Women in Cybersecurity: A Discussion with Four Security Leaders
As the Trustwave Marketing Director for the Asia Pacific (APAC) region, I wanted to learn more about why other women have chosen cybersecurity as a career. I interviewed four of my female Australian teammates about their current roles and their advice for girls choosing cybersecurity as a career.
The ladies I spoke with were Associate Director of Product Management Amanda “AJ” Johnstone, Principal Security Advisor and Australian Women in Security Network Sydney Chapter Lead Narelle Wakely, Cybersecurity Consultant and MNS IT Security Manager Laura O’Neill and Cybersecurity Consultant and Ambassador at NSW Cyber Security Innovation Node Georgia Turnham.
Q: How did you get into cybersecurity?
AJ: After a long career in the telco industry part of which was in the Optus Enterprise Mobility team, I moved into Marketing Programs which was my first exposure to cybersecurity, where I was part of the team supporting the opening of the Trustwave Security Operations Centre in Sydney in 2016. I saw the opportunity that cyber presented and caught the ‘cyber bug’ – realizing that top class threat detection and response technology and services were needed in the market, and that networking businesses have an opportunity to add cyber capabilities to meet the evolving needs of clients. I now lead a team that adapts our Trustwave worldwide products and services for use in Australia and New Zealand.
Narelle: I graduated in IT and worked for a big bank programming their point-of-sales systems and ATM network, working with encryption technologies to protect information. Having completed the Y2K project, I was offered a role in IT security or business banking. I chose IT security, now known as cybersecurity, and have enjoyed a very exciting career in what is still a growth industry. Cybersecurity has enabled me to work around the globe in various roles which has been a lot of fun as well as a worthwhile endeavor to help protect others.
Laura: I realized while studying pure math that a future as a mathematician was not for me, but really enjoyed number theory and cryptography courses I had taken. I was also studying computer science at the same time, so cyber security seemed to be the perfect mix of both.
Georgia: While at university I met a Trustwave employee at a networking event that eventually led me to a role with the company. My approach to life has always been to say ‘yes’ to every opportunity that life presents. At university I interned with the team at Project Everest Ventures in Malawi, working on issues impacting the African community, specifically on the project 'Hidden Hunger’. I lobbied Trustwave for work while I finished my degree, hoping that I could make meaningful change in organizations and apply the analytic skills I had gained in my degree, which was not technical at all. I’ve managed to ramp up my ‘hard’ skills through additional online courses and buddying up with other cyber professionals at Trustwave, while applying my investigative nature to the role.
Q. Tell me something you have really enjoyed about your role at Trustwave?
AJ: I really enjoy the leading-edge capabilities our company has. Cybersecurity can be an arms race, as the threat landscape is constantly evolving. A cyber threat can also be the result of a simple action of one employee, one click. Trustwave is at the edge of innovation with people across the company involved in everything from ML to IoT or developing our software solutions in email and data security as well as the Trustwave Fusion Platform, but at the same time we’re constantly tuned to the needs of the customer. Engaging with us means we look at a client’s risk profile, risk tolerance and actual needs before recommending a solution. Having the right fit for their business and partnering for mutual success is our mission.
Narelle: A highlight has been working with our sister company, Optus, on the Commonwealth Games in 2018. We worked across the technology vendors, the games network infrastructure team and the government departments to ensure the event would not be disrupted by a cyber incident. One hour before the opening ceremony was due to start, the network operations team at Optus was detecting massive traffic spikes on the network. Was it a DDoS attack? Taking the mantra “it’s a security incident until proven otherwise” we investigated the anomaly. It turned out as a false positive - Australia’s online gamers all accessing a large new release of Fortnite. We were able to bring together all parties to analyze the incident in real-time, using a full understanding of the game’s architecture across multiple providers, while briefing the executive team in the room. It was all about process, coordination and communication. Successful cyber security is much more than technical controls.
Laura: My favorite engagements at Trustwave are where we help fix the security vulnerabilities we discovered! Many businesses get security assessments to meet policy requirements and then don’t address the issue. I love working with clients who want to fix the security issue, even when they have business or financial constraints that we need to work around in order to provide them a mitigation. I want a fix that is achievable for them to implement. I’m currently working with a large government office leading a team of people that designs, assesses and tests their communications infrastructure. The most interesting security opportunity now includes over-voice biometrics solutions, which is something you don’t get to work on in other companies.
Georgia: Trustwave has a culture of ongoing learning, with everyone encouraged to pick up new skills. Many of the staff are accomplished in their careers, yet humble, and there are lots of people to learn from. They’re also extremely approachable and I’m free to ask questions and approach any expert in the company to understand the technology, business challenge or technique needed to achieve my client’s end goals.
Q. I have teenage daughters. How would you recommend a career in cybersecurity to them?
AJ: Our own data is left across many places – in browsers, on health records, and with Alexa! Nearly everyone will need an understanding of cyber to progress their personal and professional life. As part of a global organization I get to work with people from different backgrounds and viewpoints, many with years of knowledge. I can bring my previous experience to our cross-functional teams to meet the needs of Australian business as they protect your data. I’m continually challenged and always learning. In fact, a business mindset can be advantageous in this industry – we look for people who can spot the oddities versus being the tech boffin. And I love being on the side of good versus evil.
Narelle: It’s been an extremely flexible career, and I’ve had many leaders along the way who have provided support and encouragement. I’ve worked part-time and raised a family, and still feel like I’m contributing to something that helps the community. Cybersecurity is needed and necessary and so exciting. We wouldn’t have online shopping without it. It pays well and there are so many jobs on offer. It’s also not all coding or technical testing. You can work alongside tech teams to do the engineering. Converting technical concepts into plain language, championing the need for security with board leaders and communicating the risks has been very rewarding.
Laura: Indeed, Trustwave, in my opinion, has a greater gender diversity than many other companies, and it’s never boring. You are guaranteed to do different things every day – new issues arise, every client has a different way of doing things… their security issues are unique, as their systems are all designed differently. In the future, a lot of jobs will be automated, and may not exist in the same form. With cybersecurity, the task is constantly evolving. The need for cybersecurity skilled professionals will only get bigger as society relies more on technology.
Georgia: I’m here to debunk the myth. It’s not only men in this industry. Find what you’re interested in and understand that anything and everything has a cyber aspect. For example, the car you drive has a key that communicates with the onboard computer, the radio is internet connected. Cyber is interwoven in almost all aspects of life. There is so much room to make this your niche. I didn’t have the conventional pathway into this career, but my experience has given me confidence to try something new.
ANALYST REPORT
Gartner Report: Ask These Critical Questions and Consider These Risks When Selecting an MDR Provider
This complimentary report from Gartner provides expert guidance on key challenges buyers face when choosing an MDR provider and recommendations to ensure a desired outcome.
ABOUT TRUSTWAVE
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.