As the threat landscape multiplies in sophistication and complexity, new roles in cybersecurity are presenting themselves more frequently than ever before. For example, attack surface management.
These cybersecurity professionals are responsible for identifying, mapping and securing all external digital assets an organization owns or is connected to. This includes servers, domains, cloud assets and any other digital points that could be exploited by cyber criminals. Their role involves continuously monitoring these assets for vulnerabilities, misconfigurations or other potential security risks and implementing measures to mitigate these risks. They also work to reduce the organization’s overall attack surface by eliminating unnecessary access points and ensuring that all remaining ones are properly secured.
In this exclusive and informative Q&A, we spoke with Sara Lipala, lead technologist, attack surface management for Booz Allen Hamilton. Lipala is an accomplished cybersecurity professional with over five years of experience in the manufacturing and consulting industries, with a focus on vulnerability management, patch management and comprehensive attack surface management.
Did you go to college? What did you go to school for? If not, what certifications did you obtain?
I attended Montclair State University, where I completed a Bachelor of Science in Information Technology with a Computer Science minor. On top of my university education, I’ve obtained industry certifications, including the GIAC Enterprise Vulnerability Assessor Certification (GEVA), Harvard’s Managing Risk in the Information Age, ITILv3 Foundations Certificate and vendor-specific certifications including Qualys: VMDR, Scanning Strategies and Best Practices, Vulnerability Management, Web Application Scanning and Container Security.
