THE CYBERSECURITY INDUSTRY HAS AN ALARMING SKILLS GAP, WITH 3.4 MILLION PEOPLE NEEDED GLOBALLY TO BRIDGE THE GAP.
A key way to narrow this gap is to make the sector more appealing for a wider demographic of talent. Currently, only 24% of the cybersecurity workforce are women and there’s a long way to go to improve gender diversity in the sector. Yet, there are steps being made and cybersecurity is not only an incredibly meaningful sector to work in, it can also be a lucrative career.
In this piece, Sotiria Giannitsari, Head of Community at Hack The Box, tells us more about the state of cybersecurity for women and her advice on getting into and advancing within the industry.
Sotiria is an experienced Cyber Security Professional and a successful Community Manager, having created engaged communities with over 1 million members. Driven by technology, hacking, and growth, she has earned a BSc in Computer Science, an MSc in Cyber Security, and is a devoted Hack The Box CTF player for over 6 years. Her past work experience includes penetration testing at Ernest and Young for 2 years, and she has been leading community efforts at Hack The Box for 3.5 years.
I KNEW EARLY ON THAT I WANTED TO WORK IN THE TECH SPACE.
I went to university with the desire of becoming a software engineer and completed a Computer Science degree to get there. During my studies, I was introduced to ethical hacking and the concept of hacking to help people, and this ignited a passion in me that I have carried ever since.
My professional career began as a systems administrator, before entering the corporate world as a cybersecurity consultant at EY, now I’m Head of Community at Hack The Box. Here are some pointers I wish I’d had when I entered the field.
EMBRACE CURIOSITY AND CONTINUOUS UPSKILLING
As a first step, I would advise polishing new skills and embracing curiosity. Entering or exploring a new field requires practice and learning and whilst this can be overwhelming, it can also be incredibly fun. At university, I hosted and attended weekend-long sleepless hackathons with friends, where we taught each other new hacking skills.
So, solve all the puzzles on all the free training platforms you can find and take part in things like Capture the Flag Competitions (CTFs). These are online competitions where teams or individuals test their cyber skills in a race to solve challenges and capture the ‘flag’ – a secret code that unlocks points or rewards. These programs are often open to players at all skill levels and are a fantastic way to test the water. Not only that, but participation in CTFs can help you stand out to employers.
SOFT SKILLS VS HARD SKILLS
Cybersecurity is often perceived as an industry dominated by hard skills, where individuals need endless realms of technical knowledge. Whilst this is certainly helpful, there are core soft skills that define great cyber experts.
Hacking is based on constant trial and error, so demonstrating dedication, persistence and creativity is key. Despite stereotypes of ‘cyber geeks’, communication skills are also incredibly important. Being able to easily communicate improvements, potential threats and their consequences to management and stakeholders calmly and clearly is critical.
Additionally, writing skills are incredibly valuable. As you hack, you will need to document each step you make, so start building a database of tools that will help you write reports from the get-go.
When it comes to hard skills, start with a basic understanding of how a computer works and learn a programming language. Python is a good place to start.
BUILD A STRONG NETWORK
Last, but not least, it’s all about the people around you. One of the best things about working in cybersecurity is the community of enthusiasts, self-taught hackers and experts.
It’s important to maximise this and connect with mentors and role models. This can be done just by finding leading researchers on Twitter and Linkedin. Check out their “following” list and connect with these people too, as they are a good source of inspiration and motivation. Subscribe to newsletters and join platforms like Hack The Box that not only offers a space to learn, but to interact with like-minded individuals.
WHAT THE INDUSTRY CAN DO
However, it would be unfair to put all the work on women. There are plenty of initiatives businesses, governments and the education sector can do to encourage more women to enter the space.
This starts with eliminating unconscious bias and barriers to entry that may exist in the hiring process. This is no easy task but can be done by actively recruiting and providing equal opportunities for women to enter and advance in the field.
Creating more mentorship programs and networking opportunities for women will not only help attract people to the industry but retain those already working in the space. This is needed to encourage more women to have the confidence to climb the ladder in cyber.
Finally, continuing to promote cybersecurity education and awareness in schools and universities will create a pipeline of talent and increase the visibility of women in the field.
Of course, there is still a lot to be done. But, I would encourage all women and young girls to go ahead and give cyber a try. The industry needs more women, and by working together, we can not only plug the skills gap and protect vital systems that keep the world spinning, we can create a thriving sector that is inclusive and diverse.
