SafetyDetectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand
English
DanskDeutschEnglishEspañolFrançaisHrvatskiBahasa IndonesiaItalianoMagyarNederlandsNorskPolskiPortuguêsRomânăSuomiSvenskaViệt NamTürkçeČeskySrpskiΕλληνικάРусскийไทย日本語中文한국어Българскиעבריתالعربية

Interview With Han Thazin Tun - Board Member at The Diana Initiative

Shauli Zacks
Shauli Zacks Content Editor
Updated on: September 25, 2024
Shauli Zacks Shauli Zacks
Updated on: September 25, 2024 Content Editor
This article contains

SafetyDetectives recently interviewed Han Thazin Tun, a board member of The Diana Initiative. Han Thazin is a Security Engineer at Amazon, specializing in Physical Stores. With an impressive background in various aspects of cybersecurity, she has significantly contributed to the field through her expertise and dedication. In this interview, Han Thazin shares her journey into cybersecurity, her role at The Diana Initiative, and her insights on promoting diversity, equity, and inclusion (DEI) within the cybersecurity community.

Can you tell us about your journey into cybersecurity and what inspired you to enter this field?

My journey into cybersecurity was pretty straight forward once I knew I was going straight into grad school from undergrad. My interest in Information Systems started in my sophomore year when I took my BUS- K 201 The Computer in Business where I learned data management and Information Systems. I loved learning more about IS and my professor and mentor, Taryn Malher, definitely encouraged me to explore more into this field. Cybersecurity is always changing and as security engineers/managers, we always have to be on our toes and learn to adapt quickly. That thrill of learning new things excites me.

Can you give us an overview of The Diana Initiative and its primary mission?

The Diana Initiative aims to create a more inclusive information security industry where diverse individuals are represented at all levels. We host an annual conference where we bring a diverse group of individuals to discuss and explore topics on offensive and defensive security, purple teaming, and GRC.

How does The Diana Initiative promote DEI within the cybersecurity community?

We provide avenues for underrepresented individuals to get their feet wet in different fields of cybersecurity. We give financial support to our students who would like to attend TDI annually. TDI also aims to provide individuals who are looking to strengthen their red teaming skills through CTFs and coaching at villages.

Can you highlight some of the unique programs or workshops offered by The Diana Initiative?

TDI offers talks and workshops from industry speakers, career villages where you can get resume help and even professional headshots, CTF competitions, ICS and adversary villages, as well as a maker village. We aim to cater to a diverse group of individuals who are looking to get into or learn more about different fields in cybersecurity.

What are some of the biggest challenges The Diana Initiative faces in its mission to support underrepresented individuals in cybersecurity?

One of the biggest challenges is finding sponsors for our next TDI conference in Las Vegas or elsewhere. It is proving to be harder to find a company partner who is willing to support us in our mission to help underrepresented individuals in the industry. We definitely want to keep doing what we are doing and more – and for that to happen, we need our community’s support.

What are the key qualities you believe a successful cybersecurity professional should possess?

I believe that a successful cybersecurity professional should be curious, adaptable, and poised. Learning is always going to be an important aspect in cybersecurity – there’s new attack vectors everyday. SOCs operate in a follow-the-sun model and we should always be prepared to adapt to new changes in technology and threat landscape whilst coming up with new detection engineering and use of automation. Also, as cybersecurity engineers, we should be able to deal with fast-paced and even negative emotions while being able to think on our feet — no one likes when the whole house is on fire — but we will have to be calm and collected during security incidents.

About Han Thazin Tun

Han Thazin (she/her/hers) is a Security Engineer at Amazon, Physical Stores, with extensive experience across different cybersecurity domains. Her career spans email forensics, IT audit and risk assurance, threat intelligence, threat hunting, incident response, and purple teaming. An active speaker at notable conferences such as WiCyS, EDUCAUSE, and CPPC, she is known for her contributions to DEI work and technical threat hunting. Han Thazin holds several certifications, including SANS GIAC Certified Incident Handler (GCIH), SANS GIAC Security Operations Certified (GSOC), and Certified Information Privacy Technologist (CIPT). She is currently pursuing her SANS GIAC Cloud Penetration Testing (GCPN) certification. Outside of work, she enjoys canyoning, mountain climbing, and hiking in the Pacific Northwest.

