With each passing day, threat actors are targeting corporate IT infrastructures with increasing sophistication and frequency. Corporate cybersecurity protocols have never been more important to the modern enterprise. In fact, IBM estimates that the global average cost of a data breach was $4.45 million in 2023, a 15% increase over three years.
As organizations hire cybersecurity professionals to protect IT investments and data from such costly and complex threats, it’s important for organizations to build cybersecurity teams with diverse experiences, outlooks, and skills.
During a recent ASUG Women Connect webcast event focused on cybersecurity, the panel of female cybersecurity experts not only covered some of the biggest threats they see at work but also offered tools and tips for other women in tech to successfully build careers in cybersecurity. Here are some insights from that discussion; you can watch the full panel here.
Current Cybersecurity Threats
Which cybersecurity vulnerabilities should more individuals understand in the fast-evolving world of modern technology?
Sushila Nair, Vice President, Head of Cybersecurity Services, North America at Capgemini, kicked off the conversation by discussing AI and its impact on the threat landscape. “There is a benefit to AI,” she said. “But the other side is using it as well.”
Nair noted that AI programs, such as “FraudGPT,” can be leveraged by threat actors to write industry-specific phishing emails. To combat increases in AI-orchestrated phishing attacks, Nair encouraged attendees to increase the technical skills of their workforces and work to maintain organization-wide awareness of such emerging threats.
Kim Cavaliero-Keller, Senior Consultant, IT Organizational Change Management at Molson Coors Beverage Company, added that, “AI is the one part of cybersecurity that is going to be the most challenging.” According to Cavaliero-Keller, organizations must especially improve their cybersecurity “armor” as AI programs rapidly improve; she underlined the pressing reality that cybersecurity professionals still do not fully understand the impact the technology will have, as it is learning and changing constantly.
But AI was not the only threat identified by the panelists. Both Cavaliero-Keller and Amy Dunn, Security Specialist at Molson Coors Beverage Company, discussed the constant threat posed by phishing and the need for organizations to implement constant training and awareness checks across their operations.
Skills for Success
The panel was also asked what skills women should develop to fuel a successful career in cybersecurity. Nair and Cavaliero-Keller encouraged attendees to follow their passions and let their interests drive their career paths, including through cybersecurity.
“My father always said, ‘You are really good at what you enjoy,’” Nair reflected, telling attendees to figure out what their passions are, then to leverage industry best practices such as the National Institute of Standards and Technology (NIST) cybersecurity framework, intended for organizations to help determine and address highest-priority risk, to improve their understanding of cybersecurity risk management. With that knowledge, emerging cybersecurity professionals will be better equipped to connect their passions to their skillsets.
Another important skill both Cavaliero-Keller and Nair touched on involved remaining open to continual learning and development. “You always have to make yourself better,” Cavaliero-Keller said, emphasizing that a willingness to improve and pursue further education will help attendees advance in any career, not just in cybersecurity.
Challenges for Women in Cybersecurity
It is no secret that IT and engineering are male-dominated fields. That is steadily changing, but women still must contend with specific obstacles to career success in the world of cybersecurity.
“I’ve certainly faced a lot of challenges as a woman in cybersecurity,” Nair said. “But I do think it’s getting a lot better.” Nair mentioned how, when she began her career as an engineer, she was often told that certain organizations did not hire women for engineering roles.
“It’s extraordinary how far we’ve come” since those days, she said, emphasizing that effective cybersecurity teams require diverse mindsets that can bring a range of insights and experience to the table. Enterprises are taking steps to diversify their cybersecurity teams and, in doing so, can better protect their IT investments.
Cavaliero-Keller discussed how easy it can be to suddenly find yourself being interrupted, talked over, or “man-splained” to by male coworkers. The best way to combat such in-office hurdles is to remain confident in your skills and abilities, she said, and to stand your ground whenever possible.
Both Cavaliero-Keller and Nair also emphasized the importance of networking and volunteering in order to meet other cybersecurity professionals. “You need to find your tribe,” Nair said, also noting that creating industry connections are a great way to advance careers and find ways into unexpected new roles and companies.
Want to hear the full panel? Register here to watch on-demand.