Hello Aishwarya please tell us briefly about you.
My name is Aishwarya, it means prosperity in Sanskrit. I am known as Aish, in short. I am originally from Bangalore, India and I now live in Munich since the last 7 years. I did my Masters in Power engineering from TU Munich with an honors in technology management from the CDTM. I am a proud feminist and take joy in simplifying technology for people.
What do you do for a living?
I head customer success at Maltego. Maltego is a link analysis tool which helps investigators from different industry segments, law enforcement, cyber security operations and trust and safety teams link together different sets of data to form a connected visual picture. Think finding a criminals phone and knowing who he called when without going through their call log, or think footprinting the entire network infrastructure of a fake company that owns many other companies that launder money.
As a part of customer success, my team enables investigators across various industries achieve their investigative goals through the tool through regular onboardings and developing personal and trustworthy relationships with them for the long term.
What exactly stands behind your job title?
I am Head of customer success at Maltego. Quite a lot stands behind my job role and I am very proud of what we’ve built in the last 3 years in the team. When I started in this role, we were but a company of 3 people in Munich. My time then was devoted to firstly being very close to the tool and understanding the industry in as much depth as a could as someone who does not come from this background. I then started working on scaling processes from scratch on customer support, onboarding and retention by getting more involved with the cyber security field through the use of Maltego at various organizations and strengthening personal relationships through in-depth understanding of pain points.
Now that the team has grown significantly, (by the way, we are hiring!), majority of my time, about 80% goes into supporting the team in their activities with the customer, tweaking and redefining processes and metrics and ensuring fulfilment of their daily, monthly,yearly goals both professional and personal.
So what is CyberSecurity?
Cyber security is a very broad term. For large MnCs, cyber security can mean protecting their company data or customer data from being leaked, to ensuring company employees are trustworthy and are not informants leaking data out. For some others, it may mean ensuring the network perimeter is safe, and cannot be hacked, for example, imagine if Amazon got hacked, all our credit card information to our addresses are at stake. Not to get into too much detail, but cyber security can also mean security around ensuring industrial control systems (like the ones which run our power plants) are not hacked. Think Stuxnet.
For law enforcement, cyber security can mean preventing child sexual abuse, human trafficking, illegal weapon trade, drug trade or even fake bank account or credit card leaks.
What is malware?
Malware is also a broad term. Malware stands for malicious software, the name mostly says it! Within malware, one has virus’, trojans,spyware or ransomware. I get quite excited when talking about the ways hacker recreate and bend tech to use it harmfully and how law enforcements take them down. One of the malware attacks I like to describe the most is the wannacry attack that impacted the NHS in 2017, purely because of how close it hits home. The wannacry attackers used a vulnerability in end-of-life Microsoft Operating systems and exploited it by encrypting the data on the systems and asking for ransom in the form of cryptocurrency to release the data back again. Wannacry impacted the NHS the most because it shut down critical health systems like MRI scanners, medical information stored on systems, and even surgical theater equipment.
Why is malware a problem?
Basically malware either supports stealing your data so it can be sold off on the black market or holding your data for a ransom until you pay it off. All of this is troublesome as someone knowing your credit card information combined with your social security number, for example, can lead to an identity theft. On a corporate level, phishing attacks through malware, for example, can lead to unauthorized access to your company network and confidential company information.
Where are the main entry points for cyber attacks?
Many. Cyberattackers use every and all possible ways to get information. Phishing is one of the ways, for example, company employees getting an email from their “CEO” about a pay raise if they click a link on the email asking for their bank details. Computers or phones can also be hacked. Recently, any IoT device can also be an entry point for a cyber attack, your smart fridge or smart home are all entry points for an attacker to gain access to your network and the information you store. Vulnerabilities can exist in every device connected to the internet.
Is there also a cyber police?
Yes! In Germany, the BKA (Bundeskriminalamt) has a cyber crime unit. Many of the german state polices for larger states also have cyber crime units. The fbi, Indian police, Interpol, Europol, NCA, basically all countries have cyber crime departments as well. They have made it quite easy to reach them should you suspect a cyber attack either on yourself or someone you know, they are all just a google search away.
How can an average person defend herself against a cyber attack? How can we protect ourselves?
This is a tricky one, and there is no fully right answer to this unless turning off the internet and living like a cave man is one of them. A few simple things I do, don’t use the same password for all your logins, preferably use a password manager/generator. Use 2 factor authentication wherever possible. Do not give your details out over the phone even if you think it’s a trusted party. Ask for an official email or letter, if they are the right folks, they will have that information. And super important, double check and even triple check the sender of emails that you were not expecting. If the email is garbled or has an odd address, ignore it or report it to your company.
What are your main fields at Maltego Technologies?
The maltego tool is used in all fields. We have categorized this into trust and safety (Think ensuring the non-counterfeit products are sold on eBay), law enforcement and cyber security operations (securing corporate networks).
How did you get into a technical profession?
