Cheryl Conley, Phishing &Security Awareness SME at SANS Institute, expresses in the following interview how hard it is for women to start a career in cyber security.
Cheryl Conley, Phishing &Security Awareness SME at SANS Institute
Prior to her troubled retirement, she led a team of specialists as a staff member at the Cyber Governance Risk & Compliance department at Lockheed Martin. This department was responsible for launching an enterprise-wide cybersecurity awareness program. This program is known as “The I Campaign®” and is aimed at consumers based on real attack vectors. This included the basic investigation and monitoring of the phishing behavior of employees, in particular the company-wide phishing program that affected the cybersecurity situation of Lockheed Martin. Within ten years, the team saw a 35-51 percent improvement in unwanted actions and a tenfold increase in reports of suspected malicious intent.
This included an internal consulting program designed to effectively address employees who need additional training opportunities on secure cyber behaviors and practices. This concept has been communicated and used in various large, different companies. In the short interview below, she answers current questions about the growing importance and recognition of women in cybersecurity.
Women in cybersecurity are getting more and more attention in Germany, but it is still not easy to find role models. How would you encourage women in cybersecurity to speak out? Why would you do that?
I would encourage all women to express their opinions, but in a positive way and with the thought of creating and developing their own personal brand. Each of us needs to think about what she brings, how to learn from others and pass on her skills.
How can you get more women excited about cyberspace, what has proven to be particularly successful in your view?
In recent years, we have seen an upsurge in the field of cybersecurity training, which is offered in various formats and often free of charge. Since these resources are available, I think mentoring, whether formal or informal, has proven to be successful. Women who are interested in cyberspace can benefit from a male or female executive to help them sell themselves better. This includes the many facets of cyberspace – research, forensics, strategy and even security awareness. Early mentoring is an advantage because it offers a more personal, familiar role model for women who decide to pursue a career or change careers.
A participant of her webcasts recently held on the occasion of the International Women’s Day on March 8, 2022 described how much her husband has supported her in her career. How important are men in cybersecurity to help women succeed?
Men who support women in cyberspace are even more important and effective because of the many cultures and history. We have become accustomed to the fact that women fully support the careers of our men and make compromises so that the men can rise. As more and more women enter the professional life, which we have been observing for at least a decade, it is imperative that men fully support women in their careers and help them reconcile work and family life.
Do we need different training for women’s and men’s cybersecurity?
This is an interesting question. We strive for equality in career planning, promotion and salary. Perhaps it is not useful, perhaps even hypocritical, to deal with different training. I think the goal here would be to provide a cybersecurity education for a diverse student body, whether male or female. This would include affordable offers, on-site training, virtual options and various training modalities.