A hallmark of the University of San Diego’s Master of Science in Cyber Security program are the people behind it. We’re pleased to share a series of posts spotlighting members of the MS-CSE faculty team and alumni, and we begin with this introduction to Dr. Nahid Farhady.
About
Nahid Farhady Ghalaty, PhD, is a Principal Software Engineer at Microsoft, where she leads privacy and security initiatives for Copilot and other ML-integrated products. With over a decade of experience in AI product development, cybersecurity, and privacy engineering, her work spans both applied research and enterprise-scale deployment. Previously at Google Cloud and Capital One CyberML, Dr. Farhady has driven innovation in threat modeling, privacy-preserving machine learning, and synthetic data evaluation. Her technical leadership is grounded in deep expertise across ML pipelines, differential privacy, and adversarial testing, bolstered by a Ph.D. in Computer Engineering from Virginia Tech.
Beyond industry, Dr. Farhady is an active educator and thought leader. As an instructor at the University of San Diego, UC Berkeley School of Information and previously at institutions like George Mason and George Washington University, she has taught courses in algorithms, computer architecture, and ethical AI, Cryptography and Cybersecurity. She’s passionate about bridging the gap between academic rigor and real-world systems, empowering the next generation of engineers and researchers. Her dedication to equity and global collaboration is reflected in both her community engagement and her efforts to develop responsible AI systems at scale.
What is your academic and professional background?
I hold a Ph.D. in Computer Engineering from Virginia Tech, where my research centered on hardware security and adversarial machine learning. I built my industry career at Capital One’s CyberML division and Google Cloud before joining Microsoft, where I now lead privacy and security engineering for Copilot and AI-integrated products. My work has consistently lived at the intersection of machine learning and security — spanning threat modeling, differential privacy, and adversarial testing at enterprise scale. Alongside industry, I have taught at George Mason, George Washington University, UC Berkeley, and now the University of San Diego.
What led you to teach at the University of San Diego?
USD’s program stood out because it treats AI and cybersecurity as a unified discipline — exactly the framing the field demands as LLMs become core infrastructure. Most programs still silo the two, but real-world security threats today are inseparable from how AI systems are designed and deployed. The curriculum’s emphasis on applied, industry-relevant problem solving aligned closely with how I approach my own work at Microsoft. San Diego’s defense and tech ecosystem also makes the bridge from classroom to career unusually direct and meaningful.
How does your current role as a Principal Software Engineer at Microsoft influence what you teach in the classroom?
My work at Microsoft gives me direct access to production-scale AI security challenges, which I bring straight into the classroom. I teach synthetic data generation not just as a privacy tool but as an attack surface — Microsoft has published in this space and students engage with that real research directly. I also treat penetration testing as a core engineering practice, because the systems I see fail in industry are almost always ones whose teams never thought adversarially during design. My goal is for students to leave thinking like an attacker, not just a builder.
With the rapid rise of generative AI, what do you see as the biggest cybersecurity or privacy challenge facing engineers today?
The most urgent challenge is that LLMs have expanded the attack surface in ways most engineers are not yet equipped to reason about — prompt injection, data poisoning, and model inversion have no direct equivalent in traditional software security. What makes this dangerous is that these vulnerabilities look like normal model behavior, making them easy to miss and hard to test with conventional tools. Privacy is equally at risk because large models can memorize and surface sensitive training data in ways that are difficult to predict or audit. Engineers need to treat AI systems as adversarial environments by default, applying red-teaming and formal privacy guarantees from day one.
What advice do you have for prospective students considering USD’s cyber security engineering master’s program?
Come with curiosity about how systems break — the best security engineers instinctively ask “how would I attack this?” before writing a single line of code. USD’s program is rigorous and industry-connected, and you will get the most out of it by leaning into the applied projects rather than treating it as a credential. Do not be discouraged if your background is not purely technical, because diverse perspectives from policy, law, and systems design make this field stronger. Cybersecurity in the age of AI is one of the most consequential disciplines you can enter, and the work matters.
