting you, and thanks to you for sticking it through. That’s quite impressive. So I have one more question. I know you are very busy, and you do a lot of things, but you must have some fun. What do you do for fun?
Dr. Nikki Robinson 32:52
Oh, yeah, I’d love this question. Yeah, I actually, I I’m very big into fitness. Like I love all things, outdoor activities, hiking and biking and running. So I love I’m actually signed up for a couple triathlons. So I love running and biking and swimming. And, and that’s what I do for fun.
Eveline Oehrlich 33:11
Wow. Wow, this has been a great conversation. You and I could go on. I would love to stay connected. I think there are some things maybe we want to do together.
Dr. Nikki Robinson 33:21
That would be great.
Eveline Oehrlich 33:22
Thank you so much for being on our podcast. I really appreciate it. You are a wonderful, wonderful individual. So thanks again. We have been talking to Dr. Nikki Robinson, security architect, adjunct professor, volunteer and book author, and many many other things again, Dr. Robinson or Nikki, thank you so much for joining me today on Humans of DevOps Podcast. For those who are listening. Yes. And for those listening in make sure you check out the book Mind to Tech Gap Addressing the Conflicts Between IT and Security Teams. It is on my list order. I actually already pushed a button on my Amazon. So this is great. Humans of DevOps podcast is produced by DevOps Institute. Our audio production team includes my good friend Julia, Pap, and our hardworking Brendan Lay, thank you to both of those. I’m humans of DevOps podcast executive producer Eveline Oehrlich. If you would like to join us on a podcast, please contact us at this is a very long name, but I’ll read it out Humans of DevOps Podcast at DevOpsInstitute.com. I’m Eveline Oehrlich, I’ll talk to you soon.
Narrator 34:35
Thanks for listening to this episode of the Humans of DevOps Podcast. Don’t forget to join our global community to get access to even more great resources like this. Until next time, remember, you are part of something bigger than yourself. You belong