UC Berkeley CISO Allison Henry works at home.

The following excerpt is from a commentary on the UC IT Blog by UC Berkeley Chief Information Security Officer Allison Henry.

A few months ago my daughter was working on a school assignment involving career exploration, and as part of her research she asked me, “Mom, what do you do at work?”

Feeling very important, I answered, “I’m a Chief Information Security Officer, so I’m responsible for protecting all the computers on the UC Berkeley network from hackers.”

“Okay, I get that, but what does that mean? What do you actually DO when you’re at work?”

That took some thought. Long gone are the days when I was writing scripts to process IDS alert output files, or running NMAP scans for unauthorized telnet services, or uploading samples from compromised workstations to virustotal. I thought a bit about my daily work and then answered honestly, “Well, I go to meetings and I write emails.”

“Oh,” she replied in a tone heavy with disappointment. “That sounds really boring.”

Boring? There are many words I might use to describe my job — stimulating, challenging, frantic, stressful, and a couple others I’ll leave out to keep this family-friendly — but boring isn’t one of them. And yet even to me, talking to people and writing emails all day sounds … well, pretty boring. After the conversation I was left wondering, is it actually boring and I just don’t realize it? Do I actually “do” anything, anymore? With this opportunity to analyze a day in the life of a CISO, I decided to take a closer look at my daily work to find out.

Click here to read more about how this CISO spends her days.