During the Women4Cyber event on International Women’s Day 2023, five cyber professionals were asked to give their opinions on myths and concerns about working in the cyber security sector and training one’s cyber skills. The panel agreed that the cyber security profession needs more branding, that every woman in cyber should be an ambassador, and that lifelong learning should become self-evident.
Laura Coman, Senior Manager in Deloitte Belgium’s Cyber & Strategic Risk Services, Rosanna Kurrer, Co-founder and Managing Director of CyberWayFinder and Belgian’s first Cyber Security Personality of the Year, Tatiana Postil, Board member of ISACA Belgium, and Saskia Van Uffelen, Manager Digital at BeTheChange and Agoria, were joined by the sole male speaker on the panel, Benoît Watteyne, Director Cyber and Privacy at KPMG Advisory. The panel discussion was moderated by Caroline Frère, Head of Operations at the Federal Computer Crime Unit (FCCU).
Tellingly, all of the women on the panel had different backgrounds before joining the cyber security sector. Benoît, on the other hand, studied IT and quite quickly became a cyber security consultant. But all five panellists share that they continue to acquire necessary new skills in order to keep up with cyber security evolutions and to grow in their careers.
Hackers in hoodies
Rosanna refuted the myth that everyone working in cyber sits in front of their computer all day, constantly coding. “It is true that we write scripts to automate and improve processes, but we don’t work in the dark, and we don’t only wear hoodies. Because this myth is spread around to widely, people don’t understand the true scope of cyber security. A cyber security team is like a company within a company, and must include various profiles.” Benoît concurred with Rosanna: “The downside of the hoodie myth is that a lot of people want to become hackers, whilst what we really need is more talents who understand business risks and can define strategies for clients.”
“We have to boost the marketing of cyber, and target the right people at a young age,” Saskia pointed out. “ICT was perceived as boring, and the term ‘digital’ was uninteresting. People thought – and still think – that cyber security is merely technology. Nowadays, a job in cyber is the starting base of every technological solution that will be rolled out in the future. We need to present and brand cyber in an attractive way, so people understand that cyber experts also work on projects to help improve the climate, healthcare, mobility and the educational system.”
We, the ambassadors
Every woman already working in cyber can contribute to this change. Laura explained, “We are the ambassadors of the cyber security field. We must encourage and start the conversation with children about cyber. Our organisation collaborates with Child Focus, focussing on cyber security and social media. We teach children what they should pay attention to when they create a social media account, what to share and what not to share. Thanks to this female representation, they see at an early age that women can contribute.”
Education has a major role to play in the development of cyber skills and talents. “There are 4,000 vacancies for cyber profiles in Belgium. Unfortunately, we don’t have the right curriculum, teachers, or students for cyber,” Saskia stated. “Therefore, we need to invest in non-regular education: creating talents with the right profiles and competences, and then convince the industry to hire those people. We already have a lot of great initiatives for training the right skills, but we need to invest more in the ecosystem supporting them.”
A (wo)man’s world
Rosanna made clear that reskilling is as hard for women as it is for men. “Society takes it for granted that men are more suited to do certain jobs than women. But if you want to enter the field, it is going to be a high learning curve, regardless of your gender, because you need to gain knowledge on all of the different domains of cyber security. At CyberWayFinder, we make sure that people pivoting into cyber security understand the vocabulary and start becoming aware of the value of their own transferable skills. This way, they will soon be adding value to their team. Always keep in mind: if you are passionate about technology, your learning curve won’t be hard.”
Benoît pointed out some of the hurdles that are already known: “We can support women to grow into management positions in cyber by removing some of their hurdles; for example, by providing flexible career paths and flexible workhours, or allowing maternity leave without impacting their opportunity for a promotion. We hope women no longer decide to quit the workforce when entering that phase of their lives.”
“We always ask ourselves: am I good enough to change course? Won’t a training interfere with my family? Aren’t I too old to reskill? At some point, any job will give us these doubts; it is not specific to cyber re- or upskilling,” Tatiana remarked. “This applies to students as well,” Saskia added. “Today’s students will never be ‘done’ with their studies. Leve het lang leren: you should be glad that you can learn your whole life, and we should embed it in our culture to take initiative and continue learning later in life.”
Over-skilled and human skills
These days, people are harvesting certificates. Benoît commented, “Of course, these are important to show your knowledge to your (future) employer and clients, but the objective should be the action, not the mere knowledge. Obtain a certification, then apply it and practice it thoroughly.” Rosanna shared her opinion: “When you’re kickstarting your career, a certificate is good evidence of your commitment. Women try to prove their worth through multiple certificates, because men are hired faster than women with the same certificates.”
Laura concluded that the higher you climb the career ladder, the more soft skills you need to gain on top of your technical understanding. Saskia preferred the term ‘human skills’ rather than ‘soft skills’: “’Human skills’ can bring people together and stimulate them to work in synergy.”
Conclusion on (re)skilling
The panel concluded that the cyber sector and the people working in cyber need to communicate and pay attention to branding in order to dispel the ‘hacker in hoodie’ myth. Furthermore, women working in cyber security need to claim their position as ambassadors, and inspire girls to choose a career in the field. Reskilling is as difficult for women as it is for men, and women might face more hurdles to overcome during their career path.
Although knowledge is important, you needn’t overdo it. In cyber, soft skills or human skills are more important than technical skills. These ‘female’, non-technical skills make it possible to bring all the members of the team closer, and to bridge the gap between the technical and strategic people, who each talk in their own jargon.