Cybersecurity as a future-proof career for women

Automatic Summary

Why Cybersecurity is a Leading Career Opportunity for Women

From protecting personal computers to ensuring national security, cybersecurity is a field that presents an abundance of exciting career opportunities. Unfortunately, it’s an industry where women are still underrepresented. This article explores why the cybersecurity industry is ripe with employment opportunities, the importance of diversity in this sector, and how one can enter and flourish in this field.

Understanding Cybersecurity

Often, we picture someone with a black hoodie in a gloomy basement when we think about cybersecurity. Nonetheless, in reality, cybersecurity is much broader and infinitely more significant. Cyber attacks are increasing globally, affecting everyone from ordinary individuals to governments. The value at risk from cyberattacks globally is a staggering $5 trillion — demonstrating the importance of robust cybersecurity.

Cyberattacks: Who's Doing It and Why

Perpetrators of cyberattacks range from nation-states with unique geopolitical motivations to cybercriminals with monetary objectives. Even thrill-seeking teenager hackers and disaffected insiders can pose significant cybersecurity risks. The diverse array of cyber aggressors and their evolving motivations ensure a continuous demand for cybersecurity expertise.

Understanding Data Breaches

Data breaches represent one of the most common and harmful forms of cyberattacks. In the span of a decade, data breaches involving the world's biggest companies have become larger and more frequent, with each attack costing millions.

Human Factor in Cybersecurity

The crux of most cybersecurity issues lies in what's known as the human factor. Approximately 95% of the attacks occur due to human errors, such as clicking on the wrong link, inadvertently giving out sensitive credentials, or not updating passwords regularly. As these attacks can take place mostly at random, it is crucial for everyone to take adequate security precautions.

The Employment Landscape in Cybersecurity

Today, with 4 million job vacancies in cybersecurity globally, there's a massive opportunity for women to break into this field. Moreover, the ever-evolving nature of cyber threats ensures that cybersecurity will always remain a relevant and rewarding career path, with zero unemployment rate since its inception and an average salary of approximately $76,000 to $60,000 for entry-level positions in the US and Europe, respectively.

Bridging the Gender Gap in Cybersecurity

While the representation of women in cybersecurity has seen a slight increase over the past few years, the industry still faces a severe gender gap. Women bring unique perspectives and skills to this field, fostering creative problem-solving approaches crucial for staying ahead of attackers.

Becoming a Cybersecurity Professional: The Easy Way

Switching to a career in cybersecurity doesn't entail returning to college for a years-long degree. Innovative solutions such as boot camps offer intensive, three-month courses for those interested in this field. Such boot camps offer hands-on experience, equip learners with the necessary skills, and aid in landing job placements, making the transition to this lucrative career quite smooth.

Conclusion

In conclusion, cybersecurity is a wide-ranging and ever-evolving industry that presents numerous opportunities for career growth and development for women, or anyone looking to switch career paths. With intensive training programs and consistent learning, breaking into this dynamic field can be a straightforward and rewarding endeavor.


Video Transcription

Hello, everyone. Thank you so much for being here today. I'm going to start uh sharing my screen. So today we're going to be talking about why cybersecurity is such a great option of a future proof career for women.And I'm going to start by giving a overview of what cybersecurity is. Uh then explaining the size of the opportunity and how you can actually step into this career. Let me set my timer. So I don't. Great. So please ask the questions in the chat and I'll leave some a few minutes at the end in order to answer those. So what is cybersecurity in general when, when we think about cybersecurity? The first thought that comes to our mind is, you know, this guy in a black hoodie in a dark basement hidden somewhere. It's something really remote really far away from my real life, really far away from me. But actually, there's cyber attacks all the time in the world. There's tens of millions of cyber attacks happening every day that attack everyone from you, your mother, your grandfather, your organization, your country. Like it's really really everywhere where we are and we need to and we are vulnerable to that. Uh What's the, what's the cost of this?

