SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
IWD 2023: There's opportunity for women in cyber if you're bold enough to seize it
Wed, 8th Mar 2023
FYI, this story is more than a year old

As a woman in the tech sector, I know how digital careers can create so much opportunity and reward.

Having pivoted into cybersecurity over the past one and a half years, I can say with certainty that this growing industry holds so many prospects for women. Unfortunately, there's still a lack of gender balance in this field.

Cybersecurity is one of the fastest-growing industries, and I truly believe that women have the potential to have an incredible impact here.

So why do women make up only 25% of the cybersecurity industry globally?

It's a complex question, but one observation I've made is that many women lack the confidence to propel themselves into new opportunities. This is true of my own experience. I've had to battle with fear, imposter syndrome, and the self-doubt that comes with being the only female at the table. But as my journey has progressed, I've made some important self-discoveries as I found my feet in this challenging but rewarding industry.

Although I had worked in ICT before, I came to cybersecurity without the technical background that most would expect. As a project manager, my skills, knowledge, and experiences were firmly rooted in business processes and ICT customer delivery. I couldn't tell you what the difference was between a vulnerability scan and a penetration test, let alone what makes a business secure.

However, I was hungry for a challenge and wanted to diversify my project portfolio and build my knowledge. When the opportunity came to manage projects for my company's new Managed Cyber Security division, I leapt at the chance.

There was no soft landing into cybersecurity for me. From day one, I was meeting with clients, dealing with technical security analysts and engineers, and wrapping my head around new cyber security concepts, from threat actors and zero trust to the myriad of cyber security products and our Cyber Defence Operations.

It was daunting, to say the least. I felt totally out of my depth. Cybersecurity was a foreign world to me, filled with jargon and frameworks I wasn't up to speed with. As an emerging discipline in our business, I had to look to my new colleagues for guidance around processes and implementing solutions, learning on the go.

Not only that, the working style of my new group of colleagues was unique in a way that I was not used to. Here I was working with colleagues from solid cyber security backgrounds, who operated in a much more direct style than I was used to. As I worked away in lockdown, isolated from my co-workers behind a screen, doubt crept in – was I liked? Did my team find me competent?

I had to find the bravery within myself to ignore my doubts and get on with the job. It took time, but eventually, I began to realise that there was indeed space for me in this industry.

I learnt to not shy away from asking questions. If I needed to understand something, I simply asked - and more often than not, my technical colleagues were exceptionally helpful with their answers. As I increased my knowledge, my confidence grew. I adapted my mindset rather than assuming everyone thought I was an 'imposter', I started applying my strengths to refine our way of delivering cybersecurity.

One of the biggest game changers for me was stepping out of my comfort zone and leaning into networking and mentoring groups. Here I found other women in the same boat as me, who gave me support, advice, guidance and perspective. They also pointed me towards pathways for professional development. I couldn't recommend joining a mentoring circle enough, having a forum to bounce challenges off other women was a great way to find solutions to problems. Not only that, but I was also able to connect with amazing women from within the industry who inspired me to keep growing.

For example, one of the founders of the Network for Women in Security encouraged me to take an opportunity to acquire a technical accreditation – the SC-900: Microsoft Security, Compliance, and Identity Fundamentals.

Despite being terrified of failing due to my non-technical background, I not only managed to pass my exams with flying colours, but I now had the credentials to back up my experience and inform my work. This was a pivotal moment for me. I realised now I was just as capable to work in cyber as anyone.

It's worth noting that male allies have an important role to play in creating a more welcoming environment for women entering and progressing in the industry. Be sure to commend your female team members where you can, you have no idea how encouraging good feedback is for making someone feel like they belong. The network and experience our male allies hold in the industry is invaluable, and I can't thank my own male mentors enough for providing me with the support and perspective I need to take the next steps in my career.

I feel a true sense of achievement on this journey that I embarked on and how far I have come. This has been possible because of the people who have trusted and supported me and given me opportunities. I've led projects for significant clients; I've played a pivotal role in delivering our company's new business strategy, and I've even been shortlisted for a Women in ICT award in the Technical Excellence category.

If I could give advice to any women looking to enter the cybersecurity field, I would say be bold and do it! Don't let your fear hold you back. There's space for you here, and increasing the gender balance in cybersecurity will only make this sector stronger. Be authentic, remain grounded, support your peers while on your own journey, and never stop learning and seizing opportunities.