Professional Documents
Culture Documents
Diversity in Cybersecurity: A Mosaic of Career Possibilities
Diversity in Cybersecurity: A Mosaic of Career Possibilities
Diversity in
Cybersecurity:
A Mosaic of Career
Possibilities
Click here or press enter for the accessibility optimised version
Cybersecurity
Careers: Off the
beaten path
In this eBook you can read the stories
of professionals from around the world
and hear how they got their starts in
cybersecurity. No two answers are the
same.
Question 1
What was the path that led you into the cybersecurity
industry?
Christine Izuakor
CEO of Cyber Pop-up | @Stineology | LinkedIn
I was in school trying to become an eye doctor and realized very quickly
that it was not the right path for me. And so I started taking different electives,
really trying to explore and figure out what I wanted to do with my life and
career.
I came across a cybersecurity class, and I'll never forget the exact assignment
when I knew. We had this task to decrypt a string of encrypted texts. Things
like that can be a pretty tedious process. I was up until probably two or three
o'clock in the morning trying to figure this thing out. And I'll never forget the I'll never forget the adrenaline rush that I felt when I
adrenaline rush that I felt when I finally cracked it and got it right. It was almost finally cracked it and got it right. It was almost like I had
like I had won a game or like I had solved a puzzle. I couldn't help but think to won a game or like I had solved a puzzle.
myself, “Oh my gosh, this is what some people do for work. This is an actual Christine Izuakor | CEO of Cyber Pop-up
job.”
Share
Share
on
Share
Ton LinkedIn
on Facebook
Jane Frankland
CEO, KnewStart | @JaneFrankland | LinkedIn
Because I didn't know anything about technology, I looked at what was available
in tech. The only two things that interested me were AI and security. AI was too
new at that time. Security sounded really exciting and dynamic. I thought it
sounded a little bit like James Bond. (I’m a big Bond fan.) That's how I got into
this industry, and that’s what led me here. One thing that I love about cybersecurity is the people.
The people are interesting. The people are challenging.
One thing that I love about cybersecurity is the people. The people are The people are frustrating, and the people are incredibly
interesting. The people are challenging. The people are frustrating, and the diverse. I love hanging out with people in cybersecurity.
people are incredibly diverse. I love hanging out with people in cybersecurity. Jane Frankland
The way that I see it is we really are securing the world’s operations. We are
Share
Share
on
Share
Ton LinkedIn
on Facebook
really securing the world’s freedom, which is a really important thing to do. And
certainly as a woman, because we see risk in a different way than men, I feel
that the industry really needs us as women to come in and add to it.
Sophia McCall
Junior Security Consultant | @spookphia | LinkedIn
Following this “Eureka” moment, I applied to study a BSc (Hons) in Cyber After nearly two years of building things, I discovered that
Security Management. Four years later, including a year’s placement in industry breaking them was much more fun!
and a huge amount of community involvement, I completed my degree with Sophia McCall | Junior Security Consultant
First Class Honors. I’m now about to commence my first role in the industry as
a Junior Security Consultant of penetration testing.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Jason Lau
Chief Information Security Officer, Crypto.com | @JasonCISO | LinkedIn
I was one of the first with these ModChips at that time, so my friend and I
started to help others on the side. This freelance job was quite thrilling and
exciting! This was my first experience with hacking and reverse engineering. It
taught me how to use root cause analysis to really dig deeper in order to
understand the underlying technology and reasons for why things worked (and I used root cause analysis to really dig deeper in order to
didn’t work). This is a fundamental skill which I have found useful in my understand the underlying technology and reasons for
cybersecurity career. why things worked (and didn’t work).
