Init0

In a previous article, I shared the stories of how more than a dozen cybersecurity professionals found their way into the industry. Their non-traditional cybersecurity career paths help to illustrate how personnel of all different education backgrounds and life experiences can become part of the same community. There’s no single certification, degree, qualification, job, age, gender or race that defines the people who succeed in cybersecurity jobs. The possible permutations of such an expert are literally infinite.

Different origin stories don’t detract from the central job of protecting corporate data and users’ information. Quite the opposite, actually. They augment it by adding new ways of looking at shared problems in the industry. That’s what we need if we are to uphold our central job in spite of an evolving digital threat landscape.

Just like the cybersecurity career paths that help to shape them, the way these perspectives end up informing the security work varies from individual to individual. I asked some of the same cybersecurity professionals from last time to reflect on how exactly their individual experiences have shaped their work. Here’s what they had to say.

Caitlin Kiska | Information Security Engineer (Threat Intelligence)

“Like cybersecurity, poker (and even more so online poker) is intensely male-dominated. There have been recent pushes for more diversity, but good intentions do not always equate to a more welcoming environment. Poker helped prepare me for men attributing my success to supposed soft skills or old tropes such as ‘women’s intuition’ instead of analytical skills, raw intelligence or technical prowess. There will always be people who will attribute my success or knowledge to anything except for its root cause: hard work. Being in a related male-dominated field prepared me for the harsh reality that (unfortunately) there are still large numbers of my cybersecurity peers who view me as a woman before they view me as a professional on equal footing.”

“When at the European Union for Agency for Cyber Security (ENISA), I created the Internet of Things (IoT) domain. I used my knowledge and experience to protect cyber-physical systems, particularly in a safety context. I worked with regulators, the public and the private sector. I then led a team and created my own consultancy. This path taught me that you must create solutions that are adapted to non-security people. It’s important to make sure security remains fit for purpose and to not promote advice that does not apply in a given context — even if there are relevant ‘best practices’ in another context.”

“I’m surrounded by people with STEM backgrounds in my current role. This allows …….

Source: https://securityintelligence.com/articles/non-traditional-cybersecurity-career-paths-experience/