Why nominated: Jennifer Steffens has held the helm of IoActive for the last 11 years and during that period managed the firm while the company’s researchers made impressive vulnerability discoveries in satellite communication systems used on planes, robots, Segways, a Jeep and even healthcare equipment. She has also been a leader when it comes to diversifying the cybersecurity workforce creating IOActive’s “Women, Wisdom, & Wine” events which has conducted more than 50 gatherings in several international locations.
Profile: Under Steffens' leadership IoActive in August 2018 was able to disclose critical satellite communication (SATCOM) vulnerabilities. The disclosure enabled several of the world’s largest airlines to address a major flaw that could have been exploited to take control of SATCOM equipment on an in- flight aircraft from the ground. If the flaw had gotten into the wrong hands, malicious parties could have weaponized the equipment and caused harm to in- flight airline passengers and crew.
Steffens’ Women, Wine & Wisdom also hit a new high attracting more than 300 women in attendance at this event.
What colleagues say: “The best way to describe someone like Jennifer Sunshine Steffens is through an unusual metaphor: Think about the order and precision of Bach’s ‘Brandenburg Concerto No. 3,’ stop for two seconds, and then think about the energy and joy in Joan Jett’s ‘Cherry Bomb.’ When I had my first contact with IOActive, I was looking at Jason Larsen, one of Jennifer’s rising stars, blow up two 200- liter oil drums by hacking a SCADA system at the IoT village at Def Con 23. I had been given the challenge to secure our SCADA systems and I was listening carefully to Jason, as his presentation was aimed directly at one piece of equipment we own. Almost a year after that, I engaged IOActive through their sales and consulting teams at DEFCON 24 and they helped me understand every detail that I needed to focus on in my own SCADA environment with a proposal that fit the needs of my organization without wasting a single dollar or hour of effort.” Carlos F. Lerma, Senior Information Security Architect, Beam Suntory