Women in Cybersecurity

According to the Women’s Society of Cyberjutsu (WSC), women comprise 50 percent of professional occupations in the U.S. and only 11 percent of the information security workforce. Here at the NJCCIC, women contribute to the success of all bureaus, including Partnerships, Cyber Threat Intelligence and Analysis, Security Engineering and Cyber Operations, and Governance Risk and Compliance through various roles including Cyber Threat Intelligence Analysts, Cyber Liaison Officers, and Incident Reporting and Response Specialists.

We asked our female NJCCIC staff members some questions to share their experiences as women in the cybersecurity field. As is evident from the responses below, there are many different career and educational paths that can lead to a successful career in cybersecurity. This dynamic field provides an opportunity to work in various disciplines and learn about new technologies, evolving threats, attack vectors, and mitigation strategies, and apply that knowledge to defending networks and protecting sensitive data. Now, more than ever, there is a need for cybersecurity professionals to enter the workforce and we here at the NJCCIC encourage interested and motivated women to join us in this challenging and rewarding field. Together, we can all work to ensure New Jersey remains a cyber-secure state!

When did you first become interested in cybersecurity?

I have always had an interest in technology since I was very young. My father was a computer programmer and later moved into a network security role and I was always interested in what he did at work. I hadn’t thought of it as a career option until I was older and after I pursued jobs in a different field, though.
Senior Cyber Threat Intelligence Analyst
It is hard to say when I first became interested in cybersecurity. I did not follow the normal path of knowing this is what I wanted to do when I grew up.  It was more of an evolution.
Senior Cybersecurity Specialist
I was hired at the Department of Defense (DOD) as a threat analyst with the mission to defend US Government systems and networks. It was at this job that I developed a true interest and passion for cybersecurity.
Senior Cyber Threat Intelligence Analyst
I became interested in cybersecurity while working as a detective assigned to investigate cybercrimes. I wanted to learn not only how to respond to incidents, but also how to prevent attacks and intrusions from occurring in the first place.
Cyber Threat Intelligence Analyst
After the attacks of September 11th, a new office was formed and I became the first IT employee of the Office of Counter Terrorism in 2002. That is when my focus shifted entirely to security, but not necessarily “Cybersecurity” as you would view it today. Over the course of ten years of working to build out systems to support the Office of Homeland Security, the topic of cybersecurity grew into the still emerging field it is now. So I would say that my specific security focus began after the terrorist attacks of September 11th.
- Cybersecurity Policy and Compliance Analyst
I was first interested in cybersecurity when I started my Master’s degree program. They offered a specialization in Information Assurance/Cybersecurity.
- Cyber Liaison Officer
Working in cybersecurity was a natural fit with my minor in criminal justice and a Master’s in computer science.  After working as a UNIX systems administrator for 2 years a position in information security opened up, I went home, and told my husband I was transferring to information security.  He said, “That is the dumbest idea I have heard.” I transferred anyway and have worked in the field since.  After 10 years, my husband transferred to cybersecurity – imitation is the best form of flattery. I have held various roles such as Chief Cyber-Security Strategist/Advisor, Chief Information Security Officer (CISO), Chief Technology Officer, President (ISC)2 NJ Chapter, President OWASP Central New Jersey, Advisor to Congress and government leaders and extensive experience in speaking at national and international conferences.
Advisor/Entrepreneur

Why did you get into the field of cybersecurity?

I was at a point in my life where I needed a change and wanted a career with more growth and earning potential so I started thinking about going back to school, but I wasn’t sure what I wanted to study. As funny as it sounds, I was watching an episode of the TV show 24 and heard one of the characters use the term “computer forensics.” I started searching for that term online to see if it was a legitimate field in which I could get a degree or certification. During my search, I found that “computer forensics” fell under the larger umbrella of cybersecurity, so I expanded my search and looked for cybersecurity degree programs.
- Senior Cyber Threat Intelligence Analyst
I made it a part of my job function when I was hired- protecting the Garden State Network (GSN) from malicious intent came naturally to me.
Incident Reporting and Response Specialist
I got into the field of cybersecurity because I believe that promoting awareness is key. People love using technology but do not understand how vulnerable they are to cyber incidents.
Cyber Liaison Officer
While working for the Office of Homeland Security for ten years, as the Chief Technology Officer, the cybersecurity topic was always in the thought process of what we were working on. Raising people’s awareness of security topics within State Government has always been a challenge, but it was a reoccurring topic that we had to tackle. Now, cybersecurity is so integral to every aspect of what the office does, and what State Government needs to accomplish.
Cybersecurity Policy and Compliance Analyst
It just seemed to be a natural progression. I have a strong need to protect others and my evolution into the IT and then IT Security gave me the ability to do be able to do that. 
Senior Cybersecurity Specialist
My job at the DOD pushed me into the field of cybersecurity; I otherwise may not have ended up in this career. I chose to stay in this field because of the work I do. I think it is vitally important for the public to become more aware of their cyber risk as more of their life is connected to the internet. This awareness can prevent users from becoming victim to cyber threats that could cause financial and data loss.
Senior Cyber Threat Intelligence Analyst

How did you get your start in cybersecurity? Did you go to school for cybersecurity or a related major?

