Tal Folkman has been a Security Researcher for nearly eight years, the last two of which have been with Checkmarx‘s Supply Chain Security research group.
Before that, she was the only female leader of a red team within an elite Israeli Defence Army (IDF) unit.
Tal is a seasoned senior malware security researcher and cybersecurity expert with over seven years of experience. She excels in detecting and analysing malicious code in open-source software supply chains. Tal joined Dustico in 2021, which was later acquired by Checkmarx, where she currently serves as a Security Researcher in the Supply Chain Security group. Prior to this, she led the IDF’s Cybersecurity Red Team for five years, gaining expertise in offensive and defensive cyber operations. Tal’s diverse background in computer science and her unwavering dedication to combating software supply chain attackers make her an invaluable asset in ensuring the safety and security of the digital ecosystem.
In this article, Tal talks about how she defied gender norms and pursued her career in a field she’s passionate about. She also talks about the role of security researcher and how she would like to see more women become a part of this field.
What does a security researcher do?
Security researchers are specialists using their technical knowledge to disclose vulnerabilities and inspect potential threats to ensure an organisation’s safety. I am affiliated with the supply chain security team, and our primary objective is to identify criminal gangs and malicious online content. Since we work on a global basis, it can be challenging as there are times when you work long hours to accommodate people living in different time zones.
So, it is crucial to be passionate about what you do. The long hours are worth it because I love what I do. I have been inclined towards working with computers since a very young age. Even though I was always told that I liked things that were traditionally considered masculine, I have never followed societal gender norms and believed in doing what I wanted to do.
Advice for women aspiring to be in cybersecurity
One of the most important pieces of advice I would give women in cybersecurity is not to be discouraged by the male-to-female ratio. While it is considered a male-dominated industry, I have met more and more women who aspire to join the field. It is important not only to be good at what you do but also to be passionate about the job. Having a passion for your job will also make you a better problem solver and help you craft new ideas, which is extremely important for this sector.
To work in cybersecurity, it’s also important to keep learning as the field is very dynamic. Things can change very quickly, and your knowledge can become outdated. However, there’s a whole host of free courses and materials out there today and levelling up your skills is easier than ever.
The future of cybersecurity jobs
There’s been a big change in the tech world and whilst the tech industry was previously dominated by men, this is slowly changing. It is good that people no longer see it as a “man’s job” anymore. Women do well in many tech roles, and I think jobs should be given to people because of their skills, not their gender.
I have noticed that some conferences exclude personal and gender-identifying information from their submissions. This ensures that anyone, irrespective of their gender, gets equal opportunities which I think is a great initiative.
I believe that to excel in any field, you must work hard and smart. This is true about cybersecurity too. We, as women, are often told what we should and should not do, and a few people had some opinions about my career choice.
Remember, it takes one person to make a difference. As a woman working in cybersecurity, I would encourage women to pursue their desired fields without hesitation.