Hannah Tun
Lead Security Engineer, OmniSOC, Indiana University; Member, Women in Cybersecurity (WiCyS)
Cybersecurity is a very popular field to be in — a lot of people want to transition into this field. It pays well and the job opportunities are endless, if you have the right skills and know how to sell yourself to the right companies.
The benefits of being in this industry are vast. You will learn new things every day since cyberspace is always changing. You will be a forever student. Learning and being open to learning are the makes and breaks of a career in cybersecurity.
There are a lot of different lines of work you can do within cybersecurity. Think of cybersecurity as an umbrella; you have compliance, forensics, threat intelligence, and networking, to name a few. The more you dig, the more treasure you find.
Yes, it is an exciting field to be in but, as with any workspace, there can be some hindrance, especially for women going into or already in the industry.
Barriers to success
According to the 2019 ISC2 Women in Cybersecurity report, women comprise 24 percent of the overall cybersecurity workforce — a major increase from just 11 percent in 2017.
As women, we are not as encouraged to go into the STEM fields, whether it be for financial, cultural, racial, or gender reasons.
As an Asian woman now working in cybersecurity, I remember — rather vividly — my uncle telling my mother, who became a doctor after going through her own set of barriers, that me getting my master’s in information systems was a waste of money. My family, which is full of accomplished doctors and engineers, treasured education but the line was drawn for me as a woman going into the STEM field for a master’s the family could barely afford at that time.
Reason for hope
The surprising and encouraging fact about women in cybersecurity is that there are a lot of women cybersecurity professionals in the C-suite, compared to our gender counterparts. Of all the women working in cybersecurity, the same ISC2 report found, 7 percent ascended to the role of chief technology officer, compared to just 2 percent of men.
The recent 2020 RSA conference I attended in San Francisco featured a seminar called “She Speaks Security: Amp Up Your Impact” where a lot of women in C-suites and upper management came to talk about their career paths and provide advice. This opened conversations about imposter syndrome and the fear of being too “outspoken.”
We should be able to break the silence and a lot of companies have been stepping up to help make that happen.
Diversity of thought
Companies slowly have realized that having diversity in perspectives, work experience, and backgrounds help avoid groupthink. Our threat actors also come from different backgrounds and perspectives, so having diversity in the teams that help companies defend their networks is a major benefit.
Women cybersecurity professionals should also think about how men can complement us in our work. When talking about women in cybersecurity, we want to ensure there is an us-versus-them approach, but rather a synchronous effort. We should be aware of the support men have given to us, whether it be personal emotional support or professional mentoring support.
It is not a race between two genders, rather a whole machine that should work in sync.
In order for any professional to flourish in their work space, managers should reflect on what their teams need periodically and keep open communication. If there is a mismatch of genders, managers should reach out to the person who is not represented well enough. Open communication with management on issues, expectations, and recommendations is helpful and will bridge the gap.
Many exciting things are happening in this field and it’s an amazing time to join us and make waves!