The Australian Information Security Association (AISA) Awards is a prestigious annual event that recognises extraordinary information security professionals that have promoted excellence and innovation in the field. One of the unique things about this year’s AISA Awards is that, for the first time, the Diversity category was included. This highlights the importance and impact of diversity in the field, recognising the continuous efforts of the driven men and women making a difference in this space. Let’s meet some of the amazing nominees for this year:
Samantha Macleod (Diversity in Cyber Security)
Samantha is the Chair of the ME’s Women in Digital and Technology Committee, a committee that drives initiatives to achieve gender and cultural balances in ME’s digital and technology disciplines. Samantha has actively volunteered with Women in IT Committees including Go-Girl-for-IT since early 2004. She also represents women as a CISO and her leadership efforts in industry and with tertiary institutions focuses on attaining and retaining cyber security professionals from varying career backgrounds.
Jacqui Loustau (Diversity in Cyber Security)
Jacqui is the founder of Australian Women in Security Network, an industry network with the aim of connecting, supporting, collaborating, and inspiring women in the security industry. AWSN continues to grow every single day, with over 400 members in LinkedIn and several chapters established across Australia.
Lynwen Connick (Diversity in Cyber Security)
Deeply passionate about encouraging women and people from diverse backgrounds to take up careers in cyber security, Lynwen actively engages with government and business leaders through leveraging her position in the Australian Government. She led the recent review of Australia’s cyber security and the development of the new national cyber security strategy launched by the Prime Minister in April. The strategy includes an initiative to improve diversity and the participation of women in the cyber security workforce..
Erica Hardinge (Cyber Security Rising Star of the Year)
Erica is a co-founder of the Security, Influence, and Trust Group, an industry network that focuses on functional development and community cyber security influence. She also leads ANZ’s security behaviour change program that seeks to empower and educate ANZ staff on cyber security.
Robyn Bailey (Diversity in Cyber Security)
A highly experienced Principal Consultant in the field of Information Security, Robyn also volunteers her time outside work to encourage young women in STEM disciplines through various projects. She also founded the first Australasian chapter of the ISSA, and brought the first CISSP exam to Australia in 2001.
Mandy Turner (AISA Volunteer of the Year)
Mandy works full time for the Australian Public Service, is studying a degree full time in dementia care, is an artist, musician and is also actively involved in a variety of volunteer roles. She is the branch executive for the AISA Brisbane branch and proudly supports the AWSN with blog site creation and administration and mentoring programmes. She is passionate about the industry and has worked endlessly to help mentor numerous men and women by generously donating her time to help others.
This year, the Australian Women in Security Network (AWSN) was honoured to be given the opportunity to interview these deserving nominees, sharing their various insights on diversity in the ever-growing and changing field of information security.
1. How much benefit/impact can diversity provide our industry?
Samantha: If we bring together people from diverse walks of life, with a variety of life experiences, and professional experiences, we will introduce new capabilities to help us to innovate and grow the security industry. We need different technical skills, leadership skills and thought leadership to effectively solve business issues.
Jacqui: Everyone has their own set of beliefs, perspectives and opinions which are based on experience and who they are. This type of diverse thinking is important for any industry, including security. The cyber criminals come from all kinds of backgrounds and if we are to have a chance in combating them we need all creative thoughts, expertise, languages and ideas.
Lynwen: Australia has a skills shortage in cyber security. Embracing diversity in this profession is essential if we are to address this shortage, but it will also have much broader benefits.Read more: Women in security: Cultures, incentives that promote retention
Erica: We know that diversity contributes to holistic problem solving; it also enables people the opportunity to learn from different styles and strengths. Cyber Security, perhaps more so than most functional areas, requires diversity of backgrounds (e.g. arts, communications, change management, business, law) to address what is increasingly being recognised as a “social problem”. Cyber issues are not something that technical experts alone can solve.
Robyn: Diversity provides a holistic perspective on threat and risk management. The industry needs more diversity in thought leadership to fully encompass the risks to security. We are seeing more and more security incidents due to lack of non-technical controls and from my experience much of this is due to the focus on technical controls or exceedingly stringent controls – this has to change.
Mandy: Diversity is a celebration of the uniqueness in all people, how they think, what they know, what they believe, how they express themselves. Diversity can be embraced and utilised to produce the best outcomes for our industry by encouraging creative thinking, finding non-traditional solutions and bringing about positive change.
2. What do you think is the most important advantage of having a diverse workplace?
Samantha: A security team that has members from many cultural backgrounds and professional skills, results in new and fresh thinking around security. Diversity breeds innovative thinking and therefore business that build diversity into their culture have far more effective teams that are more likely to think outside the square.
