Campus News

Cybersecurity expert says system is ‘broken,’ needs to be fixed

Cybersecurity expert Theresa Payton speaking during her Distinguished Speakers Series lecture.

Cybersecurity expert Theresa Payton talked about the Equifax data breach and the 2016 election during her Distinguished Speakers Series lecture Wednesday night in Alumni Arena. Photo: Joe Cascio


Published October 19, 2017

“If you like to be bored, do not get into cybersecurity.”
Theresa Payton, cybersecurity expert and speaker
Distinguished Speakers Series

Theresa Payton didn’t mince words when describing the state of cybersecurity in the United States.

“It’s totally broken,” said Payton, a former chief information officer at the White House under President George W. Bush, who appeared Wednesday night at Alumni Arena as part of UB’s Distinguished Speakers Series.

Payton walked the audience through parts of her career and personal life while offering tips on how to keep personal information safe online. She also addressed questions from moderator Tom Ulbrich and the audience, which ranged from how to prepare for a cybersecurity career to more topical matters, such as the recent data breach at Equifax, the spread of false news and questions about the 2016 election.

Payton’s interest in technology began in the 1980s, when she was in high school. After earning multiple college degrees, she worked at Bank of America and other banks.

“It was an amazing experience,” said Payton, who said it taught her the value of customer service.

Next came the White House, where for 2 ½ years she oversaw information technology operations for Bush and 3,000 staff members. She noted the job’s challenges, including how only a fraction of those people worked in the White House, which she said was built for a “kinder, gentler, smaller time.”

Since leaving the job, Payton has launched a cybersecurity consulting company, a company that makes cybersecurity products, co-authored two books and joined the CBS reality TV show “Hunted” as a cast member.

She showed the audience clips of the show, illustrating the relative ease with which trained professionals can access personal information online. While discussing her consulting business, she drew laughs after sharing a story about how coffee shop patrons logged onto unsecured internet hotspots with names like “Fake Wi-Fi” and “Data Stealer.”

“This is how bad guys do it, and they don’t follow any rules,” she said.

While data breaches big and small are inevitable, Payton offered advice on how to best protect sensitive information online:

  • Use multiple email addresses. Payton recommended different accounts for banking, health care, social media and other forums that contain personal information. This limits exposure if one account is hacked, she said.
  • If possible, have a “kill switch,” which is a way to turn off the internet immediately in case of an emergency.
  • Be aware of cloud-connected devices. They can be helpful, she said, but because they’re susceptible to hacking, they should be turned off when not in use.

Of the Equifax scandal, Payton said it will likely “go down as the worst breach” of data this decade because of the amount of information stolen.

She touched base on the 2016 election, which is under investigation by numerous government entities. While not voicing an opinion, she noted that “political espionage can be conducted on a scale and speed that we have not seen before.” She also advised the audience to seek “trusted, vetted new sources” instead of social media — a line that drew perhaps the loudest applause during her speech.

Noting that she was first woman CIO at the White House, Payton spoke about the need to increase diversity in cybersecurity and, more broadly, science, technology, engineering and math (STEM) fields. She said cybersecurity suffers from “a branding problem,” noting that for many people it conjures thoughts of men working alone in dark rooms.

Despite those issues, she said there is a bright future in cybersecurity, everything from working in the government and law enforcement to banks and nonprofits.

“If you like to be bored, do not get into cybersecurity,” she said.

Lecture sponsors were the School of Management and its Alumni Association (SOMAA), Center for Entrepreneurial Leadership and the MBA program.