I received a Bachelor’s degree in international studies and never intended to get into cybersecurity. However, my Bachelor’s has been an asset in understanding how cyber plays into international relations and conflicts. While I have received a certification, I don’t have an advanced degree in cybersecurity.
Senior Cyber Threat Intelligence Analyst
I have a Bachelor of Science in Business Management, but have always been interested in computers and how they work. I have taken classes over the past 24 years related to web design and programming. In 2010, I participated in a pilot class at Seton Hall Law School for “Cybersecurity Law” for which I earned a certificate.
Cybersecurity Policy and Compliance Analyst
I got my start in cybersecurity when I started my Master’s degree. It was not easy, and it took a lot of hard work and dedication.
Cyber Liaison Officer
I began working in the cyber field investigating computer and internet-based crimes and was very fortunate to have an opportunity to transition into cybersecurity with the NJCCIC. I received a Bachelor’s degree in Criminal Justice and Sociology and a Master’s degree in Intelligence and Crime Analysis, and hold a certification as a computer forensic examiner.
Cyber Threat Intelligence Analyst
I graduated Rutgers with a BA in Business and took an entry-level job. Having an appetite to learn new things, I applied for other jobs that were more challenging, took training classes in my free time, and met some wonderful mentors along the way.
Senior Cybersecurity Specialist
I already had a Bachelor of Arts degree in English and Communications when I started looking for cybersecurity degree programs. I wanted to earn a master’s degree instead of getting a second bachelor’s degree, but I initially had a hard time finding a school that offered one. Cybersecurity was a relatively “new” concept and it wasn’t really a widely-used term at the time, so programs were limited. When I finally did find a school that offered a Master of Science in Cybersecurity, I enrolled immediately. Fortunately, it was an online degree program, so I completed the program at home.
Senior Cyber Threat Intelligence Analyst
My Associates Degree is for Network Engineering and security was a miniscule portion of that. After college, many colleges/schools/institutions didn't offer any cybersecurity courses; they only offered programming or one class in cybersecurity (the US was behind Europe for many years in regards to cybersecurity). Cybersecurity was widely known only as cyberbullying, no one believed that hacks occurred or it wouldn't affect them – now we have more than one every day.
Incident Reporting and Response Specialist
Cybersecurity did not exist as a degree when I chose to obtain a Master’s in Computer Science. I chose an engineering field because it provides a less subjective criteria for performance evaluation and because it is a growing field that pays wells.  In my estimation, engineering and science fields have more opportunities because the results are less subjective.  If the program or project works – you get credit.
Advisor/Entrepreneur

As a woman in the field, did you have any hurdles you had to overcome?

The biggest hurdle that I had to overcome was myself. I was raised by a mother who always put everyone ahead of herself and I inherited that trait. At the time I became a Security Operations manager, I was also a working mom. As a manager, my responsibilities not only included training and supervising staff, but also performing security analysis and administration. I found that all of my time and resources were being split between my work, my staff, and my family, and I was not leaving any time for improving my skillsets. When work offered a one-hour Time Management class I found time to take it. This class helped me overcome this hurdle.
Senior Cybersecurity Specialist
I feel that sometimes because of how young I look and because I am a woman, people’s first impression is to not take me seriously. When I started out as an intern, I had someone call me “the little girl” instead of by my name. The key is to have confidence in yourself and not to be intimidated by people like that.
Cyber Liaison Officer
The biggest hurdle to overcome is not focusing on the number of women in the room.  It is necessary to become comfortable with being one of a few or the only woman in the room.  In most of my courses I was a minority with 1% to 5% of the classes being women. With 11% women in the industry this tends to be the case in the work environment.  For me, focusing on the work and ignoring non-supportive people has worked well. Also, do not be intimidated by loud obnoxious people. The vast majority of people are supportive of women and minorities in the industry.
Advisor/Entrepreneur
I have felt that, in some cases, there was an assumption that my male co-workers had more knowledge on a subject(s) than I did. This attitude has changed a lot over the years, however, as more women have entered the field and proven that assumption wrong.
Senior Cyber Threat Intelligence Analyst
I think it is a hurdle that anyone in the computer field has to overcome, which is staying up to date with rapidly changing technologies, that seems to be a common thread for anyone in the computer field.
Cybersecurity Policy and Compliance Analyst
Yes, people tended not to believe what you were saying even if you provided them proof; it was only until after an event occurred – that is when they started listening to you.
- Incident Reporting and Response Specialist
When I first started looking for cybersecurity jobs, I had a hard time getting my foot in the door and, when I finally did get my first paid position, I ended up quitting after two weeks because of how horribly I was treated by several male staff members and managers at the company. That experience definitely took a toll on my self-esteem and made me question my decision to pursue a career in technology. However, over time, I increased my knowledge-base and met people who encouraged me in my career and that helped me gain the confidence I needed to keep moving forward and pursue new goals and challenges. I still occasionally encounter people who don’t seem to take my ideas or concerns seriously, but those instances are few and far between and I see it as their problem, not mine, so I don’t take it personally. I consider myself fortunate to be working in an organization that has hired so many women in technical roles and am very flattered when I get calls from seasoned IT guys for help or guidance on cybersecurity issues. That always makes me feel respected and successful.
Senior Cyber Threat Intelligence Analyst

