From Newsroom to Threat Room: Audra Streetman’s Journey into Cybersecurity
A Non-Traditional Path into Cybersecurity
Audra Streetman’s story stands as proof that the cybersecurity industry is increasingly open to diverse backgrounds. Starting in broadcast journalism, she began noticing a spike in ransomware stories affecting local businesses. One attack in particular the JBS Foods ransomware incident shifted her perspective on cybersecurity as a long-term societal challenge.
“That was sort of a wake-up for me… It can shut down production. It can impact what’s in the grocery store.”
Inspired and mentored by a friend already in cyber, Audra began a self-paced journey: podcasts, YouTube, social media, and certifications like CompTIA Network+, Linux+, and Security+ helped her build foundational knowledge. She highlights the importance of learning on the job, a benefit she gained after joining Splunk’s SURGe team.
“The great thing about cybersecurity is that there are certifications which are a lot more attainable for a career changer than maybe going back to college.”
The Role of Journalism in Threat Intelligence
Audra believes her skills in journalism breaking down complex topics for a broad audience are directly applicable to threat intelligence.
“You’re trying to break down highly technical topics for a wide audience, and that’s something I do now with my writing.”
As part of her current work at Splunk’s Global Security Operations (GSO) team, she collaborates on purple team exercises and internal defense initiatives.
Ongoing Threat Trends: From Endpoints to the Cloud
Audra provides a practitioner’s view on the evolving threat landscape, noting that cloud infrastructure is emerging as a major target for adversaries.
“Adversaries are increasingly seeing cloud environments as a soft target… Cloud is a bit of a new area that companies are trying to get ahold of.”
This evolution is paired with a persistent favorite among attackers: vulnerability exploitation, especially in file transfer appliances.
She also flags zero-day vulnerabilities and abuse of OAuth tokens as key concerns.
“OAuth token abuse is a big one that I’m keeping my eye on.”
The DPRK IT Worker Scheme
One of the most concerning trends discussed is the emergence of North Korean IT worker scams, where threat actors pose as legitimate job seekers to gain access to organizations remotely. This growing tactic has affected both tech and cryptocurrency sectors.
“We’re working on the DPRK IT worker scheme… North Korean threat actors pose as job seekers for remote jobs at companies.”
For reference: CISA’s Alert on DPRK IT Workers
Advice for Aspiring Cybersecurity Professionals
Audra offers practical and encouraging advice for those trying to enter cybersecurity. Her top suggestions:
- Don’t get discouraged by rejections
- Apply even if you don’t meet all listed qualifications
- Network with hiring managers and attend conferences
- Build credibility through certifications and passion projects
“You might have to be more strategic about how you go about it… But it’s definitely possible.”