There's actually $5 trillion in in value at risk. Five trillion, yeah, dollars in value at risk. So for you to have an idea, 5.2 trillion is twice the United Kingdom's GDP. So this is huge. This is really, really big uh between cost of like uh risk IP or destroyed equipment or data breaches. There's a huge value at risk uh of cyberattacks and this is why it's super important to protect it. Now, I want to start by telling you a couple of stories for you to start understanding what this is about. In 2017. There was this uh pandemic uh of encrypted computers, only computers, millions of computers around the world started getting this message. Oops, your important files are encrypted and if you want them back, you need to pay us $300 in Bitcoin. This is what it's called a ransomware where someone takes control of your computer and ask for money in order to give in order to give it back. In this case. This was the wanna cry ransomware and it was run by a group, a criminal group called Lazarus. So they would encrypt your computer, they would ask for money. Once you pay them, they would give you a code to get your computer back. Now, a few months later, another uh of these uh ransom words appeared in this case, it was called pe A, it was a little smaller, uh, but in this case, once you paid for the, for the ransom, they would give you the wrong, uh, key to the cryptid.

So they would actually be deleting all your files. So if you start thinking about it, it's like why would a criminal, uh, encrypt your computer ask for money and then don't give your computer back. Because if this would happen to me, they are, they are undermining their credibility.

If this would happen to me, I would pay, I would not get my computer back. Then I will tell my friend next time when my friend is attacked, he will not pay because he knows that he will not get his computer back. So this was a really a little surprising. So investigators started investigating, doing their jobs and they discover that actually the epicenter of the attack was happening in Ukraine. It had expanded globally because we're all connected these days. But the epicenter was happening in Ukraine.

And if you step back at what was happening, uh there back then there was an active conflict with Russia. And eventually, the conclusion was that this was indeed uh an attack from a nation state on another nation state uh in Ukraine. So as I just mentioned, we discuss about two different kinds of factors that are uh that operate in the cyber world. One is the nation states that have different kinds of pol geopolitical motivations cyber criminals that are basically looking for money and they can get money by putting around somewhere in your computer, either your personal computer or your work computer, they can get money by stealing secrets.

They can get money by stealing secret IP that then either you will pay to get it back or maybe your competitor will pay from getting back. They can get money by stealing credentials to bank accounts, for example. So there's a lot of ways that criminals can just make money out of cyber activists, for example, like uh wikileaks, they, they do this because they follow their uh corresponding ideologies. There's terrorist groups that want to generate violence, they're thrill seekers. It's actually pretty easy to be a hacker. You don't need to be this super sophisticated person. So there's a lot of people sometimes teenagers that just do this because for the satisfaction of it and it can also be insider threats. Like maybe you belong to an organization, you are not happy with it and, and you decide to do these kinds of things. So as you see, there's a lot of different actors and motivations of why cyberattacks can happen. This means that there's a lot of opportunities in order to protect us from cyberattacks because in order to protect us, when when cyber defenders are protecting their organizations, they can be protecting, you know, the banking system, the electricity system, the traffic system, uh our personal computers, like there's such a big um industry with different shapes and forms around cybersecurity.

Now, how does this happen? And I'm not going to get into the technical details because that's not my expertise and it's also not the purpose of this uh session. But we already talked about ransomware when they just take control of your computer and ask you for money in order to give it back. There's also what's called A PTS that advance persistent threads that this is when an attacker gets into your system and stays there observing what you do, learning from what you do, uh maybe uh registering different amount of data for a very long time until they actually do something.

They can just be spying on you taking control of your camera. For example, they could be doing uh D OS um the denial of service. That's when you request a lot of things for a system. Eventually it may stop working and it's a way it's another attack. And there's a lot of other ways that uh Attackers can use in order to generate uh whatever they are looking to generate. Now, once the attacker gets into your system, uh the objective is to get out of your system, right? And part of how they get out and how they, the stuff that they get out are what we call data breaches. And here we can see between 2007 and 2010, there were several data bridges different sizes, the size of the circle is the size of, of the bridge. And 10 years later, these are the amount and size of the data breaches. So you can clearly see that. Well, here there are some and they are small and you cannot even read their names. These are the biggest companies in the world. It's happening everywhere. It's happening. I'm sure it happened to you and to people, you know, because it's really, really happening everywhere and it has a huge cost. It's estimated that each data breach has an average cost of almost $4 million. Where does all this happen? So all this happens not only in the internet that you and I know, but also on the deep web and on the dark web. So the internet that you and I know is what's called the clear web.

