Nikki Robinson, DSc / CISSP / CEH

PROFESSIONAL SUMMARY


I have been in IT and Security for most of my career, serving in Leadership, Operations, and Security roles. I began working on Corporate Helpdesk before moving to a customer site to become a Systems Administrator. I soon became a Senior Systems Administrator, while finishing my master’s degree. When I moved into a Remote Access Lead role, I started helping the Security team with investigations, as I was able to pull forensics data from virtual desktops. These opportunities began my appreciation and excitement in the Security world, and thus began the Doctorate program. I wanted to help understand why vulnerability scoring may impact prioritization and remediation. As well as helping leadership understand potential implications around not remediating medium and low vulnerabilities. My background in IT gives me the troubleshooting edge when it comes to vulnerabilities and common issues in cybersecurity. Security gives me the freedom to explore new technologies, methods of attack, and vulnerability management solutions, while also providing value to my customer. I love what I do and feel fortunate to get to help teach Cybersecurity along the way.

EDUCATION AND TRAINING


Capitol Technology University: PhD in Human Factorscomplete December 2021

Dissertation Title: A Qualitative Exploratory Study into Vulnerability Chaining Blindness Terminology and Viability


Capitol Technology University: Doctor of Science (DSc) in Cybersecurity – complete April 2019

Dissertation Title: An Examination of Vulnerability Scoring Using Chained Vulnerability Attacks

Relevant Courses: Pedagogy in IA, IA Strategic Management, Applied Research in IA, Research Design


Capitol Technology University: Master of Science (MS), Information and Telecommunications Systems Management with a concentration in IA – complete December 2012

Relevant Courses: Malicious Software, Network Systems Security, Project Management, Managing Information Systems, Psychological Factors in Systems Management


University of Phoenix: Bachelor of Science (BS), Information Technology with a concentration in Software Engineering – complete August 2010

Relevant Courses: Web Development, Technical Writing, Java, SQL

SPEAKING ENGAGEMENTS


-[Upcoming] DevOps Summit (Nov 2022).

-[Upcoming] IBM PREVAIL (Oct 2022).

-[Upcoming] United Women in Cyber Conference (Sept 2022)

-Web3 Summit (July 2022). Privacy and Security Panel

-DOE Cybersecurity and Technology Innovation Conference (Jun 2022). Who Watches the Watchers? and Keeping Ahead of the Threat

-CybHER Conversations (Jun 2022). How I got into Cybersecurity / Motivational talk

-DevSecOps Days Pittsburg (Apr 2022). Chaos Security Engineering

-ICIT Spring Briefing (Apr 2022). Secure Configuration in Government

-CyberChiCon (Apr 2022). An Exploratory Study in Vulnerability Chaining Blindness

-CapTech Talks (Mar 2022). Critical Challenges between Private and Public Sector

-GRIMMCONx06 (Dec 2022). Trapping the Truth: Using Behavioral Analysis Techniques to Improve Security

-Texas Cyber Summit (Oct 2021). Behavioral Psychology Techniques to Protect Systems.

-IBM PREVAIL Conference (Oct 2021). From Pentesting to Chaos Engineering

-InfraGard Maryland Annual Chapter Meeting (Oct 2021). Human Factors - Perception and Cognition

-CMS CISO Forum (Oct 2021). Vulnerability Chaining Deep Dive

-WiCyS Conference (Sept 2021). An Exploratory Study into Vulnerability Chaining Blindness

-Cyberjustu Con (June 2021). The Emerging Field of Human Factors in Cybersecurity

-BSides SATX (June 2021). But what about those medium and low vulnerabilities!?

-BSides NoVA (June 2021). Integrating the Psychological concepts of Perception and Cognition into Cyber Practices

-RSA Conference (May 2021). Lab Team Lead for Human Factors Workshop

-DISA Monthly Meeting (Apr 2021). Linkage Blindness / Vulnerability Chaining PhD Research

-InfraGard (Jan 2021). Moderated a panel on Ransomware in the Private Sector

-International Cybersecurity Leadership Conference (Jan 2021). Topic: Bringing the Human Element to Cyber Leadership

-Capitol Technology University Webinar Series (Nov 2020). Topic: Increasing Sophistication Behind Business Email Compromise Attacks

-PrivSec Next Thursday Conference (Jun 2020). Topic: Proactive Security Awareness

-WhiteSource Virtual Summit (Apr 2020). Topic: Secure Coding and Vulnerabilities

-DoD TechEx Conference (Mar 2020). Topic: Vulnerability Management in the Public Sector

-BSides NoVA (Mar 2020). Topic: Let's Talk Vulnerability Chaining

-ISSA Central-MD Monthly Meeting (Feb 2020). Topic: BEC - More Sophistication, More Problems

-FBI DSAC Open House (Nov 2019). Topic: Business Email Compromise – A Technical Analysis

-PrivSec NY Conference (Nov 5th and 6th 2019). Two Panels: “Third-Party Risk” and “NYDFS Cyber Regulations”

MOST RECENT EMPLOYMENT HISTORY


Security Architect

-Implemented Threat Hunting and Threat Intelligence practices into Security Engineering team

-Member of the Cloud Security Architecture Working Group

-Member of the Vulnerability Management Working Group

-Assist with investigations, to include the use of forensics tools and methodologies

-Provide reports and research on emerging threats and latest cybersecurity trends

-Conduct security assessments and testing for agency’s different cloud platform types (i.e., IaaS, SaaS, PaaS)

-Provide technical guidance and implementation of systems based on the NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), NIST SP 800-53r5, and NIST SP 800-30

-Conduct on-demand scans, assessments, and audits to assess the security posture of on-premise / cloud-based systems

-Conduct vulnerability scans / assessments against agency systems, web applications and services

-Conduct assigned activities within the Incident Response and handling lifecycle

-Coordinate response, triage and recovery activities for security events affecting the agency’s information assets

-Assist with expanding and maturing existing vulnerability management and incident response processes and activities

-Created and conducted training on the NIST RMF to System Owner’s, ISSO’s, and Systems Administrators

Capitol Technology University (Laurel, MD)

Adjunct Professor, Doctoral Student Mentor / Chair

RSC 815 - Problem Solving with Quantitative Methods

RSC-825 - Strategy in Information Assurance

**Currently mentoring Doctoral students as both a Chair and committee member to support doctoral research and defense.

VOLUNTEERING


-Volunteer speaker for InfraGard, WomeninCyber (WiCyS) Chapters, ISSA, and Cyberjutsu organizations


-President, InfraGard Maryland Membership Alliance


-Editor, InfraGard Maryland Monthly Newsletter


-Review Committee, InfraGard National Journal

ACADEMIC / CV


-ICIT Fellow beginning Jan 2022

-Spoke at the April 2022 ICIT Spring Briefing on Government Standards


-Cybrary Fellowship from October 2019 to October 2020


-Courses with Capitol Technology University

-Literature Review (Doctorate Research)

-Mobile Application Security (Healthcare)

-Problem Solving with Quantitative Methods

-Applied research in Information Assurance (IA)

-Research Theory and Practice


-Course with Cybrary (Feb 2020). Topic: Vulnerability Management: Enterprise Risk


-Course with Cybrary (Oct 2019). Topic: NIST Risk Management Framework for Executives

AWARDS


-Jan 2022 - 40 Under 40 in Cybersecurity - TOP Cyber News Magazine


-October 2021 - GRC Awards (Nominee) - GRC Rising Star Award


-October 2021 - Cyberjutsu Awards (Nominee)


-August 2021 - InfraGard Southeast Regional Leadership Award


-October 2019 - InfraGard Leadership Academy Award