Break the Bias: Celebrating Women in Cybersecurity
March is Women’s History Month and on March 8th, we celebrate International Women’s Day! This year’s theme is #BreakTheBias, with a focus on creating a world that is diverse, equitable, and inclusive. International Women’s Day is a time for us to come together to celebrate all that women have achieved so far, and how we can continue to raise awareness and take action for equality.
Here at Hack The Box, we believe in doing whatever it takes to make the cybersecurity world fun and accessible for everyone. HTB was founded with the goal of creating a learning environment where everyone, no matter their background, can level up their security skills. And as part of that continuing mission, we are highlighting some of the trailblazing women in tech breaking the bias with their tips on how to break into the security industry:
Meg West (@cybersecmeg)
Meg works as a Cybersecurity Incident Response Consultant on IBM’s X-Force Incident Response team. Prior to joining X-Force, she worked as the Global Cybersecurity Incident Response Manager for another F100 company. She holds CISSP, CCSP, and Security+ certifications, as well as a Master of Science degree in Cybersecurity. She specializes in Incident Response and SAP Security, and has spoken at several international Cybersecurity conferences including ISC2's Security Congress and SAP's SAPPHIRE NOW.
Meg spends her free time mentoring college students on how to get into the Cybersecurity field, and enjoys creating free Cybersecurity content on various social media platforms such as YouTube and Twitter.
"No matter who you are, or where you come from - if you’re interested in getting into Cybersecurity, you should pursue it. No education or experience? No worries, your passion and drive are needed more than ever. Just hit the ground running, and don’t stop until you land the job!"
Katie Paxton-Fear (@InsiderPhD)
Katie is currently a PhD student at Cranfield University Defence and Security. She is also a freelance Ethical Hacker, providing penetration testing to organizations such as the Department of Defense, Uber and Verizon. She’s passionate about Cybersecurity and Machine Learning and enjoys creating bug bounty hunting content on her YouTube channel.
"A lot of people think diversity is just morally good, it’s just good business sense as well, diverse hackers find diverse vulnerabilities"
Farah Hawa (@Farah_Hawaa)
Farah is a Team Lead Security Operations at Bugcrowd. She’s a bug bounty hunter who’s learning every day and loves to share useful hacking resources on her YouTube channel and on Twitter.
"The infosec community is built on sharing information & people entering through non-traditional routes. Being from a “non-technical” background myself, giving back by creating content was the best decision I ever made! When you don’t have a degree or a formal background in tech, your personal brand speaks louder than your CV! "
Lily Clark (@seclilc)
Lily is an Offensive Security Consultant at Echelon Risk + Cyber and has taken an amazing journey from a background in customer success and marketing to landing her dream job working in offensive cybersecurity. She’s passionate about lifelong learning, an advocate for Hacking is Not a Crime, and loves to share helpful cybersecurity content on her Twitter and LinkedIn.
"I was told that not having a CS degree or help desk experience would prevent me from getting a job, but here I am. I was told I don’t look like a pentester, but here I am. Turns out, if you have the passion and the endurance, you will find a home in cybersecurity."
Simbiat Sadiq (@Xymbiz)
Simbiat is a cybersecurity professional with experience preventing, detecting, monitoring, assessing, and responding to cybersecurity threats and incidents. Simbiat is an active member of Nigeria's cybersecurity community and as part of her significant contribution in inspiring women and promoting cybersecurity in Africa, She was honored as one of the top 50 women in cybersecurity (Africa) in 2020.
She has a keen interest in promoting cybersecurity awareness down to the grassroots which led to her active contribution to Africa's first Storied Cybersecurity Awareness handbook by the team at NoGoFallMaga. She has constantly driven cybersecurity awareness via various means including blogs, articles, and social media.
"Cybersecurity is broad and you cannot learn everything at once. The goal is to keep improving yourself and make progress daily. You will be challenged but the challenges will make you better. If I can do it, You can do it too"
A Chat with Meg West
A recent study shows that while only 24% of all cybersecurity jobs are held by women, over 50% are highly satisfied with their cybersecurity career. We chatted with Meg West to see what their favorite parts of working in cybersecurity are and what advice they would share with their younger selves about breaking into the industry.
What is your favorite thing about working in cybersecurity?
"I have multiple favorite things about working in Cybersecurity. The fact that literally everyday is a surprise on what I am going to do for my job is the best. Each day holds something new contingent upon what is going on in the world. I love that my work has a visible impact on the clients/people I work with, and that people value the skill set I bring to the table. I also love the endless opportunities for learning in this field - there’s SO. MUCH. INFORMATION! So long as you are hungry for knowledge, the knowledge is out there to be acquired. And the people! The people working in Cybersecurity are generally the best, too - accepting, quirky, hard-working, and so brilliant!"
Are there any struggles you faced when you entered the cybersecurity world or later in your career?
"As many do, I struggled with (and still sometimes do!) imposter syndrome. I especially struggled with this when I began my first job in the field, because I was 10+ years younger than everyone on my team, and the only female. It was difficult for me to believe that I would ever fit in, or that I deserved a space at the proverbial table. It’s hard to feel like you belong somewhere when no one looks like you, thinks like you, or has a similar background as you."
Looking back now, what would be your advice to your younger self or to any other person facing the same challenge?
"If I could give entry-level Cybersecurity Meg any advice, if I could go back in time and give her a pep-talk - I would say: Speak up! Your voice and thoughts NEED to be heard. Stop comparing yourself to those around you; you will create your own path to success, and it won’t necessarily look similar to anyone else’s. Stop being so mean to yourself - you are going to find your foothold in your own confidence one day soon, and it’s going to be amazing. Oh, and you don’t need to work 3x harder than everyone around you to be noticed. Your work ethic, passion, creativity, and drive stand out anyways"
Aleksandra Doniec (@hasherezade)
Aleksandra is one of the best-known malware experts in Europe who is fighting Black Hats and is the author of #PEbear, #PEsieve, #libPeConv, also gave advice to people looking to enter the world of cybersecurity.
"Focus on your goals, and pick your battles wisely. Don’t waste time trying to change people who disrespect you for no reason. Save your time for good people, and interesting projects, because there is enough of them around. Also, don’t run after building contacts - if you do cool stuff, valuable contacts will follow naturally."
While there is still a lot of work to be done to create more opportunities for women in cybersecurity, there are several resources and organizations dedicated to women’s professional development. Groups like WiCys, Women’s Society of CyberJutsu, and The Diana Initiative, just to name a few, encourage and support women who want to pursue a cybersecurity career.
This International Women’s Day, let’s continue to #BreakTheBias and celebrate all that women in tech have accomplished so far, and increase visibility to make cybersecurity an inclusive and equitable industry.