Jackson was known for being sarcastic, and when I first met him at my friend’s party, to say he irritated me was an understatement. Like most people, he asked me what I did for a living. Expecting to hear that I was in marketing, PR, education, accounting, or law, he was shocked when he heard my reply. Now, these are all fine jobs, don’t get me wrong, and maybe once upon a time I’d have considered them as professions to pursue. Maybe my parents or career advisers would even have pushed me to. But, it’s not what I do. I work in cybersecurity and every time I tell someone like Jackson this, it brings a smile to my face. You see, I like to surprise, bust stereotypes, and know that it’s almost certainly the last thing they expect. I also know that being a woman in cybersecurity is cooler than ever right now.
People often ask me how I started in cybersecurity, and I always tell them it wasn’t the traditional way. Like many people in the field, I didn’t come from a STEM (science, technology, engineering and maths) background. Those subjects weren’t my forte. However, I was a high achiever, good problem solver, had a flair for languages and was interested in people. So, after following my passion for art and design, becoming a single parent in my early twenties, and broke, I accepted I needed to change my career.
At first, I enrolled on a high tech secretarial course, in the hope of getting an office job and working out what I actually wanted to do. But fate intervened. I got spotted by a recruitment agency and took on a hard core sales job – something that was well and truly outside my comfort zone. But even as an introvert, I recognised an opportunity. Then, after about a year, I sought a bigger challenge.
That was tech. It appealed to me, despite being a bit of a luddite. Knowing myself better now, I’m pretty sure it’s because I like innovation, learning new skills, dynamic environments, people and challenges.
At school, I’d been one of the few girls who’d been interested in tech. Most of the time my friend and I would just sit around playing games. It’s how a lot of girls get hooked on tech. In fact, today, in gaming, adult women outnumber men, and according to a Pew survey, ‘Teens, Technology and Friendship’, with additional investigation by Kotaku, 60% of all teen girls play games – and a wide variety online, socially and by themselves.
Anyway, when I looked at furthering my career in art, it was the colleges with advanced tech that attracted me the most. Just as Steve Jobs said in his famous Stanford commencement speech,
“you can't connect the dots looking forward; you can only connect them looking backwards.”
So, what’s it like working in cybersecurity?
Well, cybersecurity is different today than it was when I started. Back in 1997, it was really a pure tech domain where you were mainly focused on protecting an organisation from hacks, website defacements, IP theft, and subsequent lawsuits. Nowadays it’s so much more exciting, for cyber isn’t just a target; it’s a weapon and attack vector. Attacks are transforming too. They’re not only capable of disruption but are now destructive and life threatening. The stakes are so much higher, and everyone is aware – even pop artists like Taylor Swift!
With advancing threats, more connectivity, regulation and workforce mobilisation, and a future that’s still having to rely on the technologies of the past – operating systems, computing languages, software environments – those who work in cyber are having to deal with all sorts of challenges, where hackers aren’t governed by the same restrictions as them.
Cybersecurity is incredibly diverse. It’s not only made up of defence (protecting) and offence (attacking), but where you’ll find both a technology and business side to it. The technology side is out to solve tech problems and is comprised of things like security assessments, ethical hacking, secure coding, threat intelligence, endpoint security, security architecture, encryption, fraud, and forensics. The business side is focused on human problems and where you’ll find governance, risk, and compliance (GRC), security training and awareness, incident response, privacy, law, programme management, strategy and operations.
With both sides, the skills required are varied and attract:
- Problem solvers – people who can think creatively and innovatively,
- Analysts – people who have good attention to detail, enjoy investigating and can spot irregularities,
- Performers – people who have a skill for acting and who can take on personas, hack their way into organisations via social engineering exercises, or who can communicate effectively to others in an organisation, so they get buy in, and enable projects to move forward in a timely manner,
- Leaders – people who can inspire and get the best results from their team.
Requiring people with a flair for acting or languages is often one of the biggest surprises, but if you watch how this cybersecurity professional breaks into a mobile phone in under 2-minutes you’ll understand why. Using social engineering, which is essentially hacking without using code, Jessica Clark, a cybersecurity expert, demonstrates just how easily it can be done with a vishing call. She uses her voice as solicitation. You can watch it here.
Why are women a natural fit for cyber security?