Jacqui: Diversity in the workplace can bring creativity and new ways of thinking. Everyone is different and often this diversity of thought can bring new perspectives or ideas to legacy or complex problems.
Lynwen: The most important advantage of diversity is that it challenges and dejects groupthink. Diversity breeds different ways of thinking and different approaches, it is a powerful tool to facilitate innovation.
Erica: The opportunity to learn – from people with different styles, backgrounds, perspectives, expertise, approaches to relationship management and technical specialty.
Robyn: Workplace diversity can bring in new ideas which in turn can bring about a number of benefits to the organisation including better processes or products.
Mandy: It encourages the generation of many amazing ideas to contribute positively to creating solutions, and it provides a rich tapestry of skills, cultures, backgrounds, personalities and knowledge to learn from and makes the workplace a personally and professionally rewarding place to be.
3. What trait of yours do you consider as the most important contributor to your career growth?
Samantha: I’ve always selected roles that put me in between the business and IT so I can bring a business lens to the IT thinking, or help attribute technology thinking to the business need. Support and collaboration is important for women in tech as there are so few of us at leadership levels. Equally, I also think it’s imperative that female leaders with the potential to develop successful security careers have strong male sponsors to help them along the way.
Jacqui: I try to look at the bigger picture and attempt to collaborate and connect similar projects, initiatives and people. I took every challenge thrown at me and did the best that I could!
Lynwen: I think the trait that has been most important for my career growth has been having an adventurous spirit and the determination to succeed in anything I take on. I love taking up a challenge, a new role or a difficult problem.
Erica: Openness to change and learning opportunities – you can’t create change without being open to it in your own life and career. It’s important to embrace opportunities and to be open to new ways of doing things. It’s widely accepted that careers now require “learning for life” – this is actually an exciting opportunity and one I have found not only pays off but is personally rewarding.
Robyn: My analytical nature – I have a compelling drive to understand how things work, which makes me a good problem solver whether solving a technical or business problem.
Mandy: I am humble and willing to learn. I see interactions with people as an opportunity to learn and have my thoughts and concepts challenged in a productive manner. I see value in everyone and know they have something of value to add to my education in this colourful mosaic of life.
4. What advice would you give to our youth just starting out in the information Security industry?
Samantha: Be willing to learn, collaborate, and know that not all technology roles require deep technical expertise. Don’t hide your passion. Develop professional relationships with people from many different walks of life. who can sponsor you throughout your career.
Jacqui: Take any opportunity that comes your way and learn from it. It helps you work out your strengths, weaknesses and interests. I encourage you to network as much as possible. The power of networking is priceless. I recommend you to get out there and be bold, be curious and be persistent.
Lynwen: Think big, be bold and have confidence in yourself. There are so many different career paths in the information security industry. It is a great industry for anyone to consider working in – give it a go!
Erica: The career you'll have in 10 years doesn't exist yet...so - be open to opportunities, learn from the people around you and find something you feel passionate about.
Robyn: Look at information security holistically and become familiar with all ISO27001 controls.. For those looking at career as an information security technologist, educate yourself in all areas of technology first – communications, database, application development. You cannot secure what you don’t understand.
Mandy: Never stop learning and embrace all opportunities to challenge yourself. You will not get a dream job straight away, have patience and use each part if your career path as a chance to develop.
- - - - -
Every single day, the cyber security industry is growing exponentially, and along with it comes new challenges. One of the keys to overcoming these challenges is to always be open to innovative ways, thoughts, and ideas - and the richest source of such things is diversity.
About the authors:
Micah is currently in her last year of the Master of Statistics and Operations Research program at RMIT. She came along to a security careers talk where AWSN was also presenting and decided to take electives in security to compliment her big data knowledge and interest. The AWSN has recognised her incredible potential and are determined to see her continue in this field. We will be watching this one!
Iresha Fernando is a Software Developer at BAE Systems and has been with the AWSN from the start. She has been an active advocate of women in tech within her company and gives up many hours of her personal time to help others. She is also the AWSN social media manager.
The AWSN tries to help youngsters interested in security by exposing them to professionals already in the field and mentoring them where possible. It is vital for our youth to have access to senior leaders in the field to help inspire them.
Claire Fulford is an accomplished security professional. She recently started her own business after seeing the need to consult and guide organisation's on their security professional team needs. She has mentored Iresha and Micah throughout this article to help give direction and guidance.
Once again, Australian Women in Security would like to express gratitude to the wonderful nominees who have contributed to this article.
To learn more about or submit information to share about women in cyber security see the Department of the Prime Minister and Cabinet website