This is difficult one to trace my grass roots back to, haha. To be honest, I was always very interested in new technology and gadgets or even the small toys that I had as a child. Back then, if you were bored, you’d just rip apart a toy or the tv remote and that’s just what I did. Additionally, my father loves new technology and is an early adopter. So among my peers, we were the first house to have a *really* large ericsson mobile phone that was twice the size of my face and also a dial up internet that took a 100 tries to get connected. I loved the “magic” computers did when you pressed shift and a number and symbols would show up as a 4 year old. It was inevitable I’d get into technology just because of how wide-eyed I was about painting on MS paint, learning how to use the annoying ibm thinkpad trackpad and exploring the internet when it was much safer place than it is now.
Who or what inspired you the most to choose a technical profession?
A lot of things. I discuss with my husband how blessed we are to be millennials because of how we have evolved alongside technology like siblings and have become aware of its benefits and evils. Through school in India and my peer group, it was always considered cool to know how things worked. We did small projects in labs in school in physics, and chemistry and during Christmas, we used to design the entire crib for our class and be very proud of being able to circuit up the lights and watching the bulb glow when the batteries came together. Just saying this brings back fond memories. It has been ingrained somehow in the studies I took up in school and watching things, whether it be code of electric circuitry, come to life. Some students of course don’t take to it and they choose alternate professions but for me, I loved all things technical. I took and still take immense pride in being a science geek. I can’t wait for the day to explain thermodynamics to my kid when they ask me how the fridge works. I just can’t. I love coding a lot as well, all a part of making things come alive. Knowing I will continue the passion to code as a hobby, I majored in electrical and power engineering. Electrical is a difficult subject but relatively harder to learn by yourself in depth, which is why I made this choice.
Have you always been interested in technology and/or programming?
Mostly. I did have brief creative moments in between where I wanted to be a journalist (because I liked to write), but I snapped back into tech again because of how much I loved to write code or work on computers.
Did your parents and teachers encourage your love and interest in computers?
I think it was mostly my parents and my peer group that encouraged my love and success with computers. Computers were the only thing I ever “won” at. My parents pushed me into a lot of things as a child, I was playing tennis, going for piano lessons, playing basketball, name it – just the typical Asian kid. But if I felt successful at something, if I felt like I achieved something, that was with computers. Other children in class were in awe of how I could make ppts as a 10 year old (word art, lol), I won power point competitions in school (yes that was a thing!), I answered tricky coding questions as a 15 year old that no one would get, and I coded microprocessors on robots as a 21 year old like it was no bodys’ business. It let me zone into “my achievement”. No competition, no hustle, this was mine. And I think that joy translated into more people believing that I was actually good at it.
What do you like most about your job?
There are quite a few things I enjoy about my job. One of the biggest motivators in any job for me is for it to have a bigger purpose. Currently, my job fits into that area through many layers. One, I get to support teams fight crime, terrorism, and illegal online activities such as child abuse, phishing and malware through the use of Maltego. Two, cybersecurity being a rapidly evolving field, I get to learn every single day. And lastly, I absolutely enjoy being in the crux of technology and people. To be able to be so close to technology and translate that into relationship building both within the team and externally is a joy that holds no bounds for me.
What is the best thing about your daily work for you?
Waking up and wondering what curveball it will throw me. Every day is different and with it comes new challenges which means I get to experiment with new tactics or learn something completely new.
Where are you most likely to be found in your free time?
I use my free time to relax with my husband and dog, do yoga, cook food or go for a run.
What message would you like to give to women or girls who are interested in technology?
If you want to learn something new, or go into a specific field, leave behind inhibitions of your past and what you studied and what degrees you hold. Just jump right in and do it. Find a mentor in the field, reach out to other women and ask them to support you. I have NEVER seen a women (or men willing to support) saying no to helping others climb the ladder.
Which advice do you still follow today?
Trust your instinct. Train yourself to listen to your gut, its an instinct we have evolved with. When taking difficult decisions, go where your instinct asks you to.
What challenges do you encounter as a woman in your own job?
As a women of colour, oftentimes I end up being the only one of my kind at conferences and talks. This led to comments of me being “not good enough” and experienced men trying their best to pull me down because their egos couldn’t let a women of my age and background rise faster than they have throughout their work history. My organization now is very supportive, and they encourage me to go into cold waters to the point where “cold-water” can be my middle name. But I have had to go through many loopholes of being rejected in jobs I fit into well without adequate reasoning, being verbally abused because of “boy band” syndromes where a group of men felt they were right and I was wrong. It takes a different kind of strength to brave through such incidents, but it only makes you stronger for the next curveball coming your way.
What tips do you have for interviews for technical positions?
This may seem like a silly advice, but be honest, the whole fake it till you make it will fall through once a bit of digging is done. Tell the interviewers what you know, what you don’t and what you know they want you to know and will learn in the next 3-6 months. This also not only helps interviewers and hiring managers set salary and learning bonus goals, but also gives a clear picture into your personality. This does not mean you undersell yourself, i.e. “I know people do a better job on such a practical but I did what I could.”
Unfortunately, women in technical professions are still a minority. What are your thoughts on this topic?