Jason Lau
Share
Share
on
Share
Ton LinkedIn
on Facebook
Katie Moussouris
CEO of Luta Security | @k8em0 | LinkedIn
I think a lot of people who have been in cybersecurity for as long as I have—over
20 years professionally—have a very meandering path that led them down this
career rabbit hole. For myself, I was a molecular biologist, and I was working on
the human genome project at MIT. I decided molecular biology wasn't for me,
but I wasn't quite sure what I wanted to do. So I took a detour, which I thought
was temporary, into the systems administrators group at the genome center at This was all before there was an actual cybersecurity
MIT. I helped them build those systems out, and then, I took another systems profession. So for me, my security origin story is murky
administration job at MIT in the Department of Aeronautics and Astronautics. because it's coupled with the origin story of
There, I took care of the network that helped launch some Mars rovers. This cybersecurity itself.
was the late 90s we're talking about here. Katie Moussouris | CEO of Luta Security
From there, defending the systems that I was in charge of led me back into the
Share
Share
on
Share
Ton LinkedIn
on Facebook
nascent security fold. But this was all before there was an actual cybersecurity
profession. So for me, my security origin story is murky because it's coupled
with the origin story of cybersecurity itself.
Ken Westin
Head of Competitive Intelligence, Elastic | @kwestin | LinkedIn
I went down a lot of rabbit holes in my research, and I even built a website
called USBHacks.com that provided samples of the USB malware to help
educate network admins. (This was also the first time the FBI reached out to We joked about what would have happened if a thief had
me.) stolen my bag and plugged in one of my weaponized flash
drives into a computer.
Around this time, one of my co-workers had his car broken into and his laptop Ken Westin | Head of Competitive Intelligence, Elastic
bag stolen. We joked about what would have happened if a thief had stolen my
bag and plugged in one of my weaponized flash drives into a computer. After
Share
Share
on
Share
Ton LinkedIn
on Facebook
the conversation, I started building tools based on my USB malware that were
designed to protect devices and data if they were stolen.
Jelena Milosevic
Registered Nurse | @_j3lena_ | LinkedIn
There was no “calling” moment. It just kind of happened that I realized I was
part of the information security community.
I decided to contact the security team. At first, they were surprised (and
Share
Share
on
Share
Ton LinkedIn
on Facebook
suspicious) that a nurse showed interest in security. But they quickly saw that I
really wanted to deepen my understanding and learn.
Jelena Milosevic (Continued)
In no time, I received a lot of information and made contacts with many infosec I got depressed thinking that I’d never be able to learn a
professionals from all over the world who were ready and open to help me. subject, that I’d never be able to learn enough. But I didn’t
They explained a lot to me, sometimes in too many details. They also showed give up.
me the tools that I could use to learn by myself. Jelena Milosevic | Registered Nurse
Like most people, I fell into cybersecurity through exposure to some really
big security events.
Code Red, Nimda, and the “I Love You” virus all swept us up by surprise at the
time (security was still low on the radar unless you worked at a bank or financial
organization). In one of the virus attacks, I saw a whole corporation lose its
email system.
It struck me that this meant nobody knew how to prevent or respond to these
attacks and that security was going to be vital going forward. All our digital
transformations would come to naught if a simple attack could cripple us. So I think the final confirmation for me came when we read
we had to develop security in the same way that we were changing IT. reports from SOCA and other organizations that showed
the link between hackers and organized crime.
I think the final confirmation for me came when we read reports from SOCA Richard Archdeacon | Advisory Chief Information Security Officer, Duo Security, Cisco
and other organizations that showed the link between hackers and organized
crime. It struck me then that we were not dealing with script kiddies but bad
Share
Share
on
Share
Ton LinkedIn
on Facebook
people who were committed to doing bad things to innocent victims. This was
more than just a job; it was a calling.
Ambler T. Jackson
Senior Privacy Subject Matter Expert | LinkedIn
I knew that the cybersecurity industry was the right industry for me when
I began working on assignments that required not only an understanding of the
law and general business processes, but also the ability to understand an
organization’s data governance practices and speak “security.” My confidence
with respect to my career path increased once I understood how my skill set
obtained throughout my law career, coupled with my technical aptitude,
transferred to the cybersecurity space and specifically to the data privacy and
protection area of cybersecurity.
