FSB grad Camille Stewart works to keep us safe from cyber threats

Camille Stewart talking to ESS participants

Since graduating from the Farmer School in 2008, Camille Stewart has had nearly a dozen jobs and fellowships in government and in the private sector, a career path that the head of security and privacy policy for Google Play & Android says she’s chosen deliberately.

“That was intentional. I want to understand the problem from all industry perspectives. Government has secure information that they're not allowed to share. That gives them a particular insight. Industry has touchpoints into a bunch of user data, lifestyle data, and all these other data points that's brought together. It's a really powerful tool, but the industry doesn't want to share if government isn't going to share,” Stewart explained. “So understanding the global dynamics, understanding that trust dynamic, understanding the evolution of even governance in our systems, to understand that best, I've made it my goal to sit on all sides of the issue and even do some research on the side to just kind of better understand the problem space. But I think it's really important that the more that people have experience in the federal sector and in industry, the better they're able to talk to each other.”

Stewart was a guest in the virtual Executive Speaker Series at the Farmer School, talking about her career in cybersecurity. Stewart said her role at Google has her wearing a lot of different hats:

  • “My biggest job is leading our election integrity program for Google Play and Google has committed to make sure that their platforms aren't leveraged to impede free and fair elections. So I lead a program that tries to close all of the abuse vectors and be forward-leaning in terms of identifying election threats that might pop up in Android or Google Play in our store.”
  • “I also lead misinformation-disinformation policy. We’ve rolled out a lot of policies to close the gaps. Manipulated media is a huge problem, and if it doesn't seem like it really is a problem on your phone, that's because we've rolled out policies to close that gap and even limit how apps can generate new manipulated images.”
  • “I lead security and privacy policy. We launched a location policy and we implemented a bunch of controls around how apps can access your camera data and all of these things to empower the user to control what an app owner developer has access to in terms of their personal information."
  • “I write policies and encourage guidance to developers. So, one, hold them accountable for what they're collecting, but, two, create more transparency for users.”

Stewart said that the hardest part of her job and the best part of her job involve the same thing: Finding balance. “I fancy being an advocate for the user at work. That means that I am talking to a number of different stakeholders across a number of different functions who all have a job to do at a different perspective. And it is my job to convene all of those folks to understand what their priorities are, what their goals are, and synthesize that into a perspective on a way forward, and to be able to articulate for leadership the direction we should march in to best protect our users, but also be innovative and be fun and be secure,” she said. “It often is my job to negotiate and navigate those differences to find a perspective, and the most rewarding moment is when we find that perspective.”

“When I see things go out that actually will have meaningful impact on the lives of folks every day. When we launch those policies and have set up all of the institutional processes, or the settings on the phone that will empower you to make more choices or will limit access to your information or make your phone more secure, that's rewarding for me.”

“My biggest challenge is the dynamic nature of the threat. It's always changing. To get inside the mind of the adversary, whether that's a malicious developer, something more nefarious like a foreign actor, is really tough because their motivation changes,” she said. “They're usually one step ahead and they think in a way that you don't. I'm not trying to cause people harm, I'm trying to protect folks. But to prevent the harm, I have to think about the harm they’re trying to cause. That is tough, but it’s also a lot of fun.”

So how does a student prepare for a future role in cybersecurity? Stewart said that to start, students should be paying close attention to the world around them now. “I recommend that folks interested in cybersecurity follow the news. Technology and cybersecurity are in the news all day, every day. So understand what's going on with foreign investment and how other countries are investing in technology and investing in our startup ecosystem,” she said.

“Take advantage of your interests,” Stewart noted. “Even if you don't use all of those interests at one point, you can find different phases of your career where you can leverage those skillsets, leverage those interests to enrich or even re-imagine completely your career.”

Stewart told students that a variety of college majors, including business majors, are needed for her field. “There is a big technical component and anyone who plays in this space should understand the technology, understand how to communicate with the technical team. But we need folks who can communicate the challenges, marketing folks who can engage users and those not familiar with the concept and the terms so that they can embrace security protocols and privacy protocols, because cybersecurity at its base level depends on the individual,” she remarked. “It has impacts on everything from finance down to marketing, to legal and across the organization. So security is one of those cross-functional problem sets that whether or not you are an expert on cyber, you should have some familiarity with it, especially at the leadership level, but there are roles for everyone.”

To learn more about Camille and her work inside and outside her job, watch her interview below and/or visit her website.