As an Indian women in technology in Europe, seeing outside in, I see a larger disparity in the number of women in tech in Europe than I do in India. One of the reasons for this, as I mentioned earlier is that technology is deemed cool in India. It’s not the “wierdos” who get into tech, and it’s not the anti-social kids who get into tech. So I believe it’s all about promoting technology as cool, achievable and as having lifelong pay offs. Another perspective to this that I want to explore is that, oftentimes we ask women in technology why they picked tech, but we need to start asking women who did not pick technology why they didn’t. Was it because they were told it was difficult? Was it entirely because they loved it liked a different profession? Was it because they did not have role models or inspiration? Or were they told tech studies lead to dead end unglamorous jobs?
Depending on that, I would reframe the stance we take into bringing women into technology more. I strongly believe it’s the glamour surrounding technology is dulled out, which makes women not even take a passing glance. When you speak about black holes, suddenly everyone wants in. When you speak about vaccines for corona virus, everyone wants in. Its’ about the positioning around technology that needs to change. And those of us in tech, need to be loud about why this is the coolest thing we do.
What do you have in common with other women in technology?
The feeling of being an imposter and the grit with which I want to fight every day to watch the patriarchy to fall.
Please describe a difficult situation that that you encountered in your job in the past.
I’m going to speak about this from a macro level, since the details don’t matter much. One difficult situation worth mentioning is about drawing boundaries and speaking up. As women, we are asked to be polite and not step on toes. In the past, there have been times when I’ve wanted to put my foot down and tell someone they were in my way but conditioning made me shut my laptop and bury that anger. It’s important to be emotional and tell people how you feel about a situation. Yes, they say, breathe and think before you say anything and that you certainly must. But not saying anything at all when things are going south is a no-go. It means you are either in an unsafe environment or it is your conditioning asking you to shush. If it’s the former, get out and if it’s the latter, train yourself to speak up one word at a time. It deems respect and that you are the one at the steering wheel. I am an emotional person, and I was told that women in leadership positions mustn’t be. This is so far away from the truth. EQ is important, it helps take holistic decisions for the team and the company’s’ well-being. It’s important to have a finger on how everyone is feeling and being kind even when kindness is not your first response to a situation.
Where would you like to develop professionally and personally?
Professionally, I want to focus more time into technological learning. The more you become a manager, the further away you get from the wires and breadboards. I want to continue learning, and my recent obsession has been open source intelligence. I am currently finishing an online course on the same. Personally, I want to be more patient – with myself, with my growth, with people around me, and learn to breathe.
Who are your personal or professional role models?
Not to sound cliche but I find inspiration in every day people. My colleagues, each of them knows how to do something differently and better, and I organically try to pick up on those things. To be a feminist, I derive a lot of energy from the likes of Alexandra Ocasio Cortez, Kamala Harris in the way they stand up to patriarchy. I am moved to my core when I hear them speak. Women of color who make their voice heard inspire me in my every day fight to stand up for other women who are silenced.
Is there anything else you would like to hear from us or do you want to hear about a personal project of yours?
I do have a personal project. I have a meetup group for women in cybersecurity or women wanting to know more about cybersecurity. I started this group immediately after I attended a satellite women only even from the munich security conference 1.5 years ago, where I realized there were only a handful of attendees and the panelist came from around the globe who all insisted that they no longer want a satellite event, they want a main stage event. This shook me to my bones, and it still does. Why are we not a main stage event? Why is there 1 women in a panel of 5? I wanted to contribute to changing that. I do not come from a cyber security background and im sure many other women who were on that panel didn’t as well, but why should that stop any of us? So I started to look for a munich based group for women to find none, which is why I took it upon myself to start the movement. The goal of the group I made was to encourage women to learn more, speak up more and have an open platform to talk cyber security. Through this, I too wanted to learn more. We will most likely have talks coming up in the next months and I’m really excited to see women signing up for it!
To join, look up international women in cybersecurity on meetup, or hit me up on linkedin. And if you want to contribute with a topic to speak on or volunteer in helping me organize events, I am available on linkedin.
How do you like Germany (in terms of culture, open-mindedness, work-life)?
I love it. This is home. Munich especially, took some time to adjust, but Munich is the only part of Germany I know like the back of my hand. I enjoy the culture here, and the good hearted people. Every country in the world has its fair share of racism and odd balls, and Germany is not excluded, but that doesn’t make it a bad place to live in. I even complain sometimes that Munich has spoiled me because of how clean it is and how people are sticklers for personal space. I have been lucky to be a part of TUM and CDTM, both brilliant universities attracting international and talented people who I got to grow with. Germany has changed me as a person, it has made me care for myself more deeply, give myself time to breathe and push myself out of my comfort zone regularly.
You are also a speaker, what are your main topics and how can someone contact you?
I enjoy speaking on empowering women to be leaders, emotional quotient at work and encouraging women in and towards technology. My favourite technical topic to speak on is OSINT and person of interest/ trust and safety cyber investigations. You can reach me on linkedin or write me an email to firstname.lastname@example.org .
We also spoke with Aish during one of our #SpeakUps in April 2021, which will be published on our YouTube Channel in the next few weeks.