According to ISC2, the estimated percentage of women in the cybersecurity industry is likely in the range of 20% to 25%. This percentage has remained consistent for years. What can we do to encourage more diversity in the field? Today we are going to interview one woman who is in the cybersecurity industry, Faith Kent, and see what she has to say regarding the issue.
Thanks for being willing to do this with us, Faith! We will start with the question.
What made you want to get into the cybersecurity industry?
I had paused my education to be a stay-at-home mom and then I was at a point where my kids were old enough to be in school, and I was able to refocus on myself. I had a degree in criminal justice that was on hold when I visited a friend’s house one day and noticed their spouse had a collection of cybersecurity certifications displayed on the wall. It made me think “that’s so cool! I wonder if there are any certifications I could do?” Later, I found the University of Arizona (UofA) courses in cybersecurity, specifically in social engineering. This was great for me because I love technology but wasn’t a programmer and system administration stuff weren’t really for me. I did however really enjoy OSINT. Cybersecurity is such a massive umbrella! I like that section where human interaction and tech cross.
That’s great! So, seeing your friends’ certifications really planted that seed for you.
What steps did you take to make your new goal a reality?
My local community college has courses in cyber security for your associates degree. I started ground up with networking, Linux, and the hardware portion of things as well as taking some more traditional “hacker style courses.” Then, I transferred to UofA and narrowed in on the parts of cyber that fascinated me the most. Networking was key for me. While in school I stayed on top of reaching out for scholarships, going to conferences, going to women in cybersecurity groups, and any sort of talk or webinar that I could sign up for. I got to know Chris Hadnagy through his UofA class. I also knew OSINT and communications were passions of mine on that intersection of human and tech.
So, you took a lot of practical steps to really integrate into the community and found where your interest lay.
What do you think we can do to encourage other women to enter the industry?
Well, it starts with passion. You have to be interested in the field. Some of that comes from exposing young girls to STEM, to tech, to show them that if it is something they’re interested in there IS a route to do that as a career. In my cybersecurity classes they were heavily male dominated, so the territory came with having to prove myself a little bit. This is something that spans fields, but I had to make friends with the other women in the classes and stand my ground and show that I was just as worthy as anyone else there. Networking made a difference for me because we were all facing that challenge of making our own space.
I also think writing about this topic is important, but getting our faces seen is important too. Putting ourselves out there at conferences, at classes, so it isn’t such a visual block. We (women) are a visual minority in this community. It can be hard to be “the other” walking into a room. And everyone has a bit of impostor syndrome going on, but the “visual otherness” does make a difference. So, if those of us that are already in the field can make sure our faces are seen that will give others the chance to say, “I’m like that,” whether they are children or adults. This overlaps here with other minority populations. I’m deaf with a cochlear implant and involved in a lot of Deaf/deaf/hard of hearing forums. There are kids there going “what am I going to do when I grow up?” The whole spectrum of possibility is out there but unless you can see it, it’s hard to get from point A to point B.
I love the phrase “visual minority.” It certainly encapsulates how many people in minority groups feel.
Do you have any pro tips for those trying to enter the cybersecurity field?
I’d say my suggestions are pretty blanket advice for a lot of people. Networking is going to be one of the biggest tools in anyone’s pocket to get into any industry. That’s true because that’s ultimately how you will end up getting jobs. For cybersecurity specifically, enter capture the flag competitions. I entered the National Cyber League (you have to be a high school or college student, and it runs two times a year). Also, narrow in and obtain various certifications. A little more on certifications, you’ll definitely want to get base level certifications or else it’s hard to get your foot in the door somewhere. There are exceptions to that, specifically workplaces where the leader is passionate about diversity and not focused on certs. However, for the most part, you’ll need those certifications. There are a handful of entry level certs such as A+, Network+, and Security+. I would highly recommend the Security+. Also be open to internships if you can get them.
One cool fact before I go; a lot of people in cybersecurity are career change. The industry has wide age and background demographics. That makes nice opportunities for those looking to transition. Don’t just wait and wonder what to do and be stagnant when you can just jump. The opportunities are out there!
Change Begins with Us
One thing is for certain: the cybersecurity field is here to stay and grow. While diversity in the industry may take time to improve, meaningful change begins with us. As professionals in the field, we have the power to encourage young women to see cybersecurity as a viable and exciting option for their future careers. Those considering a career change should also open their minds to the endless possibilities in this dynamic and ever-evolving field. By putting our unique faces out there, we can inspire others to follow suit and break barriers. Remember, “the opportunities are out there!”—you just have to reach out for them.
Written by
Shelby Dacko
Human Risk Analyst, Social-Engineer, LLC
