“The infosec community constantly needs new energy in it to keep the industry on its toes!”

biascilab defcamp interview

Bia is 12.

Her list of achievements so far will leave you speechless and we can guarantee that. Here are some highlights:

She spoke at DEF CON (3 times).

She’s more articulate and vocal about election hacking and securing the voting process in the US than most people four times her age. In fact, her work was recently highlighted at the U.S. Congressional Hearing on Election Security!

She teaches ethical hacking to other children and teens interested in cybersecurity, and she’s building a community for Girls Who Hack.

Are you amazed yet? (We sure are!)

Here’s the great news: BiaSciLab is coming to Defcamp!

To give her a proper welcome to DefCamp, we interviewed BiaSciLab about work, her passions, and what it takes to get more girls into infosec. Read below to discover everything she told us!

What makes people pay attention to cybersecurity

Bia built her ethical mindset through her natural inclination to help and use her knowledge and abilities for good.

“Because I like to help people, there is more power in doing good and helping others than being mean. I see a lot of good organizations that need cyber security help but just don’t have the people or resources. Plus everyone likes a superhero!”

We can’t help but feel inspired, especially because Bia sees the value of being persistent when facing a difficult problem, which abound in cybersecurity.

“There is always a way around a problem, sometimes you have to look really hard, but it is there! I’ve also noticed that people are willing to see the truth if they are presented with real facts.”

When teenage girls decide to go into cybersecurity

Who can better speak about what it takes to get girls into cybersecurity than one who chose this path and is thriving at it?

Bia is very well connected to what makes a real difference in terms of encouraging girls to consider infosec as a valid and interesting career option.

Studies have shown that middle school is the time when girls decide if they want to pick a path in technology or not, so this is really an important time for girls to have a positive experience with technology.

There are many different jobs in security besides just being a red team hacker. There is physical security with doors, locks, and access control. There are firewalls and network security, as well as secure coding and team management.

Girls make the best managers because they are typically more organized. ;)”

With an example like Bia, we’re confident that more teenage girls might see cybersecurity from a different perspective.

She’s not just talking about these things but actually doing something about it. BiaSciLab founded Girls Who Hack, a community to teach and support girls interested in infosec.

“The project is just starting out, but there has been a lot of positive reactions and traffic on the site. It’s ranked in the top technology sites by our web host!

Other girls in technology have been very supportive, specifically The Steam Squad, they have really helped spread the message about Girls Who Hack.”

See Bia live @ DefCamp

Why teaching is one of the best ways to learn

Bia’s enthusiasm is contagious and we have no doubt it’ll continue to get more and more teens excited about the possibility of becoming a white hat hacker.

“There are a lot of openings in cybersecurity and security will never go away!

As more things are invented, more security holes are made at the same time.

There are also many resources online to learn about security for free.

The hacker community is also making security more accessible to children at conferences with all the kids initiatives: BSides Delaware has Spawn Camp, BSides Washington DC has Crypt Kids and of course DEF CON had r00tz asylum just to name a few.”

To reap these opportunities and discover more, Bia consistently works to improve her infosec knowledge and skills. Here’s how she does it:

I participate in a lot of CTFs and build my own CTFs with networks and servers to let the hackers try to break in.

This year at DEF CON 27 I made a small business network with a server and some end points and let the best hackers in the world try to break into it. No one was able to get in!

I also give classes online and in real life on current attack vectors like the OWASP top 10.

This year at BSides Washington DC I will be teaching a class for the Crypt Kids on “Building a home lab and Introduction to web application hacking”.”

The importance of speaking up

Everyone has a role to play in cybersecurity and everyone can do good if they want to. We share this strong belief with Bia and admire her for getting out of her comfort zone and applying for opportunities that even most adults we know would be afraid to pursue.

That’s how she ended up speaking at DEF CON – 3 times so far!

“I submitted my talks through the CFP like everyone else and they were selected.

The CFP is blind, so my submissions were in with all the others.

My first talk was at DEF CON 26 for r00tz asylum which was well received by the kids. Then I gave a talk at the Bio Hacking village in the “hangover slot” (Saturday morning) and the room was packed!

This year, my election security talk was also standing room only and I received a standing ovation.

The first question was: do you want a job?

Besides becoming a better public speaker, experiencing the entire process of being a speaker at a conference, BiaSciLab is also acing the learning process by enrolling in challenges.

At DEF CON 26 I was one of the first kids to hack the election reporting system. This led me to start researching election security and wondering how secure the election system really is.

Earlier this year, Congresswoman Mikie Sherrill invited me to the congressional hearing on election security which really got me going on this topic.

I hope to bring more awareness to how insecure our election system is so that it can be fixed.”

Paying it forward – a rule to live by

For someone as perceptive as Bia, it’s easy to spot who needs the most help when it comes to online security issues. Just as Eva, another brilliant speaker coming to DefCamp this year, Bia knows that vulnerable categories of people are the worst hit.

Small businesses and older people are the ones who really need the most security help.

The small businesses can’t afford a full time security team so they typically just do nothing. Older people are taken advantage of because they don’t understand that they should NOT click on the link. They are also the target of phishing scams.”

It’s exciting to see how far-ranging BiaSciLab’s interests are when it comes to the infosec world.

“Web application hacking is really big because there are so many websites out there that are vulnerable!

I’m working my way through the OWASP Top 10 and finding it more and more interesting as I go.

I am also really excited to learn more about social engineering because I love talking to people.”

But besides all the technical challenges (and opportunities), Bia highlights what matters the most in security, no matter if it’s online or off.

The infosec community constantly needs new energy in it to keep the industry on its toes!

Security is a quickly changing world and it’s up to the next generation of hackers to make sure it keeps moving forward.

I enjoy teaching classes and sharing my knowledge and I hope it inspires people to do more in infosec and give back to the community.”

We can’t wait for Bia’s talk in Bucharest just 6 weeks from now!

Because half of her heritage is Romanian, we’re even more eager to make her feel welcome and help her enjoy the support of the local infosec community.

See BiaSciLab @ DefCamp

This year, we’re taking DefCamp to the next level with the help of our main, long-time partner, Orange. With support from IXIA – a Keysight Business, Secureworks, UiPath, Bit Sentinel, Thales, and other selected tech companies that value the power of community, we’re building valuable, hands-on learning experiences for 2000+ attendees from all over the world!

Join us to educate, secure, and change the world!

Meet our DefCamp 10 partners 2019

    Related articles​

    Securing the cloud: insights on threats, ..

    BY Adina Harabagiu
    There is no mystery that everything nowadays has a digital component. A growing number of companies are ..

    Striking a balance between security updates, ..

    BY Adina Harabagiu
    The world of cybersecurity is fast paced, there’s no denying it. Innovation is constant and threats are ..

    Pentesting: a tool for empowering – not ..

    BY Adina Harabagiu
    You’ve likely caught wind of this rising tide – offensive security, pentesting, and #RedTeams are not ..