Do you have any advice and encouragement for women entering the cybersecurity field?

My advice is to find an environment you feel comfortable in – focus on your interests and don’t give up on the field, search until you find an area you are good at and is of interest. There are many different types of roles in cybersecurity, deep technical, management, marketing, technical writing, speaking and training to list a few. Your ideal role may be in a different group, different reporting manager, or different company. Get involved in professional cybersecurity associations (i.e. OWASP, (ISC)2, ISACA) and industry bodies such as ISACs and IETF. They are good for networking, understanding the industry, developing skills – technical, managerial, presentation, etc. and assist in growing your career.
Advisor/Entrepreneur
Keep pushing forward and being the analytical selves we naturally are, and ensure you understand everything about the network you are protecting. Make this a career and not just a job, care about how a breach/hack affects everyone – not just you.
Incident Reporting and Response Specialist
Don’t let anyone tell you that you aren’t capable of being in the cybersecurity field. If I let that happen, I would not have my dream career. As long as you are willing to put in the hard work, you can achieve anything you want.
Cyber Liaison Officer
Treat each experience, positive or negative, as a learning lesson and use it to grow and move forward. Be persistent, confident, and assertive!
Cyber Threat Intelligence Analyst
It is a great field to get into. There are plenty of educational opportunities beyond formal education, such as certifications. These allow you to focus on a specific area of cybersecurity that make you more marketable for various jobs within the field. The field is in need of more cybersecurity professionals, making job hunting much easier.
Senior Cyber Threat Intelligence Analyst
Take a public speaking class/es. Most people in the computer field are so focused on technical topics that they can’t interpret the technical terms into business terms--and they hate speaking in public! (Most people do.) In any organization you will have to deal with projects and budgets, and talking to folks in other areas of your organization will require your technical knowledge, but also the business terminology and ability to speak in non-technical terms, to make your project successful.
Cybersecurity Policy and Compliance Analyst
Cybersecurity is an evolving and exciting career that gives you the opportunity to grow.
Senior Cybersecurity Specialist
Don’t get discouraged and never tell yourself you can’t do something. I’ve known far too many women who have talked themselves out of pursuing goals because they convinced themselves that it was too difficult or they wouldn’t succeed. We women are so self-critical that we can be our own worst enemies. Don’t worry about what other people think and don’t be afraid to challenge yourself. Consider finding a mentor or joining a group that can help you with your career goals. The Women’s Society of Cyberjutsu is a great organization that is dedicated to helping women succeed in the cybersecurity field.
Senior Cyber Threat Intelligence Analyst
Always take every opportunity to try new things, new topics, new classes - keep continuously learning. Look for supervisors and co-workers that you can count on as mentors, and to have them as a sounding board for ideas.
Cybersecurity Policy and Compliance Analyst
Cybersecurity is important across all industries, governments and consumers. This gives the opportunity to work in many different fields (i.e. pharmaceuticals, financials, telecommunications, and governments). Also, learn the business and how cybersecurity is important to that business. To make yourself more valuable, learn the business as well as technology and be comfortable with public speaking. Both the beauty and bane of cybersecurity is that it’s constantly changing. It provides the capability to be constantly learning new technologies, new attack vectors and mitigating strategies. There is a lot of room to be creative and do research and get credit for your hard work.
Advisor/Entrepreneur