International Women in Cyber ​​Day Advice: Say Yes

Shortly after the pandemic began, Leigh Tynan was asked by his manager to move from his position as Director of Business Strategy Development at Telus to a new position. Consumers to protect Internet-connected devices.

she said yes.

This three-letter word is important for women who want a career in IT, especially cybersecurity. Many women emphasized in interviews for the International Women in Cyber ​​Day on September 1st.

“When someone taps you on the shoulder, the answer is never ‘no,'” Tinnan said. She shouldn’t turn down the opportunity, she and the other women said.

“Raise your hand. ‘Ask for a role. Good luck if you get it. Don’t hold back.'”

“We get there,” she said of overcoming male dominance in the profession. We are helping to build careers in the cyber industry and it is a positive change.”

Women in Cyber ​​Day, recognized in many countries and provinces of Canada, celebrates the achievements of women in the field, encourages young women to consider careers in cybersecurity, and increases the number of women on cyber teams. urges organizations to find ways to increase

Canada will host a full-day symposium on 20th September on the theme of ‘Education, Safety and Security for Women and Girls’.

Today is also a day to raise awareness of the challenges women face in this overwhelmingly male-dominated profession.

In Canada, women are estimated to make up only 10% of the cybersecurity workforce, says Tynan. By comparison, ISC2 estimates that women made up 24% of the global cybersecurity workforce in her 2019. Cyber ​​security Ventures predicts that women will make up 30% of the global cybersecurity workforce by 2025, and by 2031 she will reach 35%.

Part of the problem is that cybersecurity (and IT in general) is seen as a profession that requires technical skills and certifications. That’s not always the case, says one woman we spoke to.

Related content: Don’t take the answer as no

McGrath has degrees in Political Science and Economics, but after joining Xerox Canada, he studied IT and became Vice President of Sales and Client Operations, including overseeing the 1,200-person delivery department for the company’s Data Center Outsourcing division. became.

Tyan says he realized how little he knew about cybersecurity when he started running Telus Online Security. So she learned.

Ashley Mataya, senior manager of cyber partnerships at Vancouver-based Lighthouse Labs, which offers many IT training courses, says that many Canadian universities (and Lighthouse) are working with women with little or no technical background. points out that they offer short cybersecurity bootcamps that you can attend at an entry level. skill. Organizations should also encourage staff to take these courses so that they can recruit cybersecurity talent in-house, she added.

Still, failures can occur.

Sonali Shah, chief security strategist at Texas-based Invicti Security, said in an email: “Unfortunately, this was a far cry from reality. At the facility I worked at, male employers and board members treated me differently than my male colleagues.” I was the only woman in the room, whether I worked at a company or a tech company.

“The most important challenge for women in this field is that they often don’t see other women in strong technical roles within their organizations. You can move up, but the real challenge is often getting into organizations at the managerial or director level,” she wrote.

It hasn’t stopped her. Shah has a career spanning over 25 years and has served as technology executive, investor and advisor at many security companies. She has helped launch startups, enter new markets and geographies for high-growth companies, and build and lead successful product and marketing teams.

There are three controversial paths to getting more women involved in cybersecurity. That’s what the education system can do, what women can do in their careers, what managers can do.

Many experts say school boards should introduce IT early into middle school or elementary school curricula. McGrath says many educators talk about his STEM programs (science, technology, engineering and math). She likes to talk about her STEAM and adds her A in art. why? She claims it’s because many girls shy away from her STEM-related courses, thinking they’re too technical for them. Having a broad background can be an advantage for entering the IT industry, she said. This is the claim of many women we interviewed.

McGrath said he is “very excited” that Ontario is adding computer coding early in the first grade.

The women we spoke with emphasized that there are many cybersecurity-related jobs that aren’t related to technology. These include creating manuals, proposals, marketing materials, pitching customers on how the company’s products solve the organization’s products, legal affairs, etc.

Women considering a career in cybersecurity need to do a few things, whether they’re in college, working in IT, or wanting to transition into cybersecurity from their existing job.

— join the association Representing women in cybersecurity. there is no shortage of them. A short list includes Canada’s Women in CyberSecurity Society, Women in Cybersecurity (WiCyS), and Women’s Security Alliance (WOMSA). Groups like ISC2 have programs for women and scholarship programs for women.

Here’s a long list that includes Twitter and LinkedIn groups.

— take a chance“It’s a fast and furious world where women can thrive,” McGrath tells women. “They just have to seize the opportunities — and seek them out. And be willing to learn. It’s changing faster than any IT department I’ve seen.”

— raise your voice“One of the biggest things is to trust your voice and speak up,” says Tynan. “I often think that someone else knows more than I do.

— partition“You have to own your career,” she added. “If you’re waiting for someone to do it for you, tag [with them], you may be lucky. But you also need to invest in your network, invest in your interests, and learn more. If you’re waiting for something to happen, maybe not. No one can control your career except you. “

In terms of organizations, the women we spoke to said leaders should create and champion diversity programs for all departments, including IT and security teams.

One way, according to Shah, is to build a Security Champions program to lure talent from other areas of the organization. “The great thing about the Security Champions program is that it has evolved in recent years to extend to security-minded employees, including those who are not necessarily experts,” she wrote. “These individuals can help champion the security message anywhere within the organization, build advocacy from larger companies, generate feedback, and gain insight from people from a variety of backgrounds and areas of focus. With the security talent shortage, this kind of program allows companies to bring in new skills and perspectives that permeate the entire organization and help educate and create awareness and interest in the cybersecurity function of the business.”

For example, Telus has an internal program called “Connections.” The program focuses on promoting gender equality and providing networking and career development opportunities for women and those who identify as women. Tynan is part of the company’s global team.

A recent study by ISC2 found that training new hires and upskilling staff doesn’t have to be expensive.

42% of cybersecurity hiring managers recently surveyed said it costs less than US$1,000 to train entry-level hires (employees with less than one year of experience) to handle their duties independently.

Nearly one-third (30%) of respondents said training costs for junior-level practitioners (one to three years of experience) to handle challenges independently were less than US$1,000. I’m here.

Human resources managers will also need to change their job descriptions to attract a wider range of applicants, Mataya said. Usually they are written in what she called a male-centric perspective, one of her reasons being that more men apply for jobs, even if they don’t meet all the published requirements. because it is likely to However, many women only apply if they meet all the requirements of the posted job vacancies. “It’s not because I’m not confident, it’s because I don’t want to waste anyone’s time,” she said.

Therefore, HR should work with managers to make the list of job requirements less specific. Especially if some skills can be taught on the job.

“There are currently 3,700 vacancies in cybersecurity positions in Canada,” Mataya said. “What companies have to do is figure out where that talent is coming from. .”

Tynan said there is a “huge opportunity” in cybersecurity, saying, “I hope that women and girls around the world will take the time to learn about and be interested in cybersecurity because your skills Because regardless of the set, there is room.To face the cyber risks we face, we need diverse mindsets and experiences.Everyone is welcome.”

Stephanie Benoit-Kurtz, principal security consultant at Trace3, a US consultancy with offices in 11 states, heads the cybersecurity department at the University of Phoenix’s School of Business and Information Technology, and says cybersecurity is “really great.” Career … You never do the same job two days in a row, there is always something different, and every day you get to work on the cutting edge of technology that changes the way your business works.

“My advice to all women in tech is to make sure you’re at the table,” she added. “Don’t sit on the sidelines or sit in a chair next to the wall. Let me hear your opinions and experiences.”