Diana Riley


1. In layman’s terms, explain what you do. 

I am a security and privacy professional for the Government Savings division of Ascensus. I am responsible for driving IT Security Compliance / Governance, developing and managing corporate IT security policies, along with user training and awareness. To accomplish these initiatives, I work closely with the Information Technology, Legal and Risk & Compliance departments.

Having a balance of technical and people skills is really important for my job. You need to have a sound IT and Security background, but also how to collaborate with people

2. Tell me more about an exciting project you’ve been involved with throughout your career

We recently implemented two-factor authentication.  

Two factor authentication is a security feature that requires users to verify their identity in two ways in order to log into their account. It took us a year to build the web app and implement it onto our platform of web applications.

3. What have been the most challenging aspects of your career?

Being female and being black in an IT world. When I started out in 1997, there was an incredibly small percentage of women, and no black women that I encountered. In the here and now I do see change, but the growth is small and not happening fast enough. The more technical the role is, the less likely you are to see women in it.  

As I’ve gotten older, I’m more comfortable with working with just men, but I think we can and should be doing more to increase the number of women in the field. The best way to accomplish that is to start teaching girls at a young age about IT and the various roles they can have in that field.

4. How did you first get involved in SCFG?

A friend of mine is actively involved in SCFG. He thought that I would be interested in the club’s mission, and I was looking for a new way to contribute to my community. It was a natural fit!

5. What does being a security professional mean to you?

Applying the tools and applications that intensely smart computer scientists invent to deal with real world situations of keeping people and their data safe.

6. What has been your greatest achievement in your career so far?

 I am most proud of acquiring my Certified Information Security Systems Professional certification. It is a highly valued certification for experienced security professionals. It is an extremely hard exam, that certifies that a professional has a deep understanding of not one, but ten domains!

After I took the test, I sat in my car and cried. I was convinced that I had failed. Thankfully, I passed. I think I was reminded to have confidence in myself – I am stronger and smarter than I sometimes give myself credit for.

7. What do you believe is the most important thing for girls to know before pursuing STEM?

Don’t look at who is already in the field that interests you (i.e. only men or some other demographic that puts you in the minority) and let that sway you. If that field interests and excites you then don’t let the lack of people who look like you be the deciding factor against pursuing it. Granted if you choose a field that has a make up that doesn’t match what you would like, Yes, some days will be really hard, and yes, it can get lonely but think of it this way, you’ll be doing something that you love, and something you think is important. That will always get you through.

8. What problem would you like to see solved by STEM in the next 10 years?

A lot of girls don’t even know about all the possible career paths in STEM. We don’t engage them early enough.

Last year, I had a summer intern. She was a marketing major, but I worked to engage her in everything, and teach her more about the cybersecurity space. At the end of the summer, she told me that after seeing what a career in security looked like, she wanted to change her major. Unfortunately, she was too far along in her college career to make that switch. There are millions of girls like her that could be incredibly successful in STEM if someone took the time to educate them.

9. What motivates you?

I love what I do! Information Security is a job but it’s a job I love. I’m getting paid to do something I find meaningful and exciting!

10.  How do you define success?

 Am I happy when I wake up in the morning? Do I look forward to the tasks ahead of me for the day? Knowing that there is value in what I do & that what I do is appreciated, needed and in many cases required are huge factors in that.

11.  What one discovery in science do you most admire and why?

The processors and disk space capacity of today’s computing devices. The speed with which we process massive amounts of information is increasing at a dizzying pace. I think about the size and capacity of an internal disk drive for a Unix server in the early 2000s and compare it to the capacity of something like iPod classic. That server’s disk size capacity was 32GB and was the size of a long box of Kleenex and weighed a couple of pounds. While an iPod classic is a fraction of the size and holds up to 160GB. Devices continue to get smaller, lighter and their capacity or processing power continues to increase. Technology is pretty amazing! 

12.  What one book do you recommend everyone read, and why?

Schneier on Security BY Bruce Schneider. I read this book while working on my masters. Cybersecurity isn’t particularly flashy or exciting, but it is necessary. This book stood out. It got some important lessons across but was also really interesting!   

13.  If you could invent anything or make any discovery, what would it be and why?

I spend my morning reading through the news to learn about various types of breaches and changes in cybersecurity legislature. I have to scroll through a ton of sites and I still miss things! A platform that condenses all that information into one place would be awesome.

14.  Who were your mentors? 

My first mentor was my very first supervisor working for the Bank of Boston. He taught me a lot about finance and investment funds – the field I now work in.

I met another very dear friend at a networking event. I’ve now known her for 16-17 years. She’s advised me about many things outside the job itself that help take me to the next level.

15.  What draws you to Science Club for Girls?  

The opportunity to help create programs for young girls that showcase the great aspects of technology and the place they can have in that world

16.  What do you do outside of work?

A lot of gardening and traveling!

17.  If you could go back in time what advice would you give your high school self?

 Concentrate on math more! It was never a favorite subject because I didn’t understand the various mechanics of it and no one made it interesting or exciting for me, so I didn’t push myself to understand it better.  

18.  What would you say are the top three skills needed to be a success in your field?

  • The ability to wear various different hats as the business need arises

  • Thinking outside of the box

  • Converting techy language to English and vice versa based on the audience 

19.  How would you say your gender has impacted your experience in your career?

It has given me more patience and made me more tolerant. You learn to pick your battles and work towards your end goals.

20.  How do you think your field will change in 10 years?

IT and Information Privacy and Security are on a growth trajectory. The more bad actors we have trying to steal data, the more you need experienced professionals in those fields.

The laws and regulations for cybersecurity are changing. The security and privacy laws that exist today are sometimes outdated and written at a time where the authors didn’t foresee the future in which technology has evolved into. However, in the next few years I envision many of those laws will change or new ones drafted to fill the current void.

Shreya PatelComment