Cybersecurity is a very broad discipline, and the field is
enriched by many different skills, capabilities, expertise,
personalities and backgrounds.
Ambler T. Jackson | Senior Privacy Subject Matter Expert
Share
Share
on
Share
Ton LinkedIn
on Facebook
Omar Santos
Principal Engineer - Product Security Incident Response Team (PSIRT), Cisco | @santosomar | LinkedIn
It started when I left college and joined the United States Marines. I was
in the U.S. Marine Corps, and my military occupational specialty was in
electronics and secure communications. From there, I shifted into networking
and specifically network security. That’s when I knew that cybersecurity was
for me.
After I left the Marine Corps, I joined Cisco in 2000, and I was part of the
technical assistance center. I was supporting firewalls, IPS devices, VPNs and
a lot of encryption.
At the end, I was actually doing penetration testing and ethical hacking against I was actually doing penetration testing and ethical
many large Cisco customers. I shifted gears again, and now I'm part of the hacking against many large Cisco customers.
product security incident response team where we specialize in vulnerability Omar Santos | Principal Engineer - Product Security Incident Response Team (PSIRT),
management. I also concentrate on helping industry-wide efforts. Cisco
Share
Share
on
Share
Ton LinkedIn
on Facebook
Mo Amin
Independent Cyber Security Culture Consultant | @infosecmo | LinkedIn
Share
Share
on
Share
Ton LinkedIn
on Facebook
Amanda Honea-Frias
Head of Product Security at Duo, Cisco | @pandaporkchop | LinkedIn
In the second grade, I was placed in college math and English, but a few
years later, I was taken out of public school to be homeschooled. During this
time in the late 80s and early 90s, homeschool was not as evolved as it is
today. In my boredom, I happened to discover BBSs (bulletin board systems)
and, subsequently, the Internet. I quickly adapted to manipulating software and
hardware to do things they were just not made to do.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Rebecca Herold
CEO and Founder, The Privacy Professor Consultancy | @PrivacyProf | LinkedIn
I got onto the information security, privacy and compliance path at the
beginning of my career as a result of creating and maintaining the change
control system at a large multinational financial/healthcare corporation. I didn’t
even realize change control was a critical information security control at the
time until I started seeing the ways in which human interactions and
noncompliance with procedures caused some major problems, such as down-
time (loss of availability) for the entire corporation.
The moment that I realized the security/privacy industry was right for me
was when I made my own path in it. I quit my job at a consulting gig and then
developed Cyber Collective. I was able to make the safe space that I was
looking for in the security industry that I didn’t necessarily have for myself and
for my peers outside of the security industry. I think that dialogue needs to
reach everybody. When I realized that I could turn security into something
creative that benefits people, that reaches the empaths and into people’s ethos
and pathos, that’s really when I realized that security was my calling, that this
was something that I could do.
I was able to make the safe space that I was looking for in
the security industry.
Tazin Khan Norelius | Founder of Cyber Collective
Share
Share
on
Share
Ton LinkedIn
on Facebook
Ben Nahorney
Threat Intelligence Analyst at Cisco Security | @benn333 | LinkedIn
In demonstrating that I could write, I was moved into a role writing knowledge-
based documents. Eventually, I took on a position within the company’s threat
research group where I wrote virus write-ups based on notes from
cybersecurity engineers.
I don’t think I looked back after that. Researching threats had a very similar vibe Researching threats had a very similar vibe to the
to the investigative journalism work I wanted to do. investigative journalism work I wanted to do.
Ben Nahorney | Threat Intelligence Analyst at Cisco Security
That being said, I was concerned. What if this form of sophisticated social AI The prospect of a dystopian future in which sophisticated
was deployed as an attack vector? The prospect of a dystopian future in which AI could engage with or even deliberately target some of
sophisticated AI could engage with or even deliberately target some of the the most vulnerable people on the planet was an
most vulnerable people on the planet was an extremely disturbing prospect. I extremely disturbing prospect.
decided to engage and requalify as a Cyberpsychologist, which was an Mary Aiken | Professor, Forensic Cyberpsychology, University of East London
emerging discipline in the early 2000s. Some years later, I embarked on a
completely new career in the cybersecurity and cyber safety sector. All of this
Share
Share
on
Share
Ton LinkedIn
on Facebook
was inspired by a brief but illuminating encounter with a Chatbot.
Jihana Barrett
Founder, CyberSuite LLC | @iamjihana | LinkedIn
While in the Air Force, I was doing military intelligence. I pivoted from that to
specifically cybersecurity. Prior to that, I had no clue about cybersecurity or
what it meant and what it entailed.
The turning point came when I had my first work role in a counter terrorism
office for the NSA. It was so life changing for me because that was when I
actually applied theory with on-the-job training. That counterterrorism office
was high pace. Just nerves on edge all the time. There was a lot going on, but
it was so amazing. I used everything I had learned. I learned how to think on my I used everything I had learned. I learned how to think on
feet, to be creative. It really allowed me to dig deeper into pen testing. Had I my feet, to be creative.
not done that job, I wouldn't have learned that I enjoy pen testing as much as I Jihana Barrett | Founder, CyberSuite LLC
do. It was also very rewarding because you saw the actual result of an action
you took.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Fareedah Shaheed
CEO and Founder, Sekuva | @CyberFareedah | LinkedIn
Instead of security being reduced to lines of code or sitting at a desk for eight
hours, it became about the human brain, teaching and authentically connecting
with people.
And once I started my own business and brand, I fell deeply in love with Instead of security being reduced to lines of code or
creating a movement and tribe around security awareness and education. sitting at a desk for eight hours, it became about the
human brain, teaching and authentically connecting with
Now, it’s no longer about the “right career” but about the “right calling.” I’m in people.
an industry where I can create massive transformation and impact. Fareedah Shaheed | CEO and Founder, Sekuva
Share
Share
on
Share
Ton LinkedIn
on Facebook
Martijn Grooten
Researcher, Writer and Security Professional | @martijn_grooten | LinkedIn
During my very first security conference back in 2007, I saw a talk on the
Julie Amero case: a teacher who faced a long prison sentence because
malware on her laptop had displayed adult content to a class of minors. It
taught me how security can have an impact on people’s lives and also how
different people can have very different threat models.
The latter lesson I think is relevant well beyond IT security. It could help us
understand society better as a whole.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Noureen Njoroge
Cybersecurity Consulting Engineer, Cisco | @EngineerNoureen | LinkedIn
While at this role, I attended a lunch-and-learn session that was hosted by the
Infosec team. They shared information on the latest malware trends, tactics,
techniques and procedures used by the threat actors. I was so fascinated by
the knowledge shared, and I asked so many questions to the point where they
offered me the opportunity to shadow the team in order to learn more. It was
this opportunity that deepened my interest in security. Later on, I was offered
an opportunity to join the MIT Cybersecurity program. From the knowledge I I knew that cybersecurity would be the future, and I
had already attained, I knew that cybersecurity would be the future, and I wanted to be part of it.
wanted to be part of it. Noureen Njoroge | Cybersecurity Consulting Engineer, Cisco
Share
Share
on
Share
Ton LinkedIn
on Facebook
Phillimon Zongo
Chief Executive Officer at Cyber Leadership Institute | @PhilZongo | LinkedIn
I would say my eureka moment came around the end of 2015 when I went
back to the drawing board and took a deep look at my career path. I felt like my
career had stagnated.
I realized that there was a major problem in cybersecurity: a lot of the material
that I was reading was very technical in nature, but it was almost impossible for
me to link cybersecurity tools to strategic business goals. I realized that the
subject of cybersecurity was confined within the corridors of IT. It was I realized that I needed to develop skills that would help
supposed to be a responsibility of everyone from the front office staff to the me translate the complex side of cybersecurity into a
board of directors and cybersecurity professionals themselves. That’s when I language that was understandable by senior business
realized there was a major gap. After months of researching and talking to leaders.
other people, I realized that I needed to develop skills that would help me Phillimon Zongo | Chief Executive Officer at Cyber Leadership Institute
translate the complex side of cybersecurity into a language that was
understandable by senior business leaders.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Click here or press enter for the accessibility optimised version
Question 2
If given the chance, what advice would you give
yourself when you first joined the industry?
Jihana Barrett
Founder, CyberSuite LLC | @iamjihana | LinkedIn
If I could go back and tell myself anything, it would have been to pace
myself. I would have reassured myself that I was on the right track, that things
would turn out the way they're supposed to. And I would encourage myself to
learn as much as I could but to be patient with my learning. A lot of times,
newbies want to be experts, and they don't give themselves the chance to take
the steps to get to that point. Having been in the industry for about 11 years
now, I totally see that even if you have all the books behind it, you still don’t
have the experience when starting out. That experience is what helps me
execute my tasks and examine a problem the way that I do. I would have just told myself to be patient. You’re on the
right track. You’re doing all the right things. You’re
So I would have just told myself to be patient. You’re on the right track. You’re learning.
doing all the right things. You’re learning. You’re getting the foundations and Jihana Barrett | Founder, CyberSuite LLC
fundamentals. And every aspect of that industry is going to involve learning.
The learning never stops. Basically, I would have taken the pressure off of
Share
Share
on
Share
Ton LinkedIn
on Facebook
myself to know everything in the beginning so that I could add value to a space
and just know that it was going to come with time.
Tazin Khan Norelius
Founder of Cyber Collective | @techwithtaz | LinkedIn
The advice that I would give myself when I first joined the industry would be
to trust the process. I don’t necessarily know if I would give my past self any
new advice because I’m thankful for the journey that led me to where I am. But
trusting the process has been something that I tell everyone and myself often.
You can only do what you can do. The rest is up to the process of contributions
and reaping the benefit of the work that you put in. So if you trust the process
and stay disciplined, great things can happen for you.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Ben Nahorney
Threat Intelligence Analyst at Cisco Security | @benn333 | LinkedIn
When coming from a non-computer related field, not everyone will immediately
see the value of what you bring, and you’ll have to spend extra time proving
your worth. Stand your ground when necessary, but pin your ears back for Stand your ground when necessary, but pin your ears
other ideas and perspectives. You’ll pick up some very valuable information. back for other ideas and perspectives.
Ben Nahorney | Threat Intelligence Analyst at Cisco Security
So ultimately, my advice to myself would be to learn to take things in stride.
That, and don’t get too attached to that hairline.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Noureen Njoroge
Cybersecurity Consulting Engineer, Cisco | @EngineerNoureen | LinkedIn
Security likes “rock stars,” that is, people who have very good technical skills
or who are loud, very present and can tell a good story. When you’re new in the
industry, as I once was, it’s tempting to look up to them and try hard to be liked
by them. This might give you a short-term career or confidence boost, but in
the long run, I have learned it is much more important to look out for people
who are kind and who have a good moral compass.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Jason Lau
Chief Information Security Officer, Crypto.com | @JasonCISO | LinkedIn
Looking back, I would have told myself much earlier on to focus on the
human element of cybersecurity.
There was already so much focus on technology, systems and software in the
early days of cybersecurity and not enough on the “people” side of things,
which is the initial cause of many incidents. Focusing on this topic could have
made a much bigger impact on the early days of the security awareness
training industry.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Phillimon Zongo
Chief Executive Officer at Cyber Leadership Institute | @PhilZongo | LinkedIn
There’s certainly things that I could have done better. Now that I have
spent a lot of time mentoring people, I would say it would have been better if I
had looked for a highly experienced mentor from day one. That would have
accelerated my career trajectory in those five years that I've been pushing
myself.
However, if I were to go back, there’s not much that I would change. Before I
start doing something, I ask myself, “Am I scared?” If I'm not scared, then I
don’t do it because it is through doing things that we are afraid of that we grow
the most.
If there is one critical piece of advice that I’d give to aspiring cybersecurity
professionals, it would be to place yourself as someone who can communicate
persuasively and with impact, who can simplify that critical message and push it I would say it would have been better if I had looked for a
to the wider business community, you'll be able to differentiate yourself. Every highly experienced mentor from day one.
time I mentor people, I see people doing the same old thing. They get Phillimon Zongo | Chief Executive Officer at Cyber Leadership Institute
certification after certification but forget that maybe 10 million people look like
you. How are you different? What is something different that you bring to the
Share
Share
on
Share
Ton LinkedIn
on Facebook
table?
Fareedah Shaheed
CEO and Founder, Sekuva | @CyberFareedah | LinkedIn
When I first joined the industry, I wasn’t aware of all the options and diversity
of paths, so I got sucked into the “you MUST be technical to be worthy of
anything” world.
If I were to go back, I would tell myself to not worry about how technical I was
or wasn’t. I would put more focus on knowing my strengths, interests and
hobbies. I would then spend time figuring out how I could combine them all to
make a difference in someone’s life.
I would tell myself to not worry about how technical I was
Not everyone gets to do that, but if you can find that combination, it can be life- or wasn’t. I would put more focus on knowing my
changing. I eventually found it, but I would definitely tell myself to stop stressing strengths, interests and hobbies.
over grades, certifications, job titles, compensation and technical abilities Fareedah Shaheed | CEO and Founder, Sekuva
because it doesn’t matter. It didn’t for my journey, at least.
Share
Share
on
Share
Ton LinkedIn
on Facebook
I would tell myself that the impact I was called on to make in this world was
bigger than any of that, and that I didn’t have to squeeze myself into a box of
degrees, certs, job titles and career paths.
Omar Santos
Principal Engineer - Product Security Incident Response Team (PSIRT), Cisco | @santosomar | LinkedIn
I would basically say to pace yourself and to understand that you're not going
to be able to learn everything overnight. Cybersecurity is very broad. You have
things from ethical hacking, pen testing, digital forensics and incident response,
exploit development, etc.
So yes, become familiar with all the different domains and the ones that you
want to specialize in and that attract you the most. Then dive deeply into it
while always recognizing that you will never be an expert in every single area in
cybersecurity. Pick your niche and concentrate on it.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Sophia McCall
Junior Security Consultant | @spookphia | LinkedIn
If I could turn back time, I definitely would have told myself to not be afraid and
to start networking earlier! At first, I was scared to attend events and I didn’t
start doing so until nearly the end of my first year at university.
In my opinion, it’s never too early to start networking. The earlier you start, the In my opinion, it’s never too early to start networking. The
sooner you can grow your network and utilize it as a stepping stone to help you earlier you start, the sooner you can grow your network
kickstart your career. and utilize it as a stepping stone to help you kickstart
your career.
Sophia McCall | Junior Security Consultant
Share
Share
on
Share
Ton LinkedIn
on Facebook
Amanda Honea-Frias
Head of Product Security at Duo, Cisco | @pandaporkchop | LinkedIn
I am not one to wish for a time machine in general. I believe each success
and failure has made me who I am today. I do not want to sound like I have had
a perfect journey and that I have achieved all that I have intended to
accomplish. Quite the contrary. My life is a continuous journey, and my
occupation is just a part of that journey.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Jane Frankland
CEO, KnewStart | @JaneFrankland | LinkedIn
If I could go back to the point when I was just joining information security, I Use your voice, demonstrate your value, really focus on building your network
would tell myself to not shy away from being visible. I would urge myself to use and use all of the tools around you.
my voice and network. Visibility is the most important thing that a woman needs
to do in order to advance her career. Finally, don’t worry about your age. Don’t worry about how young you look, and
don’t worry about not being considered technical. For me, I had a great big
When I talk about visibility, I mean it in a sense of using your voice so that hang-up about being really young. I wasn’t actually bothered about being a
people know about you. You need to get yourself out there. They need to be woman. I didn’t see that as being a disadvantage at all, but I was really
able to see and understand the work that you are doing. So it's really important concerned that I looked so young and that I wasn’t technical. So I would go
that women build their visibility. back and tell myself to not worry about looking young and to not worry about
not being technical. I was able to do my job and to do it really well even though
I wasn’t technical in those days.
Don’t worry about your age. Don’t worry about how young
you look, and don’t worry about not being considered
technical.
Jane Frankland | CEO, KnewStart
Share
Share
on
Share
Ton LinkedIn
on Facebook
Katie Moussouris
CEO of Luta Security | @k8em0 | LinkedIn
When you're a minority woman in any industry, I think it's a challenge for us to
be taken seriously early in our careers, mid-career and even later on in our
careers. I think that having access to capital, and the means to make some of
our ideas come true, is important. I think that would have been the advice that I
would have given myself back then. And now, we'll see what I do with some
capital, since I've earned enough to bring a few new ideas to reality.
Mo Amin
Independent Cyber Security Culture Consultant | @infosecmo | LinkedIn
If you can, try and find a mentor. There are more avenues and channels now
than when I was starting out. When you find someone, make sure that you play
your part in the relationship. You need to put the effort in, too. Also, remember
to be patient with yourself. You can’t know everything at once. Pick an area that
interests you and try to become the best that you can be in it.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Rebecca Herold
CEO and Founder, The Privacy Professor Consultancy | @PrivacyProf | LinkedIn
Another piece of advice to myself would be to not wait until I feel I am confident
I know and can do everything related to information security and privacy before
offering ideas or being proactive with actions. Early in my career, I did not
speak up with my ideas that likely would have propelled me much further and
more quickly in my career if I had. No one will ever know, though. We need to have confidence and faith in our own
capabilities as well as to always approach issues
We need to have confidence and faith in our own capabilities as well as to logically.
always approach issues logically. We also need to be aware that others who Rebecca Herold | CEO and Founder, The Privacy Professor Consultancy
may be less knowledgeable and/or experienced than you will advance more
quickly because they didn’t wait to be 100% knowledgeable or fit 100% of an
Share
Share
on
Share
Ton LinkedIn
on Facebook
advertised position within which they ultimately excelled.
Mary Aiken
Professor, Forensic Cyberpsychology, University of East London | @maryCyPsy | LinkedIn
I believe that regret simply serves to undermine decision making, not just
in the past, but importantly going forward, as well.
Bottom line: don’t second guess your own judgement, that is, the ability to
make considered decisions and come to a sensible conclusion. My only advice
to those who seek a career in cybersecurity is to do what I did and don’t view
opportunity through the myopic lens of a singular discipline. Try to adopt a
transdisciplinary approach, and don’t underestimate the incredible value of the
arts. In terms of decision making, Robert Frost’s “The Road Not Taken” sums it
up:
Two roads diverged in a wood, and I— Bottom line: don’t second guess your own judgement
I took the one less traveled by, Mary Aiken | Professor, Forensic Cyberpsychology, University of East London
And that has made all the difference.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Ambler T. Jackson
Senior Privacy Subject Matter Expert | LinkedIn
Share
Share
on
Share
Ton LinkedIn
on Facebook
Ken Westin
Head of Competitive Intelligence, Elastic | @kwestin | LinkedIn
When I was a kid, I was diagnosed with Dysgraphia, a learning disorder related
to Dyslexia. This didn’t happen until rather late in my childhood. Up until that
point, I believed I was "stupid and lazy," as that is what many teachers told me.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Christine Izuakor
CEO of Cyber Pop-up | @Stineology | LinkedIn
The one thing that stands out for me is asking questions and being brave
about asking questions. I still remember early in my career how I often found
myself being the only woman in the room, the only person of color in the room
and/or the youngest person in the room. And on top of that, I already had a
very shy and timid personality. Bundled together with asking questions, it was a
nightmare for me sometimes.
