Menu

The Unicorn Extinction Series: An Introspective Analysis of Women in Cybersecurity, Part 2

In part one of this series, we examined the diversity problem in Cybersecurity and learned about the Unicorn Law. While both seem almost silly to bring up in todays professional world, it is hard to miss things that are perfectly observable to women and men alike. 

Analyzing a Woman’s Point of View

Innovating solutions to improve this scarcity of female representation, requires breaking “the first rule about Fight Club; don’t talk about Fight Club!” The “Unicorn Law”, this anecdote, survives by the circling routine of the “few women in Cybersecurity” invoking a conversation about the “few women in Cybersecurity” on an informal basis. Yet, driving the topic continuously and identifying the values will ensure more involvement from the entirety of the Cybersecurity community. Most importantly, the executive members of Fortune 500 companies who apply a hiring strategy which includes diversity, can begin to fill those empty chairs with passionate professionals ready to impact the future of cyber. 

Within any tale of triumph, obstacles are inevitable. Therefore, a comparative analysis of successful women may be the key to balancing employment supply and demand. I had the pleasure of interviewing a group of women; all successful, eclectic in roles, backgrounds of technical proficiency, and amongst the same wavelength of empowerment. These interviews identified commonalities and distinct perspectives on the current gender gap within the technical community. 

Uncommon Common Grounds

These dialogs ranged from the operational side of senior leadership, to a woman who directly translates business strategy between customers and the c-suite, and finally to two women who both represent the visionary side of the spectrum, promoting educational outreach and expanding the hiring for skilled information security professionals.  This assorted group of interviews included; Jessica Hebenstreit, a Senior SOC Manager, Diana Kelly, a Global Executive Security Advisor, Deidre Diamond, Founder and CEO of CyberSN.com, and Magda Lilia Chelly, Managing Director of Responsible Cyber PTe. 

We spoke about backgrounds to begin, creating an ambience of both intended and unexpected experiences leading to their current success. It was of no surprise to find that all of them began their careers through a hands-on technical analysis. Whether they were examining hardware or analyzing network traffic, a clear interest and passion developed, signifying queries from “how things worked” to eventually the cyber cognitive of “how to make things work better.” 

Diana Kelley reflects on her first job as a micro-specialist explaining, “...because the mainframe was the actual computer and the desktops were considered the micro.” She describes how information security consisted of more manual operations. 

Diana illustrated hand delivering a floppy disk with an updated DAT file and antivirus the day before a big virus was released.  She noted of herself, “…but ‘security specialist’? Really more of a network guy. At the job at Dataware, [Dataware Technologies] a hacker got in and cracked the FTP server. After that I learned if I wanted to keep everything running, I would need to think like a hacker.” 

Jessica Hebenstreit described her first steps in the industry, stating, “I knew even in high school and college it was what I wanted to do. As an intern, I was exposed to all facets; engineering work, policy work, risk assessments, and penetration testing. Back then everyone was really a jack of all trades and giving a great foundation. I was lucky to have that early on in my career.”  

Professional Development

The value of mentorship shows to enhance understanding of your field, fuel interpersonal relationship skills, and enable the ability to develop your professional connections for career growth. As expected, all the women’s success started with a mentor who acknowledged the potential within them. 

Deidre Diamond even noted a practice that many organizations struggle with holistically, explaining, “Yes, I had many mentors.  Men and women who were not only interested in mentoring me, they were also incentivized by the organizations we worked for to care for me.  Meaning, I was lucky to join a small firm out of college in the tech staffing industry, and the model was to train and promote from within.” 

Deidre, who began in the technical staffing business, now combines 21 years of versatile experience towards transforming the job-search market between businesses and cybersecurity professionals. Deidre who never thought that the cybersecurity business would be where she would spend a large portion of her career, is now the Found and CEO of an organization she built, Cyber Security Network [CyberSN.com,] which is committed to transforming job searching for cybersecurity professional with services and technology. 

Generally, mentorship begins with a leader who embraces the responsibility for building the next generation and targets applicants who harness great potential in the field. Diana Kelley and Jessica Hebenstreit, both had similar experiences with leadership roles advising them for growth.  

Jessica noted how her first mentors at Motorola: Mary Walker and Eric Graham, who had invested their time in her professional development and challenged her in different ways. They even involved her in projects she wasn’t skilled for. Why? To allow the opportunity to learn hands on. She even describes how Eric went even further in training with extracurricular lessons like opening up a sparc box and showing the inner workings of it. He also assisted in helping her study and pass her A+ certification exam. “Without that I wouldn’t be where I am today. That whole team at Motorola was incredible. A level of comradery and support for each other to a common end goal. They really set me on path to success.” 

