Google and the Security Princess

Meet Google’s Security Princess. From an article published in Elle Magazine in August of this year, the header gives a unique description of her:

As Google’s top hacker, Parisa Tabriz thinks like a criminal—and manages the brilliant, wonky guys on her team with the courage and calm of a hostage negotiator.


cybersecurity-1014Weeks back I attended one of the many conferences I’m invited to in Washington, DC which happened to be at Bloomberg Government’s offices. The event, ‘Building Security Into Technology, The Future of Embedded Cybersecurity’ – here is the description of the event:

Hackers are equal opportunity criminals, targeting everything from critical infrastructure systems, to mobile devices, to personal computers and cloud storage. Patching existing vulnerabilities is no longer a viable security option. Instead building security into information technology products, including phones, tablets, computers, and software, is the key to smart cybersecurity.

The conference was well attended by journalists, executives and others with great interest in cybersecurity. There were representatives from Homeland Security present, I actually had the pleasure of sitting near one of them and as a matter of coincidence, her name was Princess – her given name. Yet she was not the princess I had come to see, this one was an invited panelist and one of my main motivations to attend the event. I looked at the e-mail describing the event and the list of panelists.

There were a total of four – the first the Assistant Secretary for Cybersecurity & Communications for the Dept. of Homeland Security, the second the Director of Cybersecurity Policy and Strategy, Global Security Strategy and Diplomacy for Microsoft, the third a Security & Infrastructure Engineer for Facebook and the fourth a cybersecurity technologist from Google. Funny, I almost chose not to go due to lack of sleep the night before – until I looked at that last panelist and her profile:

Parisa Tabriz – The ‘Security Princess’ for Google.

The Security Princess for Google I thought to myself. Next thought —

Time to get dressed in the suit and head to the Metro into DC.

Parisa Tabriz is a young and talented cybersecurity expert, so much so she was listed in the 30 Under 30: Technology in Forbes Magazine. Her story is a great one. First of all Security Princess is her real title at Google. She has worked on information security at Google for more than 7 years, starting as a “hired hacker” software engineer for Google’s security team. Today, she manages Google Chrome’s security engineering team, whose goal is to make Chrome the most secure way to browse the internet. And I have to thank the Princess since Chrome is what I use to surf the net.

Her persona is one thing, her edge is another. On Twitter, her profile is laid out as ‘Adept at baking, eating, and hijacking cookies.’ No mention of princesses, or security. And here’s one better – she has her own website – As I rap. Now that’s not so remarkable, however the content on the website is:

Welcome to my unremarkable home on the web.

For a significant chunk of my waking hours, I work here making things like this more secure.
Hacking information security is fun, and I’m pretty lucky I get paid to work on it with the world’s best.
More of my “professional” details are in my resume.

I <3 tech, but pass time away from computers as an aspiring amateur photographer, climber, gelato
maestro, tweeter, gingerbread architect, pixel illustrator, glass burner, and jac(queline) of all trades.

At some point in my life, I looked like this.

Her name doesn’t appear on the page (it doesn’t appear…)

An article that appears in the U.K. Mail Online, Google’s ‘Security Princess:’ Meet Parisa Tabriz, the 31-year-old Iranian-American hacker who protects the tech giant from cyber criminals gives some excellent background and insight into who this woman actually is and what it is that she does:

  • Her job: to attack Google Chrome and find out any weaknesses in the system before the bad guys have a chance to do it
  • Parisa Tabriz, 31, is technically an information security engineer — but she’d rather you called her ‘Security Princess’
  • Tabriz is a trailblazer in the booming tech industry, in which women are vastly underrepresented

Ah, that last bullet. Looking closer, what we have here is a woman so highly confident in her capabilities, as well the ability to say call me Security Princess, that I’m not sure if the tech industry really and fully knows what hit it. According to a recent Wired Magazine article, With Any Luck, This Googler Will Turn More Girls Into Hackers, a statement is made:

“Whether you were a man or a woman or whatever, it was difficult,” says fellow SIGMil alum Chris Grier of the hacking tests—yes, hacking tests—that guarded the way to the group’s Friday night meetings at UIUC. Tabriz is a hacker first. Yet, like so many others, she bemoans that relatively few women work in security—or across the larger tech world As she indicates, a 2012 National Science Board study that shows that female participation in computer science has declined to 18 percent from a peak of 37 percent peak in the mid-1980s. She also acknowledges that part of the problem is that our wider culture implicitly discourages young women from entering the field. Female role models can be hard to find. But she’s helping to change that.

We all talk about women in the tech industry and right here, I’m going to stop just talking. Action. Yes, after seeing Parisa live at the conference as well as knowing her background, I am now going to state that the power of this young woman speaks volumes to what can be achieved in the realm of technology. Not just by talk – but by action too, as well as a dose of lightheartedness, and edge. And that, my friends, speaks my language and why I’m writing this blog. Parisa is the kind of young mover and (earth) shaker who every young man and woman should look at as a model of utter confidence and – savvy.

So Princess Leia, you may have helped to bring down the Death Star, but the Security Princess can do one better – she can single-handedly attack a major enterprise network and put them into a world of extraordinary hurt that they never knew what hit them…


But I’m sure she’d rather be hijacking cookies instead…