Search

Talent Stories - Alina, Head of the Global Cybercrime Fighting Unit

In this series "A story of talents" our employees share what they are passionate about and their expertise. Today, we focus on Alina's journey and her view on cybercrime jobs.

What is your job?

My job is open-source investigation, that is, what is on the internet and visible to everyone. Unlike the teams that work on what is in the client’s business, at the heart of the company’s network, I’m outside, supporting the company.

I’m the camera in the street that watches who goes into your home. I’m the guard. 

The aim is to identify what we call “weak signals,” anything that may make me think that there’s something that will work against companies. Against the people and VIPs, this essentially happens via social networks; against IT departments, which are obviously the other main target, we’ll focus on the different forums that mention a specific entity and are looking for information about this entity. 

So, your job is really to be an investigator?

Yes, we conduct real investigations, but with a limit: I can’t do the police’s work.

Let me give you an example: I have a client that was compromised, internally. The incident response teams intervene on the client’s premises, but they come to me to ask me to look at everything that has been said recently about this client on the web, if the client’s IP address or data are lying around somewhere... I gather all the information that may possibly relate to the case. 

And, you also carry out a permanent watch?

Yes, our mission is to identify as many weak signals as possible. We monitor domain name registrations, denigrations… anything that can foretell a potential incident. It’s a daily task. 

But don’t you feel dizzy seeing the mass of data in circulation! How do you find your way through? 

The answer is, it’s “human and tech.” We have the technologies and the tools. We have a methodology and procedures.

Today, the main issue is not so much the security systems – companies are gaining better and better protection. The problem is that humans don’t interpret information well. We’re bombarded by e-mails all day long and the error is clicking on a link. The main way in (and out) today is humans. 

Is this fight against the external threat a crazier and crazier race?

Yes. It’s very difficult to face someone with malicious intentions, you can’t know in advance what they’re going to do, because their aim is specifically to get ahead of you and around you. My objective remains to identify when someone has found a backdoor in somewhere and to seal it off as close as possible to an incident, before or afterwards. Sometimes I manage, sometimes I don’t. 

And when you haven’t seen it, sometimes it’s too late – how does that make you feel?

You can be very annoyed when you don’t see a weak signal and you don’t interpret it as such. But we have the experience. And we’ve learned to accept failure, that we can’t see everything.
I can’t commit to results – I have a commitment to clients based on means. I work with materials that are not mine, I work with what I have and also with what I don’t have…

The world of cybersecurity is an environment in which you often use military vocabulary, essentially a male environment. How do you find your place there as a woman?

I come from a foreign country where men and women do the same jobs. I’m never positioned in relation to men because I’m a woman. 
It’s true, when I started my first job, I came into an office where there were men… and me! Everyone was looking at me, but to me it wasn’t a problem. It’s not an issue. I know my place.

But you’re aware that as a woman in a job like yours, you may be inspiring and held as an role model

Inevitably, here, yes. And that’s why I try to employ more women in my teams. There are more and more of them, and it has taken me many years – it hasn’t come easily, because women don’t apply.
The situation finally changed a lot between 2015 and 2016. Since then, women have been opening up to these roles. 

Which specific qualities does your job require? 

To be resilient. This job isn’t easy, it’s painstaking work. You have to accept failure. Know when to stop, to not persist too much.

And then, curiosity. Wanting to get to the end.  

And what are the main difficulties, the biggest challenges to overcome?

The most difficult thing is to juggle the information and requirements. We’re in a crisis situation very often. Clients are stressed. You have to deal with the pressure and keep up with the pace. 
It’s a fascinating job. In our work, ethics must always guide us. Rectitude or a sense of duty are at the heart of our profession.

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline!