International Women in Cyber Day (IWCD) began as an occasion to provide support and recognition for women in cybersecurity. Today, the movement, celebrated on September 1 every year, is inspiring women from around the globe to create and host events to celebrate women in cybersecurity that spans multiple continents. We asked some of the well-known faces in the industry what it means to be a woman in the dynamic and highly competitive cybersecurity arena. Here’s what they said:
Andrea Carter- Senior Director, Marketing, North, South and Emerging EMEA, Sophos, has been working for the last ten years in cybersecurity at Sophos, and according to her, she “couldn’t ask for a more interesting and rewarding role.” In her opinion, cybersecurity and the cyber threat landscape are all changing rapidly, and this is a steep, lifelong learning curve, “but you will constantly have an interesting and varied career which is extremely motivating. The best part of being a woman in the cybersecurity industry is having the opportunity to work in such a high paced, exciting environment where no day is the same and you can guarantee you will be doing something new continuously.”
So, what made her choose this field?
“I was lucky enough to almost fall into IT, gaining my first role within a sales automation software company. I very quickly realized that I had a passion for technology and have spent my entire working career of nearly 20 years since in the B2B technology sector. I think the reason I have remained in the technology sector and love it so much is the constant rate of innovation which keeps my role interesting and exciting,” she says.
Then again, what are the ups and downs of taking up this career?
Andrea believes that the greatest challenge, “for a leadership role like mine, is to align the team’s goal to the goal of your organisation. At times it is difficult to maintain this alignment in all the circumstances. I make sure that there is transparency in my team and every person on my team should be clear on the role they are playing to enable Sophos to reach its goals. This helps to maintain the positive energy of the team. Constant communication and 360-degree feedback helps to align the team with the organisation.”
Deepa Kuppuswamy, Director of Security at ManageEngine transitioned from product engineering to the information security domain 10 years ago. “It was a new domain and I wanted to explore and master it,” she says. “The role required me to align with business objectives, make the different teams understand the value of security and privacy, while at the same time acting as a business enabler helping the organisation grow in a secure way. I was intrigued enough to choose this career path since it posed a different challenge.”
Deepa chose this field because “no two days are the same working in the security domain. I love the challenge of building a security and data protection program to fit into our organisation’s culture, and to engineer and scale our security tools and processes as the business evolves and scales up. Being in the thick of a security incident and driving the incident response process successfully brings an adrenaline rush every time. It’s also fulfilling to brainstorm with various business units to understand their unique problems and come up with solutions to improve the security posture. The fact that my work contributes to the greater mission of securing the organisation and its stakeholders is what motivates me.”
According to Deepa, the upside about a career in security is that one is a life-long learner once you choose this career. “It never gets boring and dull. There is always the need to be up-to-date on security threats and new technologies, there is always something new to learn and tryout. The fast-paced environment makes this career interesting and fulfilling. One more positive fact is the high demand for qualified cybersecurity professionals. Organisations in nearly every industry have openings in the cybersecurity field.
While ManageEngine understands the importance of cybersecurity, on the other side, some young professionals may feel stuck or helpless when the management doesn’t really understand the importance of cybersecurity for businesses. An organisation culture which does not prioritise, values and respects cybersecurity might be demotivating. In such cases, the constant need to keep advocating for your cause can dampen your spirit and lead to burnout.”
Heather Mahalik, Fellow Instructor at SANS Institute loves the fact that in her job, every day is different, and technology constantly changes. “As a hobby, I enjoy doing puzzles. DIFR is the ultimate puzzle. The way I see it is that my job is not work, it’s fun. I love what I do and I love working with the people I have on my teams.
In fact, Heather says, cybersecurity chose her and not the other way round. “Seriously, it did. I was in the right place at the right time and an opportunity came my way. I thought it would be a stepping stone into another profession, but it was love at first byte.”
For Roya Gordon, Security Research Evangelist at Nozomi Networks, being in cybersecurity is one of the most exciting and fulfilling careers she’s had. “You can choose your own adventure. If you like forensics and investigation, sales, or media, you can do it in cybersecurity.”
“I slowly eased my way into this field during grad school, she says. “I started studying cyberwarfare, which tied in perfectly with my intelligence analyst background. I loved learning about new technologies and hackers trying to attack corporations and countries.”
She is of the opinion that most cybersecurity companies allow you to work remotely, but the downside is you don’t get to physically see the people you work with; it may be months or sometimes never. “The best part about this field is that you get to attend some of the best conferences, gain some of the most sought-after skills, and work with some of the smartest people ever. I love it here!”