When Selena Larson began shifting her focus from state-sponsored advanced persistent threats (APTs) during her transition to her role as a senior threat intelligence analyst at Proofpoint, the response from peers in cybersecurity was initially mixed.
APTs had long been considered the apex of sophisticated threats. Larson, however, saw a different, equally pressing priority: the rampant and multifaceted impact of cybercrime.
"Cybercrime is a business — a multibillion-dollar ecosystem that doesn’t just disrupt organizations; it devastates people’s lives," Larson said.
From stories of friends losing money to scams, to small businesses forced to shutter, and hospitals brought to a halt by ransomware, Larson wanted to reframe the idea of nation-state APT being what she calls “the big boogeyman” because cybercrime is a massive problem impacting almost everyone and every business.
"Nation-state threats are important, but cybercrime affects far more people daily. For me, it’s about focusing on what truly matters to the everyday user."
Her shift in emphasis underscores an important point in the cybersecurity landscape: the need to address evolving, financially motivated adversaries that impact a vast swath of society.
Larson’s groundbreaking research has been pivotal in reshaping how the industry perceives and tackles cybercrime. Her team at Proofpoint tracks shifts in the cybercrime landscape, monitors threat actors, and translates complex data into actionable intelligence for businesses. Beyond her research, she’s the voice behind "DISCARDED," a podcast celebrated for its fresh, accessible take on cybersecurity challenges, from business email compromise to advanced malware attribution.
Larson is one of this year’s 2024 SC Media Women in IT Security Honorees who are transforming the cybersecurity landscape through innovation, education, and a commitment to tackling evolving threats.
Device challenges in cybersecurity
Elisa Costante, vice president of research at Forescout, is also driving innovation in cybersecurity, but her battlefield lies in the interconnected world of IoT, OT, and IoMT devices. These environments are notoriously challenging due to their diversity and the critical roles they play in industries like healthcare and manufacturing. Under Costante’s leadership, Forescout’s Vedere Labs uncovered 23 vulnerabilities in the last year alone, contributing critical insights to the global threat landscape.
For Costante, visibility is paramount.
"The key to securing OT and IoT systems is understanding what’s connected, how it behaves, and where its vulnerabilities lie," she said.
Vedere Labs tracks over 420 million attacks and monitors more than 19 million devices, ensuring Forescout’s clients — spanning nearly 4,000 organizations — can protect their critical infrastructure. Her team's work isn’t just academic; it’s shaping global standards and directly supporting government-led initiatives like the Cybersecurity and Infrastructure Security Agency's Joint Cyber Defense Collaborative.
Costante also leads Forescout’s Project Memoria, the largest study on the vulnerabilities of TCP/IP stacks — a foundational component of modern connectivity.
"It’s about building methodologies and tools that work at scale," Costante said. Her efforts have set a new benchmark for research that bridges academic rigor and real-world application.
Educating the cybersecurity community
Meanwhile, at Intel 471, Ashley Jess is making waves as a senior intelligence analyst. Known for developing the CTI 101 initiative, an educational program designed to close knowledge gaps in cyber threat intelligence, she is helping enhance the skills of her colleagues and clients by strengthening the broader cybersecurity community.
"Not everyone comes into cybersecurity with the same technical background, and that’s OK," Jess said. "CTI 101 provides the foundational knowledge that junior hires or even seasoned professionals in adjacent fields need to excel in cyber intelligence."
Jess also developed intelligence desks at Intel 471 to streamline and enhance reporting across global operations. By centralizing intelligence collection and fostering collaboration, her efforts have yielded cutting-edge insights into high-priority issues like AI misuse and election security. "It’s about creating a unified strategy that allows diverse teams to contribute meaningfully to the larger puzzle," she explained. Jess’s work exemplifies how innovative methodologies can transform how organizations tackle complex threats.
Perseverance and advocacy for innovation
Innovation in cybersecurity is not just about technical breakthroughs — it’s also about the persistence and advocacy required to challenge norms and drive meaningful change. For this year’s honorees, perseverance is the common thread that ties their achievements together.
"Don’t give up,” said Larson. “It’s OK to have different opinions. I think that we only get better when we have a diversity of opinions and ideas and hearing a lot of different voices from within our community, different experiences, different backgrounds. I think monoculture lends itself to biases, and biases prevent the best possible defense. If we keep having these conversations, speaking up, and trying to get your voice heard, that’s how you innovate.”
Costante said overcoming technical hurdles her team faced during Project Memoria required a blend of creativity, technical expertise, and unwavering commitment:
"The challenge was analyzing 14 different TCP/IP stacks, many of which were proprietary and required reverse engineering. The vulnerabilities we found — over 100, impacting billions of devices — showed us how systemic certain developer mistakes were. But identifying these patterns and turning them into actionable insights, even under complex conditions, was a great achievement for us.”
For Jess, perseverance meant pushing the boundaries of her team’s capabilities to address emerging threats.
"It’s about finding the key stakeholders — both the people we serve and the intelligence requirements they have — and building out what’s needed to address those gaps. For instance, when it came to covering AI and elections, we surged on topics like these for the first time, producing nearly a hundred reports in a single year. It was our first time surging on anything like this, and it was a learning curve, but we made it work. We leaned on each other as a team, and it turned out to be pretty successful.”
