"If you could go back in time, what advice would you pass on to your younger self?"
When a friend recently asked me this, for a brief moment the question gave me pause. It prompted me to reflect back on my first steps fighting cybercrime and a feeling that followed me at the start of my career and morphed over time. I remember thinking: Will I fit in?
Straight out of college, I took a job matching "technical wizards" to their dream jobs, a process that jump-started my intrigue with technology and ultimately led me to my own dream: becoming a threat intelligence analyst.
I had no prior background in cybersecurity — or technology, for that matter. My only experience with information technology was losing my college essays to computer or user error. But I was on a mission: I experimented with Web development, tinkered with database administration, and, fast forward a couple of years, I had a master's degree in IT and landed a job with a security company on its vulnerability database team.
As I was about to embark on my first steps in a male-dominated industry, I also realized that in taking this job I would be the only woman on the team.
Would I fit in?
I realize today the palpable impact that lack of female representation in the threat intelligence community had on me 20 years ago — it hardwired me into questioning myself. At the time, I could count on one hand the number of women in the field; the industry's existing homogeneity had seemingly introduced a sliver of doubt to my sense of belonging.
This is why gender representation matters. While I've been very fortunate to have incredible colleagues and be part of teams throughout my career that have supported me and empowered me, I didn't really look like anyone in my environment.
Since then, the industry has made great strides to become more open, more inclusive, and more diverse. Just within IBM, formidable female leaders are leading in security and threat intelligence. Twenty years ago, the absence of female figures in the industry to relate to, model after, or look up to would confine one's breadth of aspirations — what career paths she could follow and how far she could go. Today, women represent 24% of the security workforce, which is light years ahead of where we started.
There are visibly more women in the field, a greater number of women in leadership, and various industry initiatives committed to attracting, empowering, and mentoring talent to enter this fascinating field. For example, IBM Security founded a program called #CyberDay4Girls, where the company partners with local middle schools and hosts workshops to get middle-school girls interested in cybersecurity — a program that has expanded into nine countries.
While the future is looking brighter, there is still a ways to go, which is why representation matters now more than ever. For the industry to become more diverse and more inclusive, it's essential to inspire our future cyber fighters and tomorrow's potential leaders. In the presence of diverse references and female trailblazers, when young girls face the inevitable question, "What do I want to be when I grow up?" they can more easily envision themselves in this field and realize this too can be their calling. This too might be their dream.
Now in 2020, I reflect back on that feeling, that uncertainty my younger self had about fitting in. I now know I already had what I needed to fit it then. I just didn't know it then. The traits that led me to this field were the ones that helped me thrive and excel in my career. They were the nontechnical skills — the attributes that had fueled my fire, passion, and persistence to break through into this industry when starting off.
Threat intelligence needs the problem solvers, the curious ones, the mission seekers, the analytical minds, the defenders, and the fierce — it's not binary.
So, to answer my friend's question, if I could go back in time I actually wouldn't offer my younger self advice. I'd let her experience it all — the good, the great, the bad, the difficult. Because that's the way you learn, evolve, and grow. However, as she prepared to take that first courageous step into threat intelligence and question whether she'd fit in, I'd whisper in her ear "Why wouldn't you?"
- 6 Truths About Disinformation Campaigns
- Why Threat Intelligence Gathering Can Be a Legal Minefield
- It's Time to Break the 'Rule of Steve'
- How Enterprises Are Attacking the Cybersecurity Problem