It will take a paradigm shift to defend our national security moving forward. Women and people of color should be at the forefront of this effort. Demystifying Cybersecurity, a #ShareTheMicInCyber and Ms. magazine monthly series, spotlights women from the #ShareTheMicInCyber movement—highlighting the experiences of Black practitioners, driving a critical conversation on race in the cybersecurity industry, and shining a light on Black experts in their fields.
As the majority staff director of the House of Representatives’ Committee on Homeland Security, Hope E. Goins is responsible for advancing and coordinating all committee policy and legislation, including cyber legislation, with the leadership of the House of Representatives. She also serves as Chairman Bennie G. Thompson (D-Miss.)’s top advisor on the oversight of the Department of Homeland Security and national security throughout the executive branch.
Most recently, she led the bipartisan, bicameral negotiation of the most significant cyber legislation in the past decade—The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which was signed into law in March.
A graduate of Tougaloo College and the University of Arkansas School of Law, Hope is also the best-selling author of the children’s book, The Adventures of Chloe and Chris: The Three Branches of Government.
Lauren Zabierek and Camille Stewart: What do you do? What does a normal day look like for you?
Hope Goins: I don’t have normal days! I negotiate cyber laws and policy as well as other homeland security legislation and policies. You can find me anywhere from a hearing room, to a member of Congress’ office, in a meeting with House leadership, or on the House floor. Wherever I am, I’m usually talking about security.
Zabierek: Do you get to ride the members’ elevator? I once hopped on because I didn’t know and a friend pulled me out, horrified.
Goins: Members are actually very human. They understand that we are all in a rush to the next hearing or meeting. They usually allow me to ride in the elevator with them. I ask before jumping on, though.
Zabierek and Stewart: Great tip for the unwitting! How does your work keep people safe?
Goins: I work with lawmakers to develop common sense legislation that authorizes programs to reduce risk to our nation’s cyber and physical infrastructure.
I led the bipartisan and bicameral—both chambers of Congress—legislation to create the Cybersecurity and Infrastructure Security Agency (CISA). CISA is the agency that is in charge of cybersecurity for federal civilian agencies and serves as the nation’s cyber risk advisor.
Additionally, I have led bipartisan and bicameral efforts to provide state and local cybersecurity funding to communities across the nation and improve the cybersecurity posture at historically Black colleges and universities (HBCUs), of which I am a proud graduate. Institutions of higher learning, especially at HBCUs, are very vulnerable to ransomware attacks. Support and education from both the executive branch and Congress can help mitigate that vulnerability.
Zabierek and Stewart: That’s incredible! Why do we need more practitioners in cybersecurity?
Goins: When a lot of people hear the word “cybersecurity,” they often don’t realize that it affects the everyday systems and services we depend on, like our utilities, banking and public transportation. That’s one reason why diversity in cyber is so important—practitioners must communicate information about cybersecurity and digital safety to all communities across the United States, including rural communities. Increasing diversity in cyber depends on how we recruit talent, and I am very proud of the efforts I’ve led to increase the number of cyber practitioners within the federal government to include the negotiation and passage of the DHS Intelligence and Cybersecurity Program Act which established a fellowship for students from HBCUs and minority-serving institutions to participate in paid internships focused on cyber at DHS, which upon successful completion, may result in participants receiving a job offer.
Institutions of higher learning, especially at HBCUs, are very vulnerable to ransomware attacks. Support and education from both the executive branch and Congress can help mitigate that vulnerability.
Zabierek and Stewart: So you are the author of the children’s book, The Adventures of Chloe and Chris The Three Branches of Government. What made you want to write it?
Goins: I encounter so many people that are curious about my job but forgot elementary school civics. Additionally, civics education is on the decline in many states. I thought a good way to educate would be through the lens of children in terms that they can understand. My hope is that my book inspires a renewed sense of democracy in this country.
Zabierek and Stewart: How did you get into cybersecurity?
Goins: When I started as a young Hill staffer, I was hungry to do any type of work. Surprisingly, most of my work was in privacy and homeland security, and I saw how that intertwined with cybersecurity. As time progressed, I worked on various cyber policy issues, from workforce and education to incorporating security in almost every sector.
Zabierek and Stewart: We have to ask since you just mentioned privacy—how do we pass federal privacy legislation?
Goins: Well federal privacy legislation must be discussed and negotiated in a bipartisan, bicameral method. We are getting there as comprehensive legislation was passed in late June. However, in order for the legislation to become law, there must be engagement and buy in from stakeholders and Congress as a whole.
Zabierek and Stewart: Can you talk about any important forthcoming cyber or tech legislation you want people to pay attention to?
Goins: Yes—cybersecurity shouldn’t be practiced in silos. The Industrial Control Systems Cybersecurity Training Act, which has passed the House, directs CISA to establish training to develop and strengthen the skills across the cybersecurity workforce focused on those systems—which includes those in state and local jurisdictions.
Cybersecurity affects everyone—it’s not just for people in security or defense to worry about. Knowing the role that cybersecurity and critical infrastructure protection plays in communities can help women advance their advocacy for community preparedness and safety.
Zabierek and Stewart: We totally agree with you on busting those security silos. What do you wish people knew about working in cybersecurity?
Goins: I wish people knew that since cybersecurity affects everyone—it’s not just for people in security or defense to worry about.
I also wish people knew that there are all types of roles in this space from practitioners to policy makers—not every role has to be super technical.
Zabierek and Stewart: Why is cybersecurity important for women?
Goins: Cybersecurity is especially important for women. Cybersecurity affects women not only in the workplace but also in households. We need to find ways to make people realize the practical application of cybersecurity to their lives—from ensuring that children consume information via secure platforms to understanding how utilities like water and energy can be impacted by poor security. Knowing the role that cybersecurity and critical infrastructure protection plays in communities can help women advance their advocacy for community preparedness and safety.
Zabierek and Stewart: What is your cybersecurity or privacy tip?
Goins: Use two-factor authentication and use complex passwords—no names of your dog or kids! But also keep in mind that if you get a new phone, make sure your method of authentication will export or transfer your tokens!
Zabierek and Stewart: Self-care is so important in the security world—what do you do to unwind or relax?
Goins: I put my Peloton (can’t get away from tech) in “Just Ride” mode and turn on a book from my Audible subscription.
Zabierek and Stewart: What are you reading (or listening to) these days?
Goins: Of course I’m listening to Beyonce’s newest album “Renaissance”!
Zabierek and Stewart: If you could wave a magic wand to change anything about the cybersecurity industry, the law or technology ecosystem, what would you change and how would you do it?
Goins: I would address digital barriers. There are so many people that can not access technology due to physical or economic limitations. This ends up having a devastating long term impact within communities. I would start by investing in infrastructure and partnerships that look into the causes of digital barriers and work to eliminate these barriers through investments such as training and providing access to technology.