When I asked Jessica whether she was currently mentoring anyone, she responded, “I’m a mentee and a mentor. There is always someone who has had more or different experiences that I can learn and draw from. Whether career direction or people leadership, I will always be both roles.” 

Diana remembered her mentor Jennifer Inglis Hudson who lead the network for Wadsworth Publishing where she was a micro-specialist. When Jennifer and Diana met, Diana was an assistant editor for mathematics textbooks and was training salespeople how to use the software. Diana describes how Jennifer happened to be sitting in the audience one day and said “I think you are a computer person,” going on to hint at the micro specialist position she would be perfect for. “I was a kid on the DARPA net and knew I loved computers, but never thought of it as a career,” Diana states. “Jennifer was incredibly encouraging as my manager. Not only was I getting paid twice as much but I felt empowered and challenged when I moved from editorial work to IT Support.”  

Achieving Empowerment

Empowerment is achieved when power is given to someone allowing them to become more controlled and confident in their endeavors. The path to empowerment is not without its fragility and vulnerabilities. Not just pertaining to the term “unicorn,” but in general the struggles of being a woman in a male-dominated industry are well known no matter what market vertical you are examining. There is an notoriety towards the lack of recruitment of women in tech. Not necessarily because the recruitment itself isn’t occurring, but due to the root-cause campaign of broadcasting that technology is a cool and trendy option for girls to aspire to from within the industry.  

Introducing Magda Lilia Chelly: Managing Director of Responsible Cyber PTe. By day, information security evangelist and cyber feminist by night. Magda devotes much of her platform focusing on not only security awareness at a global scale, but strengthening of staffing and educational efforts within the industry. She currently resides in Singapore, speaks fluently five languages, has a PhD in telecommunication engineering, and was recently nominated as global leader of the year at the Women in IT Awards 2017 in the UK. 

Magda had encountered many stigmas in the past due to her gender. “I have been told to do something that is more “suitable” for a woman.” This may seem as an uncommon encounter, but when you begin to reach out to more international cultures, women are just barely entering the market in some places. “I always did and do what I feel or want to help achieve my goals. We do not have equality yet, so we need to fight for it individually. Perseverance and high confidence are the keys,” she teaches. Magda preaches this gender bias with the advice of, “Go for it. It is challenging and in demand. Know your value ladies.” 

On the other side of this perception, some are fortunate enough to view the tech world as “one of the guys.” Meaning, there was no obvious discernment towards being a woman in the field. Diana Kelley, not only having her first boss be a woman, but describes how she was influenced early on by her father who didn’t distinguish the fact she was a female interested in computers. “I didn’t think deeply that I was a minority. I’ve noticed women in the field, the 10% of us, and looking back realize there were a lot of times I was the only woman in a meeting and I was leading it to boot. The “otherness” didn’t sink in though, if I saw obstacles it was more about what I wasn’t accomplishing.” 

However, Diana was able to recall one moment when she presented a technical talk on successful implementation of PCI-DSS, the data security standard for protecting credit card data. At the conclusions of the talk, when she asked if anyone had any question, one man asked, “What’s it like being a little girl in a man’s world?” Diana was amazed that out of that entire presentation, that is what he got out of the talk. When I asked her how she responded, Diana simply told the gentleman that the topic at hand was technical, and anything else can be discussed offline. Not only was she professional in her response, but she didn’t take it personally. She advises that in order to deal with people who make assumptions based on a diverse characteristic, one must find allies and mentors who can help you understand people of prejudicial thinking. 

Jessica describes her outlook on stigmas, covering instances of men needing to speak with a more “technical” person during incident response or being told she is too direct and aggressive at a performance review. Now, when she battles this criticism when confronted. “When I get feedback now I will sit and listen and try to understand before being understood.” Jessica knows her technical background and capability and strives to take the time to explain her credentials during a moment when someone else may question the existence of them.  

We are never finished analyzing a woman’s point of view and in this series we aren’t done yet either.  We learned from several experienced and qualified women about their experiences and how they feel in this industry.  We have more conclusions from them including education and opportunity that we will continue in part 3 of this series along with our conclusion of the bottom line, how solving this problem really impacts the bottom line and what the return on investment can be for the industry and women in tech.

Posted on May 22, 2017

MacKenzie Brown

by MacKenzie Brown

Associate Research Principal, Optiv

← View more Blogs

This document was retrieved from http://www.rsaconference.com/blogs/the-unicorn-extinction-series-an-introspective-analysis-of-women-in-cybersecurity-part-2 on Thu, 19 Oct 2017 14:18:29 -0400.
© 2017 EMC Corporation. All rights reserved.