October 21, 2022

-
min read

Q&A: Why Diversity in Cybersecurity Is So Important

In anticipation of the Day of Shecurity happening on December 8th, we sat down with Staff Security Intelligence Engineer, Kristina Balaam to get her take on diversity in the cybersecurity industry and why we need more of it. 

Day of Shecurity is a free one-day virtual conference that advocates for the inclusion of women and the diversification of cybersecurity.

Were you aware of jobs in cybersecurity when you were still in school?‍

No, not at all. And I think that's one of the biggest issues a lot of people face, but in particular women in the industry. I didn’t even know there were specific security roles. I just assumed that anybody who was a software engineer knew security and handled it.

Was there a role model or someone who influenced you when you were still trying to figure out your career?‍

I didn’t really have anyone I saw as a role model until my first year of university when Jade Raymond, a developer for the gaming company Ubisoft in Montreal who had gone to McGill [University] and did a computer science degree as well, came back to talk about it. Her talk was really the catalyst for me switching from what I thought was eventually going to be a career in international law because I didn't know that computer science was a thing I could actually do.

That’s why I think Day of Shecurity is such an important event because most people don’t even know these roles exist until they see someone else talking about them and doing them.

Speaking of Day of Shecurity, the event is about promoting diversity and inclusion of women. Why do you think diversity is so important to the industry?‍

One thing you’ll hear from almost everyone in this field is that everybody does research differently. The members of my team and I have all taken very different paths to cybersecurity and that allows us all to look at problems in completely different ways. That diversity of thought and approach makes us much more effective as a team.

What role does Day of Shecurity play in getting more women into infosec?‍

I think there are a lot of people who are interested in getting involved in infosec but don't really know where to start and who might feel intimidated walking into a major conference like DEF CON. But with Day of Shecurity, it's specifically for people who are interested in dipping their toes into the world of infosec without being surrounded by people who might appear to know more than they do and make them feel like it's too late to make the transition.

Do you have any good advice for young women out there who’s looking at computer science or cybersecurity as a potential career path?‍

The thing I would most recommend would be to start learning on your own. I know that can feel very intimidating, but there are so many resources available. 

If you do a Google search for any area of cybersecurity you're interested in you will find YouTube videos, tutorials, or books to get you started. When you see somebody online that's doing the job that you really want to have, try reaching out and let them know that you’re interested in what they do and ask for advice or resources.

In my experience, 99% of the time, people will be more than happy to tell you how they got there because they were in the exact same position 10 or 15 years ago. Follow your interests with your own personal research projects and then reach out for mentorship.

If you’d like to learn more about the upcoming Day of Shecurity on December 8, check out our event site. You can also find the works of our security intelligence team at the Lookout Threat Lab.

Book a personalized, no-pressure demo today to learn:

  • How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
  • Real-world examples of phishing and app threats that have compromised organizations
  • How an integrated endpoint-to-cloud security platform can detect threats and protect your organization

Book a personalized, no-pressure demo today to learn:

  • How adversaries are leveraging avenues outside traditional email to conduct phishing on iOS and Android devices
  • Real-world examples of phishing and app threats that have compromised organizations
  • How an integrated endpoint-to-cloud security platform can detect threats and protect your organization
Collaboration

Book a personalized, no-pressure demo today to learn:

Discover how adversaries use non-traditional methods for phishing on iOS/Android, see real-world examples of threats, and learn how an integrated security platform safeguards your organization.