Conversations With Cybersecurity’s Undervalued Workforce – Introduction
by Magda Lilia Chelly and Scott Schober
Scott: The cybersecurity industry is in dire need of information security professionals to combat growing global cyber threats. There is a clear shortage, especially in the lack of women entering the cyber workforce. I am a proud father of two. My young son may follow in my footsteps as the third generation running my family technology business. Should my 12 year old daughter choose a similar path in the tech industry, she will likely face ‘technology prejudice’ like so many women before her. My daughter is a hard worker in advanced placement and honors classes and far smarter than I was at her age. Yet, she will face many more obstacles than my son and I have ever faced despite her accomplishments.
Magda: Scott is clearly describing a situation that worries more than one parent. I was lucky enough to be raised in a family where my father, living in Tunisia at the time, was encouraging me to become an engineer. This was definitely one of the biggest positive pushes forward in my career. Today, I am managing my own cyber security company, and I am working internationally to support Fortune 500 companies to build resilient businesses. Was that an easy path for a woman? As we currently look at the statistics, women are not nearly as present in the cyber security industry as are men. They represent a small group of professionals, stuck in low to medium paying jobs for many years without a clear progression into leadership positions.
Women currently represent only 11% of the global cyber work force and yet women have some distinct advantages over the other 89% of their male colleagues that dominate the cyber industry. Overall, women are better verbal communicators than men. This becomes essential not just in expressing ideas with colleagues but also in sharing warning signs, alerts and possible cyber threats throughout an organization. Hackers generally work in tight knit communities sharing hacking tools and information freely with each other. By including more women (and overall diversity) in the cybersecurity mix, we improve chances of effective communications which are essential in fighting hackers and their communities.
Scott: Women are in need of equal opportunities from a young age. They can decide for themselves and work for both their passion and their career. They are able to be both technical and functional. Closing the current shortage and gap in the cybersecurity space might lead to more women joining and leading cyber teams in those companies.
The education of a cybersecurity professional never really ends. Analyzing and studying the latest threats is essential and that foundation is formed in cybersecurity classrooms and programs. Statistically, women perform much better then men in the scholastic environment. I recommend SANS Institute, a trusted source for infosec training and certification but there are many other traditional undergraduate and graduate degrees available from a growing number of universities. When women feel welcome and challenged in academia, they excel and contribute to the betterment of the entire institution. As a sitting Kean University cybersecurity advisory board member and alumni, I stress the importance of earning a cutting edge cyber security degree. I steer some to more conventional programs but others to more exciting ones such as HackED (www.HackEducate.com). With its intense, yet FREE, seven week cybersecurity training and certification program out of Washington D.C., HackED attracts the brightest talent and places graduates in top tech companies.
Magda: In Singapore, a Diploma in Cyber Management, IoT and Cloud Security was just launched by a collaboration between Responsible Cyber Pte. Ltd and Trent Global College. Both organizations are led by women and empowering other young female professionals to start their education with this one-year diploma.
Scott: I have had the privilege to meet, share with and work alongside some of the brightest cybersecurity influencers in our industry. This approach to raise diversity within the cyber security space helps promote role models in that very space. Women achieving great things within the cyber industry to make a change regardless of their various personal life schemes. Examining a variety of life style examples can encourage females to live as they really want to, without society’s pressure or judgement. In fact, the fight towards equality needs to be international, and taking into consideration cultural differences within our world.
Magda: When I received my PhD in Telecommunication Engineering, I got questions like “ How did you make it – Are you friends with the jury?”
When I passed my engineering exam to enter the second best engineering school in Tunisia, I was told: “ Have you bribed them?”
When I was a moderator at a cybersecurity event, some comments I heard were “She doesn’t know what she is talking about.” But today, I am managing a global cybersecurity company, and am acting Chief Information Security Officer for companies, including highly regulated firms in various industries. I have passed my CISSP. I am officially a Certified Information Systems Security Professional and an (ISC)² Associate.
Was the journey easy ? It wasn’t. Was it worth it? Definitely. Would I do it again. Absolutely!
Unconscious biases, various cultures, and our history, makes it harder for women, especially in IT and cybersecurity fields. All women should be part of a change, and drive inspiration to younger generations entering into the cyber industry. Creating inclusion as well as empowerment and mentoring programs are keys to encourage women to enter the cybersecurity world.
So, after interviewing all these amazing women in cyber, here is my advice for you:
Common doesn’t mean it’s the rule: Just because there are less women in cyber security, doesn’t mean that it is closed men club. Many CISOs are encouraging women and would like to hire us.
Prove yourself: Commonly known and proven, women usally need to prove themselves more often than men. This doesn’t mean that you will not be able to achieve what you are searching for and lead a great successful career in infosec.
Be Passionate About it: Passion is contagious and people can feel it. If you really love what you are doing and you are passionate about cyber, show it and share it.
Do what you want in your professional life: If you think that you prefer being technical and not functional, go for it. Don’t limit yourself to prejudice and common scenarios.
Overcome the Barrier: Don’t take a no as an answer. I have been already refused for a job three times, before working for the same company for two years.
Life isn’t always predictable: It might get strange and frustrating. If it does make a change. Don’t keep in a negative environment. Moral and sexual harassments are still taboos and are real. You do not feel good, make the step to change it or fight it.
Stop Making Excuses: You would like to start a cyber security career however you do not have the budget ? There are free platforms out there, helping you to get onboard. An example that I really encourage is cybrary.it.
Build your story: If you are passionate and you build your cyber security professional brand, you will have your story. Just do it. Be yourself and make an impact by inspiring others, and empowering other women.
Be Ambitious: Accept the challenge and then make a plan. Men do that all the time. Don’t doubt too much about your capabilities and don’t limit yourself. If you would like to become a CISO, then have a clear plan to achieve that.
Ask: Without asking, you will not get. Be courageous and ask for what you want.
Be persistent in your field: Cyber Security is wide and everyone can find his passion and develop his potential. Just take the step towards it.
Magda Lilia Chelly is Managing Director of Responsible Cyber Pt. Ltd.