What I would do is I would take out a notepad every time I heard something I
didn’t know or every time there was a concept that I couldn’t quite grasp. I’d go
home and do a ton of Googling and researching to figure it out. That worked for
me. Don’t be afraid to ask questions. No matter how
“beginner level” those questions might sound in your
I think being able to ask questions and really get that information and soak that head or how stupid you think some people might think
in, as well as to build relationships with the people around you is an added plus. they are, all of that doesn’t matter at the end of the day.
Don’t be afraid to ask questions. No matter how “beginner level” those Christine Izuakor | CEO of Cyber Pop-up
questions might sound in your head or how stupid you think some people might
think they are, all of that doesn’t matter at the end of the day. When you get
Share
Share
on
Share
Ton LinkedIn
on Facebook
answers to those questions, that is helping you to evolve and grow into the best
version of you and the best professional that you can be. That is what matters.
Jelena Milosevic
Registered Nurse | @_j3lena_ | LinkedIn
Over time, I realized that I can’t know everything in this field. Nor do I need to.
This helped me learn to take a breath, to take a look around and have more
patience with learning step by step instead of all at once.
There are many sources of information and free courses/training packages that
we can find on the Internet for learning more about security. There are also
many companies that will give you a chance to start working even if you don’t
have your diploma. Reach out to them to show your initiative! The information
security community is awesome. So here I am, a nurse in the information security world.
Jelena Milosevic | Registered Nurse
Thanks to some people and their trust in me, I was able to find my place. I now
find what I want and do what I can to produce change for the better. So here I
Share
Share
on
Share
Ton LinkedIn
on Facebook
am, a nurse in the information security world.
Richard Archdeacon
Advisory Chief Information Security Officer, Duo Security, Cisco | LinkedIn
It’s about people. We have to understand the technology. But the most
important skill is communication. No matter how strong our technology controls
are, we will get nowhere unless we can explain the “what” and the “why.”
Otherwise, we will become an obstruction and not a help.
Our colleagues do not come to work to do security. They come in to carry out
their tasks in their own departments in order to fulfill their role.
Share
Share
on
Share
Ton LinkedIn
on Facebook
Click here or press enter for the accessibility optimised version
Further Thoughts
Job Descriptions, Conclusion, and Resources
Job Descriptions
We couldn’t end this eBook without confronting the topic of job descriptions.
In order to attract and support more people in the cybersecurity industry, they
need to visualize themselves in the roles. But do current job descriptions
enable that, or does the amount of experience and certifications requested up
front lead to a certain amount of soul crushing?
Don’t just build a website asking for applications and
Certifications and accreditations certainly have their importance, but for the assume they will come. Go out into the marketplace, and
majority of people in this industry, they are here because they have a passion go to disadvantaged schools. Talk to them about the
for helping others. The passion of the contributors in this eBook alone clearly industry. Creating a job spec on your website and sending
leaps off the page. it out on social media isn’t good enough.
Theresa Payton, the first female CIO of the White House
People in cybersecurity want to make the world a better place, and they want
to ensure the safety of as many people as possible online. Are the majority of
job descriptions appealing to that nature? We would cautiously suggest that
many of them don’t.
Conclusion
Women in Cybersecurity
Explore cybersecurity career paths at Cisco
Careers at Cisco
Put your talent to work
Cisco NetAcademy:
Empowering all people with career possibilities
Click here or press enter for the accessibility optimised version
Diversity in
Cybersecurity:
A Mosaic of Career
Possibilities