Remembering a Part of InfoSec History: Rebecca Bace Memorial

There are many past events and people who have attributed to the field of Information Security, and as Cybrary begins to explore some of the key players and happenings that got the industry to where it is today, we felt it important to remember one significant contributor, Rebecca ‘Becky’ Bace.Becky Bace has had a significant impact of the security field, more specifically in regards to intrusion detection. Intrusion detection is a type of security management system for computers and networks that gathers and analyzes information from various areas within a computer or a network to identify possible security breaches.“Her programs focused on transferring research into the fledgling commercial security products market – a perspective forced on real problems and adversaries encountered by operational security folks.”Those in the industry may have read her influential textbook on the topic, Intrusion Detection. Born and raised in Birmingham, Alabama, Bace had early influence from her parents that lead her to develop ‘well-rounded mechanical and electrical troubleshooting skills’ as well as a particular push to follow in her mother’s academic legacy.In a 2012 interview with Jeffrey Yost from the Charles Babbage Institute of the University of Minnesota, Rebecca Bace discusses her early professional life before focusing on her years at NSA and her leadership of the Computer Misuse and Anomaly Detection (CMAD) Research Program.Reflecting on her formative years, she laughs at some of her early interests including that of lock picking; a true security hobby.“Not only in picking locks; actually, I had a serious interest—we joke about this now—I had a serious interest in what it took to assemble and optimize bombs, actually. We cleared land… But also, because of that—thanks to that—I know a little bit more about dealing with dynamite and explosives and was totally fascinated by it.”Her transition into college years were met with her fair share of hurdles- in terms of health and family finances, but she managed. As a student at the University of Alabama Birmingham, she began her collegiate career like many of us, trying to find a major and career path.“’Well, as a matter of fact, the token woman in the engineering program just graduated and they’ve been looking for somebody else, why don’t you go talk to them?’ They literally marched me down and introduced me to the dean of engineering. And the next quarter I was an engineering major.”That was just the first of many times Becky would be the ‘token woman’ in her field. The next as the ‘token woman’ in Xerox’s technical force in Alabama where she began as a technician servicing machines.“I would say Alabama was not the friendliest of political environments for me—you know, token women—there is blessing and curse in that,” says Becky, “and I had managerial problems that were local to that area. And one of the things that was offered was a chance to leave Alabama. Well, in the midst of this, I got sent to a training school in Virginia.”She transitioned from working at Xerox to a small civil engineering firm until she finally landed her role at the NSA, where they hired her initially as a programmer. Eventually, Becky made her transition to an analyst, at that point having completed her Master’s Degree. She then moved to the CMAD research program, where she did perhaps her best-known work.“The quality of the security job you can do typically depends on your ability to master the domain you’re trying to protect but also see that domain from a different point of view. So it’s a matter of needing somebody who has a mastery of that technical domain, but also a certain oblique view of it so they can come in, look at the domain, nail the details of the domain dead to rights, and also notice what’s not consistent as they observe operation of the domain.”Known as an American computer security expert and pioneer in intrusion detection, Bace played a pivotal role in the apprehension of Kevin Mitnick, proving that trace back and capture were possible beyond the theoretical context. She also provided some of the seed funding for computer security labs at UC Davis and Purdue University.After her time at NSA, Becky served as an operational security manager for a national laboratory until her move to Silicon Valley where she served in the early product and services market."Perhaps the most critical role of leadership in managing security is to understand what has transpired in the past, enforcing a movement toward better security over time," Bace told SC Media during an interview in 2014, especially at national and industry levels where standards are formed and enforced.The later part of Becky’s career was spent as a venture consultant at Trident Capital where she lent her expertise in order to oversee the growth of many information security startups.Sadly, Becky passed away on March 14^th of this year. Many have fondly remembered her, including InfoSec Curmudgeon Jeffrey Man, as the “den mother of computer security.”"Becky was a friend," said SC Vice President of Editorial Illena Armstrong. "I sought out her counsel not only to help support SC's continuous advancement but also to guide me on my own personal and professional growth. And I'm not the only one. She was a guiding light to a legion of professionals in this space. Beyond being a cyber security groundbreaker with virtually peerless professional acumen, knowledge, and experience, she was just a beautiful, kind and giving person. This world is lessened without her in it."If you knew Becky, worked with her, got advice from her or were otherwise motivated and inspired by her, please help celebrate and remember her life and impact by sharing your story with others who were similarly benefitted. RSVP to her May 7^th Memorial here.Olivia Lynch (@Cybrary_Olivia) is the Marketing Manager at Cybrary. Like many of you, she is just getting her toes wet in the field of cyber security. A firm believer that the pen is mightier than the sword, Olivia considers corny puns and an honest voice essential to any worthwhile blog.