LEADERS IN CYBERSECURITY

Kristie Pfosi

Executive Director of Product Cybersecurity, Aptiv
Kristie Pfosi is the Executive Director of Product Cybersecurity at Aptiv, an automotive Tier-1 supplier, where she is responsible for global incident response, vulnerability management, governance and a cybersecurity research lab. Her work involves developing and integrating cybersecurity protections into advanced vehicle electronics with a focus on defense-in-depth and next-generation security.
Kristie holds bachelor’s degrees in Mechanical Engineering and Electrical Engineering from General Motors Institute (Kettering University). She has a passion for building the next generation of professionals, is a founding board member of the Women’s Security Alliance (womsa.org), and is the Chair of the Auto-ISAC Education & Training Standing Committee.

What does a typical day of work look like for you?

Collaborating with my team leaders around the globe to advance the integration of product cybersecurity processes and tools into an established automotive development framework.

What aspects of your career journey have taken you by surprise?

Never thought I’d be in cybersecurity! As a young girl, I always wanted to work on engines and mechanical systems and get my hands dirty! But I’ve loved the transition into cybersecurity, especially as a pioneer in the automotive cybersecurity world. We are defining how the 100-year-old industry will consider and incorporate cybersecurity. It is a heavy lift, a global culture and philosophy change, which makes it really exciting.

Tell us about the cyber project you're most proud of working on in your career.

Being an author on the Auto-ISAC Best Practice Guides and leaning into thought leadership in the industry.

How has public perception of cybersecurity changed over the course of your career, and how do you predict in the future?

Since cybersecurity was “new” to the automotive domain, it was originally a bit dismissive (who would hack into a car?). But it’s gained a lot of traction and respect, especially with the next generation of software-defined vehicles, electric vehicles and autonomous vehicles. Cybersecurity is really an enabler of these technologies and we need to have a seat at the table.

Tell us about your first job (can be anything!) and one lesson you might have learned from it.

My first (professional) job was as a seat complete design engineer on the Chrysler minivan team for the first generation of Stow-N-Go seats. The original design required the customer to pull three straps (in the correct order!) to stow the seat into the floorboard. We did an “abuse clinic” and customers were not following the order! Everything was breaking! As a young engineer, this made no sense to me… my engineering mentor told me, “You cannot idiot-proof anything. There will always be a bigger idiot.” This reminded me that people see and experience the world differently, and we need to be compassionate to their needs.

What’s one piece of advice you’d give your younger self about getting started in cyber?

Learn all the things! It’s important to have a well-rounded understanding of how cybersecurity integrates into the business and to consider that when we create proposals for risk mitigation – whether through process, design or remediation.

Tell us about a role model or mentor who has helped shape your career.

I love Julie Straka for calling me out on my imposter syndrome and destroying my self-doubt. She’s amazing at calling me out on my own internal BS and reinforcing the positive contributions I’m making.

A meeting gets canceled and you have a surprise 30 minute window of free time — how do you spend it?

Sitting outside in the sunshine! Enjoying the backyard and listening to nature. (but sometimes I use this time to clean out my inbox instead…)

What are the ways you stay grounded and take care of yourself?

I have two small children (four and six years old), and I love being involved in their schools when I can. I like to be the mystery reader and show up to their class parties in the afternoons.

When you think about your personal legacy as a leader, what do you hope people will remember?

I hope people remember that I broke down silos, created an environment of transparency and open communication and empowered the team to work together towards common goals.