Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Rose-Colored Glasses Hide All the Red Flags for Women in Cybersecurity
Here's advice from the Security & Risk Summit Forrester Women's Leadership Program.
Forrester Blog Network
January 3, 2025
5 Min Read
Alamy
Despite the continuous and shocking gender disparity in cybersecurity, where 16% of Fortune 500 CISOs are women, women continue to contribute, develop, and lead amazing careers. As has now become tradition at Forrester's Security & Risk Summit, a room full of amazing women and a few brave fellas gathered in December as part of the Forrester Women's Leadership Program to celebrate successes and posit solutions for the many challenges that women face in this field. The theme? "To propel your career in security and risk, choose your advisers and nuggets of advice wisely." We asked the attendees to share some of the best and worst advice they had received over their careers. What resulted was an inspiring, interactive, and thought-provoking session that dissected the following:
Careers are a winding road, both studded with obstacles and made smoother by great mentors. Laura Koetzle moderated a panel of three highly accomplished senior women: Judith Conklin, CIO at the US Library of Congress; Faye Dixon-Harris, managing director at the Federal Home Loan Bank in San Francisco; and Tameika Turner, senior cybersecurity program manager at the National Nuclear Security Administration. Each woman shared that she didn't set out to build her career in cybersecurity or technology but rather arrived in the field via the US military, an entry-level role at a financial advising firm, and an administrative job in government while studying. All three women also received pivotal advice and sponsorship from mentors to: "think bigger" when one expressed the ambition to be a deputy (rather than the C-level executive); go back to school so that no one would ever be able to use a lack of a degree as an excuse to deny a promotion; and move to a new organization with a mentor and take on their first technical role.
You need to sift the advice that bombards you to separate the gold from the muck. At all stages in your career, people will come to you with well-intentioned advice. But discerning what is useful and what isn't can be a challenge. Sift your advice by asking questions about the advice and who's giving it, such as: Who are you, and why are you telling me this? Do you have a vested interest in giving me this advice? Will what works for you work for me? Identify green-flag advice from those who have your best interests at heart, have listened to your perspective, and who bring in a new perspective. Beige-flag advice can be beneficial — these are pieces of advice that can be helpful, if applied in the right circumstances or context.
Good and bad advice comes in abundance, and in themes. For over a decade, women have been told to lean in, until we all discovered that if we leaned in any further, we'd snap. This isn't the only well-intended yet bad advice we've received. Attendees shared the multitude of good and bad advice they've received, and it turns out that there are universal themes that we've almost all experienced (see the figure below). We've been told that we're not ready, to be normal, to be "less," and to talk things out when we clearly shouldn't. And thankfully, many of us have also been the lucky recipients of advice about how to hold boundaries, brag about our achievements, not hold back, and assume positive intent in others.
Well-intentioned advice on genAI, leadership, burnout, skills and certifications, and networking comes with several myths. As analysts, we spend a large chunk of our time debunking the status quo — the well-intentioned advice given to security leaders. Attendees joined analysts in debunking myths in the following subject areas:
You can't, and shouldn't, always meditate your way out of burnout in cybersecurity. Instead, address systemic issues that cause burnout, and be aware of the imbalance between expectations, resources, and perceptions that lead to burnout.
You can't continue to blindly experiment with generative AI (genAI) for genAI's sake! Instead, focus on the benefits that genAI has delivered to you so far — and we mean you as an individual in your profession — to strategically leverage the tech moving forward.
Don't hold yourself back from a desired next step in your career because you don't quite feel ready — you're never going to feel 100% ready. Instead, every year, identify your strong points and areas to improve, find people who excel in your areas of improvement and learn from them, and prioritize hiring people who are strong in those areas who you can rely on and learn from.
You can't expect specific degrees or certifications to magically get you hired or promoted. Instead — and in addition to these still widely required but flawed indicators of competence — pursue the experience and relationships that will propel your career forward. Seek meaningful mentors, get hands-on low-cost training or free cybersecurity skills and training platforms, and link your diverse experience and background to the value you bring to the role.
You don't have to learn to play golf to build a network. Instead, look for opportunities within your organization — such as community service days, affinity groups, or virtual water cooler chats — to foster relationships. Attending industry events or conferences presents a chance to make new acquaintances. LinkedIn is a great way to maintain contact with your network and request introductions to others from your existing connections.
Asking women and other minority groups to solve systemic bias problems that they didn't create causes high stress levels, compounds feelings of difference, and leads to spending less time on career-related activities. Don't underestimate the power of taking time to share and learn from others. If this year's Security & Risk Summit Forrester Women's Leadership Program reminded us of anything, it's that the power of community, vulnerability, and sharing can lift us all.
This blog, and the Forrester Women's Leadership session, benefited from Research Associate Chiara Bragato's input.
Source: Gartner
— Jinan Budge, VP, Principal Analyst
This article originally appeared on Forrester's Featured Blogs.
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
