As we celebrate National Cyber Security Awareness Month this October, we’re talking to key leaders and startups across the Southeast about how we can keep our online lives safe.
A trailblazer in the arena of cybersecurity, Tomiko Evans is cybersecurity specialist and program manager in Atlanta. Originally from Dixmoor, Illinois (a suburb south of Chicago), Evans currently works for the Cybercrime Support Network (CSN), a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime.
“As a cybersecurity specialist, I am creating a cybersecurity program that will bring cybersecurity training to everyone that works at CSN. I’m using this Cybersecurity Framework by NIST and NICE to help with the process of training and to help bring the program together for each component dealing with risk, policy, and having a playbook to recover for incidents that happen with our company,” Evans said.
Considered a leader in the conversation of cybersecurity and drones, Evans is one of the Atlanta Chapter’s founding members for the Women’s Society of Cyberjutsu and was appointed a judge for the 2020 Ally of the Year Award for Inteligenca, Inc and the 2019 Cyberjutsu Rising Star Award. Evans was also the 2019 (ISC)2 ISLA Up-and-Coming Professional of the Year Award recipient.
A mentor with the Executive Women Forum (EWF) and the creator of a group called Cybersecurity Momentum Movement, which helps people get jobs and opportunities in cybersecurity, Evans started a company called Aerial Footprint to research the vulnerability of drones in an effort to produce books and courses on drone cybersecurity. Evans is also a FAA Part 107 Certified Drone Pilot.
“I started talking about drones because nobody was talking about drones in cybersecurity,” Evans said. “I did a demo at ISC Square and I hacked into the drone to show people how you can hack into the drone while it’s in mid-air using a phone or tablet, and how it’s not secure.”
“My Godbrother introduced me to drones. I was interested in helicopter and planes but I never heard about drones. I looked it up and I saw a conference here in Atlanta. I went to it and when I saw the demo they were using a phone and a tablet. I started wondering how is this information being secure while it’s being transferred.”
A graduate of Clark Atlanta University (computer science) and University of Maryland Global Campus (cybersecurity), Evans worked as the IT Systems Administrator for the Georgia Aquarium prior to getting into cybersecurity.
She attributes a couple of incidents that point her career in the direction it’s going now.
“I was telling my cousin that I wanted to go back to school to get my masters in something and we were watching a television show called “The Good Wife,” Evans said. There was this one lady, her name was Samra, and she was the investigator for the lawyers. And she was trying to hack into someone’s computer to steal the data so that her attorneys would win.
“My cousin jumped up and said ‘You can do this, you can do some type of digital computer forensics.’ And we started researching.”
Also, while Evans was working at the Georgia Aquarium, Atlanta-based Home Depot was hacked. Home Depot co-founder Bernard Marcus was the aquarium’s CEO during this time and wanted to make sure that the same thing would happen to them.
It became Evans’ job to make sure that didn’t happen.
“That’s when I found out I was doing cybersecurity instead of digital forensics. I started managing all computers making sure that credit card systems and learning this standard called PCI-DSS,” Evans said.
With cybersecurity still being a relatively new field, Evans says that something is desperately needed is ethical leadership. People who not only understand cybersecurity but who are able to take the field beyond where it is now.
It’s key because cybersecurity is kind of new and you want that leader to guide you and help you understand that it’s okay to be innovative, it’s okay to think outside of the box,” Evans said. You have to understand what cybersecurity is. I like my mentor, Dr. Mansur Hasib’s definition: ‘Cybersecurity is the mission focus and risk optimize governance of information which maximizes confidentiality, integrity, and availability using a balanced mix of people, policy and technology, while pertinently improving over time.’”
“We live it every day. And if the passion and the drive of understanding what cybersecurity is, when you do have to protect the confidentiality of the information, the integrity of the information, and the availability of will tap into that information, it’s an experience.”