I have been helping clients establish guidelines for implementing, maintaining and improving information security management in their organizations for 17 years.
Although it has improved, I am often still the only woman in the room. It is now more critical than ever for organizations to attract and retain women in cybersecurity, as the cybersecurity skills gap is ever-increasing.
A diverse cyber security team offers multiple perspectives, allowing businesses to stay one step ahead of attackers. If all the people on your security team think the same way, you’re missing out on the potential for problem-solving that a wider group of approaches and experiences would bring. Cybersecurity is not a narrowly defined field that can thrive with one skill. It needs diversity, especially when facing its wide array of challenges on a daily basis.
As the Asia Pacific Lead for IBM’s X-Force Incident Response and Intelligence Services, I lead a team of forensic investigators and incident response personnel with experience on the front lines of some of the largest cyber-attacks in the AP region. Most of our success in our incident response was as a result of a diverse team where everyone brought their own unique strengths to the table. This included a deep technical understanding of networks and operating systems, how an attacker can traverse a network and obfuscate their movements and also strong coordination, stakeholder management and communication skills. There were several outstanding women on the team who were more able to convey complex technical concepts to business stakeholders, coordinate the response activity and manage stakeholders. In a crisis such as a major cyber-attack all these skills are equally important to ensure that our clients can contain, remediate and recover from the attack in the fastest possible time.
AI and security software make us more productive and more effective, but ultimately it is the people behind the software who make critical security decisions. It’s people who work to detect intrusions, to block them, and then to clean up and restore operations. They’re the source of the operational resilience organizations need. It is not only reasonable, but highly encouraged to plan for a diverse security team that will bring a wide array of skills to cybersecurity and better equip us to face the ever-increasing challenges coming our way.
