Women in IT Security, Power players

Window Snyder: baking security into the app dev process

Window Snyder speaks during Web Summit 2017 at Altice Arena in Lisbon. (Cody Glenn/Web Summit via Sportsfile)

Window Snyder and the security industry grew up together.

When she decided to ditch her original plans to pursue a writing career – what she’s referred to as her teenage rebellion – in favor of a career in tech, there was no playbook for security. Practitioners had to build their own tools, Snyder, chief security officer at Square, said earlier this year during a fireside chat at the Women in Tech Symposium at UC Berkeley.

Snyder had watched her own mother, who came to the U.S. from Kenya hoping to pursue a mathematics degree, be discouraged from her goal and turn to education instead. Her mother eventually seized the opportunity to become a software tester then a software engineer.

Click here for complete coverage of the 2020 Women in IT Security

Her brief flirtation with becoming a writer aside – she attributes it to a push against her mother’s advice to pursue a computer science career – Snyder fell in love with security after she completed a computer science degree and became involved with members of the hacker community in Boston. She told the symposium audience she realized there was opportunity to “do something useful” and “make contributions that are still in place today.”

And that she did – Snyder’s a well-respected application security expert and a pioneer in evolving computer science into a cybersecurity career. In the beginning, she’d visit clients who would ask her how they could tell if their systems were safe. Snyder had put a lot of time into thinking about how she’d try to get into an app or system, so she had advice to impart. An early gig at Stake as director of security architecture led to a post as senior security strategist in Microsoft’s Security Engineering and Communications group. There she contributed to the Security Design Lifecycle and was one of the developers of a new methodology for threat modeling software as well as the creator of the Blue Hat Microsoft Hacker Conference.

Following positions at Mozilla, Apple – where she worked on privacy and security of iOS and OS10 – and Fastly, she had a short stint at Intel as the CSO, vice president and general manager of the company’s Platforms Security Division. She found a home at Square in 2019.

Snyder advocates for security to be introduced early on to ease the natural friction between development and business. And she encourages organizations to recast cybersecurity as a way to differentiate themselves from others and use it to make products that appeal to users rather that a group that nixes cool projects because they aren’t secure.

“I have seen a lot of organizations where security is set up to be the ‘no machine,’” Snyder said to the symposium audience. “It is really easy to say no, it’s very easy to reduce risk if the answer is always no, but it’s not very helpful to the business.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.