Can you tell us about your journey into cybersecurity and what inspired you to enter this field?

My journey into cybersecurity was pretty straight forward once I knew I was going straight into grad school from undergrad. My interest in Information Systems started in my sophomore year when I took my BUS- K 201 The Computer in Business where I learned data management and Information Systems. I loved learning more about IS and my professor and mentor, Taryn Malher, definitely encouraged me to explore more into this field. Cybersecurity is always changing and as security engineers/managers, we always have to be on our toes and learn to adapt quickly. That thrill of learning new things excites me.

Can you give us an overview of The Diana Initiative and its primary mission?

The Diana Initiative aims to create a more inclusive information security industry where diverse individuals are represented at all levels. We host an annual conference where we bring a diverse group of individuals to discuss and explore topics on offensive and defensive security, purple teaming, and GRC.

How does The Diana Initiative promote DEI within the cybersecurity community?

We provide avenues for underrepresented individuals to get their feet wet in different fields of cybersecurity. We give financial support to our students who would like to attend TDI annually. TDI also aims to provide individuals who are looking to strengthen their red teaming skills through CTFs and coaching at villages.

Can you highlight some of the unique programs or workshops offered by The Diana Initiative?

TDI offers talks and workshops from industry speakers, career villages where you can get resume help and even professional headshots, CTF competitions, ICS and adversary villages, as well as a maker village. We aim to cater to a diverse group of individuals who are looking to get into or learn more about different fields in cybersecurity.

What are some of the biggest challenges The Diana Initiative faces in its mission to support underrepresented individuals in cybersecurity?

One of the biggest challenges is finding sponsors for our next TDI conference in Las Vegas or elsewhere. It is proving to be harder to find a company partner who is willing to support us in our mission to help underrepresented individuals in the industry. We definitely want to keep doing what we are doing and more – and for that to happen, we need our community’s support.

What are the key qualities you believe a successful cybersecurity professional should possess?

I believe that a successful cybersecurity professional should be curious, adaptable, and poised. Learning is always going to be an important aspect in cybersecurity – there’s new attack vectors everyday. SOCs operate in a follow-the-sun model and we should always be prepared to adapt to new changes in technology and threat landscape whilst coming up with new detection engineering and use of automation. Also, as cybersecurity engineers, we should be able to deal with fast-paced and even negative emotions while being able to think on our feet — no one likes when the whole house is on fire — but we will have to be calm and collected during security incidents.

About Han Thazin Tun

Han Thazin (she/her/hers) is a Security Engineer at Amazon, Physical Stores, with extensive experience across different cybersecurity domains. Her career spans email forensics, IT audit and risk assurance, threat intelligence, threat hunting, incident response, and purple teaming. An active speaker at notable conferences such as WiCyS, EDUCAUSE, and CPPC, she is known for her contributions to DEI work and technical threat hunting. Han Thazin holds several certifications, including SANS GIAC Certified Incident Handler (GCIH), SANS GIAC Security Operations Certified (GSOC), and Certified Information Privacy Technologist (CIPT). She is currently pursuing her SANS GIAC Cloud Penetration Testing (GCPN) certification. Outside of work, she enjoys canyoning, mountain climbing, and hiking in the Pacific Northwest.

About the Author
Shauli Zacks
Shauli Zacks
Content Editor
Updated on: September 25, 2024

About the Author

Shauli Zacks is a content editor at SafetyDetectives.

He has worked in the tech industry for over a decade as a writer and journalist. Shauli has interviewed executives from more than 350 companies to hear their stories, advice, and insights on industry trends. As a writer, he has conducted in-depth reviews and comparisons of VPNs, antivirus software, and parental control apps, offering advice both online and offline on which apps are best based on users' needs.

Shauli began his career as a journalist for his college newspaper, breaking stories about sports and campus news. After a brief stint in the online gaming industry, he joined a high-tech company and discovered his passion for online security. Leveraging his journalistic training, he researched not only his company’s software but also its competitors, gaining a unique perspective on what truly sets products apart.

He joined SafetyDetectives during the COVID years, finding that it allows him to combine his professional passions without being confined to focusing on a single product. This role provides him with the flexibility and freedom he craves, while helping others stay safe online.

Leave a Comment