Neither do princesses only appear in Disney movies nor is there only room for men in technology. There are various women in the ranks of the Mountain View giant but if we are talking about IT security, one of them stands out in particular. She chose her own nickname: she is Google’s ‘Security Princess‘.
She is Parisa Tabriz, one of the 250 engineers responsible for protecting Google Chrome users and the US company’s infrastructure and systems. Tabriz chose her title before a trip to Japan in which she had to give conferences on her work.
Even the White House has hired her services after suffering a cyberattack last October that affected the institution’s IT systems. At least that is what is said on Tabriz’s CV, where it appeared as a top secret mission. But do not look for ‘top secret’ on the document: she deleted this entry after the mission was made public. However, you can read that in November she collaborated with the US Digital Service.
— Parisa Tabriz (@laparisa) octubre 24, 2014
Parisa Tabriz is part of a team of hackers whose job is to basically think like a criminal. They sniff out software vulnerabilities and bugs that could be used by cybercriminals to access Internet users’ data. They have to find them before they do in order to fix them and prevent attacks.
She earned her engineering degree from the University of Illinois, where she discovered her passion for computing. There she joined a special club: its members met up on Friday nights to discuss the ins and outs of Internet security. At that time, Facebook did not even exist and nobody had heard of the ‘blue bird’.
That group of amateurs was particularly interested in steganography, the practice of concealing messages within another item, such as a text or photograph. It is actually a form of encryption used in Ancient Greece (the word comes from the Greek word ‘στεγανος’, which means concealed, and ‘γραφος’, meaning writing). The group used to conceal the information in images of cats that were sent via email.
Parisa joined Google in 2007 as part of the company’s IT security department. Now she is the leader of a team of 30 hackers who, from the US and Europe, prevent attacks related to the Chrome Internet browser.
As soon as the hackers discover a vulnerability, they fix it quickly, so they are constantly updating the software without users noticing their work. They work in the shadows so that your data and Internet purchases are kept secure.
In 2011, they discovered that the Dutch authority that manages Web security certificates (DigiNotar) had been hacked, affecting hundreds of thousands of Iranian Gmail users. All of the signs pointed to the perpetrator of the attack being the Iranian government and the volume of fraudulent certificates was so high that the agency had to close.
As well as leading the security army, Tabriz is responsible for hiring new experts to regenerate the ranks. One way of finding them is through contests and hackathons. Google organizes meetings in which independent hackers can look for bugs in its programs.
However, they must be careful. Some researchers could benefit from their findings and demand money for the information or even sell it to cybercriminals, who would use it for illicit purposes. Governments also use security holes in certain software to monitor companies and citizens.
Therefore, you have to know everything about the steps and advances in cybersecurity. Tabriz attends hacker conferences and meetings worldwide and gives seminars on her work to other members of the company.