When it comes to counterattack and protection, women are a natural fit and that’s why they’re regularly called upon during times of war. Winston Churchill knew this and that’s why 70% for his workforce at Bletchley Park, during WWII, were women. He wanted “corkscrew thinking” skills so he could outsmart his enemies. And by recruiting people from different backgrounds straight out of school or university, and managing them successfully, he shortened the war by two to three years.
Since then, there’s been more research into the unique skills women can bring to work. For example, data shows that having more women in a workforce leads to a 35% return on investment, higher profits, and projects that complete on time and within budget much more than when compared to homogenous teams. Women score highly when it comes to intuition, emotional and social intelligence. They’re able to remain calm during times of turbulence – a quality that’s required when breaches and major incidents occur. They’re able to use their intuitive thinking skills to make good decisions quickly and without having all of the information, which is a requirement in a world that increasingly values speed and agility.
Countless studies have also shown that women gauge risk differently to men. Assessing odds far better than men, women are typically more risk averse. Being highly attuned to changing patterns of behaviour, women have a natural disposition for identifying threat actors and protecting environments. They also don’t tend to fall for attacks that are purely directed at men.
So, why is cybersecurity such a future-proofed career for women?
Right now, our population is increasing. Just over half of the world’s population is online. However, in the next decade, 90% of the world’s population (roughly 7.5 billion) will be online and over 125 billion machines will be connected to it. This presents an opportunity for cyber crime, for it scales in relation to population growth just like street crime did. It’s not just about more sophisticated tech, though. It’s about the growing number of human and digital targets as well.
Although no one wants to see cyber crime rise, thanks to it, cybersecurity is a booming career choice. According to a report by Cybersecurity Ventures, cyber crime will cost the world $6 trillion annually by next year. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.
Cyber crime is the fastest growing form of attack and it’s not going to diminish anytime soon. In the next 10-years jobs will transform. AI, machine learning, bots, drones and robotics will replace many of the jobs that we do today. In fact, some reports prophesise that 50% of the workforce will be replaced by robots and that 85% of the jobs that will exist then, haven’t even been created. But this is why it makes cyber one of the most future proofed career choices.
When women in cyber security have been interviewed about why they joined, over half said it was because they enjoyed solving real-world problems and making a positive impact doing so. They recognised it’s one of the most important industries today and with salaries that often exceed those in law, engineering, accounting, or teaching, felt their career choice was future proofed and that they were secure in their roles.
So, how do you get in?
There are many ways you can start a career in cyber security depending on your age and experience. The good news is, the industry has an appetite for diversity, particularly when it comes to women. Governments and forward-thinking businesses all over the world are beginning to implement initiatives. They’re also recognising the importance of the arts, that social and computer science need to come together, and younger professionals entering without formal trainings or qualifications. Many are prepared to invest and develop so their workforce is set up for success.
Some of the tech giants, consultancies, and system integrators have great training programmes which you can apply to. Not all of them insist on having tertiary education. Then, there are academies that will assess your suitability, train you, and match you to an employer.
Apprenticeships are one of my favourite ways in, though. They can really kick start a career in cyber security. Although choosing this route over a university or job straight after school or college, or even mid-way through an existing career can sometimes feel daunting, it’s a great opportunity. It enables you to take on a job that counts, with real responsibility from day one, and to earn as you learn, with support and development opportunities tailored to match your interests. I love these schemes especially as apprentices are able to see that the work they’re doing is making a real difference, and there’s career progression in the form of a job straight after. Apprenticeships are hugely beneficial, and often companies sponsor their apprentice through university or other qualifications if they so desire.
Cyber security is an exciting career choice with so many specialities for you to choose from. It has a unique culture, friendly community and with so much change is never boring. It’s why I’ve remained in it for so long. Today, your education, background, age, gender and so on won’t restrict your application. If you like fast paced, highly dynamic environments, are curious by nature, want to contribute to an important cause, work flexibly, are open to travelling the world, whilst earning a high salary within a short time frame, it could be the career for you.
Now I want to hear from you…
- If you work in cyber security, tell me the best things about being in it.
- If you’d like to know more about how to kick start your career in cyber security, or are a parent who thinks your child might enjoy it, please visit these exciting apprenticeship opportunities in UK Government cyber security https://bit.ly/QACyberApprenticeships. There’s a lot of information you can get access to.
Finally, in the spirit of full disclosure, once more, please be aware that I’ve received compensation for promoting this #ad for QA, a specialist technology provider of learning and talent services.