Stop for a moment and think of all the emails you send and receive in a day. Now multiply that by 49,000 employees. Sobering, huh? That’s just one segment of the GE Aviation corporate universe that Deneen DeFiore monitors on a daily basis.
As the Chief Information & Product Security Officer at GE Aviation, DeFiore serves as a technical expert and advisor on all things cyber risk-related. That means protecting the business from hackers, developing secure, embedded software for customer products, and everything in between.
“I spend my days on the job with my teams, GE business leaders, external customers, regulators, and industry peers learning the new threats and risks in the environment that we have to be ready for,” says DeFiore. “We want to make sure we’re not just doing good for GE, but for the whole aviation ecosystem. Cybersecurity is top of mind for everyone.”
It is virtually impossible to work these days without having a digital interaction. It touches every aspect of technology as well as the larger business. This means that there are more chances than ever for proprietary data to be compromised. DeFiore’s objective, therefore, is pretty straightforward: “Keeping our intellectual property safe from attackers is the most important part of cybersecurity for GE Aviation.”
Ironically, she didn’t set out to chart a career in tech. After getting a degree in biology at Kent State, DeFiore headed to grad school to pursue a masters in healthcare administration and operations. She thought she’d end up managing hospitals, but an internship with a healthcare system that was transforming its paper-based process into a digital one unlocked her fascination with technology. “I found that I was intrigued by the technical transformation and interested by the impact of technology on operations,” she says. Eventually, her natural curiosity led her to the more urgent field of digital security. “I was a CIO for one of the GE Power business units and we had a cybersecurity incident,” she says. “I had to learn fast. But working through the incident opened my eyes to a whole new and emerging aspect of technology in cyber. I was hooked.”
When it comes to cybersecurity, there’s never a dull moment. Bad actors are constantly cooking up new threats and ways to undermine businesses’ protective systems. Phishing emails, robo-calls, industrial-level hacks, and intellectual property heists are more prevalent and advanced than ever—so much so that it is often difficult to figure out whether a threat is real or a fake-out. In an odd way, it’s what DeFiore likes best about the field.
“While there are standards and best practices, there isn’t a blueprint to follow,” she says. “I can learn, be creative, and constantly stay challenged. I love being connected to the business. Every time I board a flight, I am reminded that the work I do makes a real-world impact.”
Recently, she was involved in a cybersecurity incident that made its way into the news. A member of the People’s Republic of China’s intelligence services attempted to steal trade secrets that would have given China an unfair advantage in the aviation and aerospace sectors. DeFiore and her team, working with the FBI, were able to catch the perpetrator and safeguard GE Aviation’s intellectual property.
DeFiore is also a staunch advocate for women, both inside and outside GE. Internally, she is the co-leader for GE Girls, an initiative across the company that promotes STEM initiatives for young women at the grade school and middle school level. “Being able to expose girls to great role models, opportunities, technical disciplines, and careers that encourage them to build their STEM skills is a big initiative for me,” she says. “It’s a great program and the mission is awesome; I’m really happy and proud to be part of it.”
Externally, she works with the Executive Women’s Forum, the largest professional organization of cybersecurity risk privacy professionals for women. She speaks on panels across the United States on issues involving women in STEM. “It’s important to me to empower women in technology because, in general, women are very underrepresented in STEM fields,” she notes. “We’re making progress, but there’s still a long way to go, specifically in cybersecurity.”
Women only represent 11 percent of the cybersecurity workforce, and that number hasn’t changed over the past couple of years. “Women and minorities are not represented there, and I feel like the reason is because of the stereotypes associated with the field,” she adds. Cybersecurity is, on the whole, dominated by men. As a result, it’s geared toward a male focus, which can be discouraging for women just starting their careers. To combat this, DeFiore says, “it’s important for me just to be able to get out there and show women that you can be successful in this line of work.”
Clearly, she doesn’t shy away from challenges. But that doesn’t mean DeFiore hasn’t been forced to make some tough personal choices. “One of the most challenging things for me was making a decision to move on to the next level of my career,” she says. “When I was offered a great opportunity at GE to start up the information security technology center in Richmond, Virginia, I had to make the decision to either move my family or commute.” She has two step-children with her husband, a daughter and a son, who were very young at the time. “I wanted this job; I wanted to be an executive in GE. I thought about moving them with me but in the end I couldn’t ask them to do that.” She ended up commuting to Richmond for about three years while her family remained in Cincinnati. “In the end, it was a great experience,” she says, “but balancing the needs of my family, my personal life, and my career at the time was really difficult.”
She and her family still live in Cincinnati. When not fending off hackers and IP thieves, she can be found working on a historic renovation of her home—which brings its own set of challenges.
“We are doing the renovation ourselves because we love the tangible nature of the project,” DeFiore says. “You get your hands dirty, but you can see the progress.”
Kind of like cybersecurity.