Then there's the deep web that's uh the internet that you can access still with your browser, but it's not indexed by the se search engines. So it will not appear in Google, for example. And then there's the dark web uh that you can only access through a special browser and where you can actually buy and sell all kinds of nonlegal stuff from weapons, pornography, uh bank accounts, uh hacking services, et cetera. So without incentivizing any illegal behavior, this is an example, for example, uh where you can go in and buy uh bank like credentials to bank accounts with balance and as you can see it's such a established marketplace that even vendors have ratings trust level, vendor level as you would have in, in Amazon or in our marketplace uh that you're familiar with.

So how, how does this happen? Because again, it sounds like the guy with the black hoodie and all this dark web and it sounds so complicated. Uh and so difficult. Maybe I need to, you know, in order to protect myself, I have to be this super expert in, in technology, but no, actually 95% of the attacks happen because of what we call the human factor. That's basically because someone, a person made a mistake, forgot to change the password, clicked in the wrong link, accidentally accidentally gave their credentials. So this is why at cy, we focus on cyber education because we really, really, really believe that we all need to get trained this new, new world of cyber in order to, to stay safe. So how, how do hackers uh generate this is through what's called social engineering? So we are, we are humans, we are vulnerable to certain specific behaviors. We're vulnerable to helping people asking for help. We're vulnerable to the things that look familiar uh to emergencies. So what social engineers do is that they manipulate us, uh knowing how we behave, they manipulate us in order to get what they want from us. The most common way of manipulation that you probably have heard about is called fishing. This is when you get an email.

Uh that's either saying uh there's a problem with your bank account. Please click here to fix it and then you click there and then it takes you to a fake website where you give them your bank account details and suddenly they have your bank account details. Uh It could be more, more addressed to you. So in general, phishing attacks are sent to millions of people and some people uh will will buy it. But they could also be more, more personalized if I want to access your computer. For example, I could be doing research through social media and through other means of what will make you uh trickle. And so maybe I can send you an email talking about the book, you just rent it in the library or about the common coffee store you usually visit and I tempt you to click and once you click, I can either be installing stuff in your computer or uh sending you into a fake website where I ask you for your information.

So pitching is the easiest way that uh Attackers have to get into your computers. Um We usually say like, ah this doesn't matter because I'm not important. I'm really not important. Nobody's going to want to attack me. It's not true. First, as I mentioned, these attacks are mostly uh random but also we are all connected these days. So you could be important because you usually connect to the same network that this important executive from a different uh company in your favorite coffee store or you can be important because your boyfriend's uncle is this important person somewhere else. Like we are all connected.

So we are all vulnerable to be attacked in order for hackers to get what they want. This is why it's really important that we all take the, the right precautions. And especially because today you're not only vulnerable when you are in your computer. Today, everything is connected to the internet. So from your fridge, uh your smart, watch your car, everything is connected. So we need to make sure that we pay attention to the passwords and how we operate these devices constantly. Now, when the moment is now right now, we need help with this problem. So globally, there's 4 million vacant jobs in cybersecurity. What does this mean that globally all the organizations and the governments that need help keeping their system secure cannot find enough people with the skills to defend their uh systems. We need 4 million new cyber defenders in the world and this is a problem that's happening right now because there's so few people that actually have the skills to do this. It's a very well paid job like we can see here that the average salary in the US for an entry level position in Cyber is around $76,000 in Europe. It's around 50 €60,000 it's a really lucrative career to enter, that has had 0% unemployment rate since its beginning.

And the reason why it's also super interesting is that it's a very diverse career, for example, um co developers, it's, it's a very growing career. It's a really interesting segment. It's a really interesting thing to get into. However, it's a very specific thing and it requires a specific kind of person that actually enjoys writing code. Cyber is not like this. There's so many dimensions to cyber that you could be doing a lot of very different things. For example, you could choose to protect networks, you can choose to investigate and do forensics. You can choose to be more on the governance side. So it's such a diverse um industry that you could be applying your different skills into it. And of course, unfortunately, uh women are not being part of this huge opportunity while uh women in insider did increase from about 11% to about 20% in the last few years, there's still a huge gap and, and we need women, we need women for different first because because it's such a diverse uh industry, we need different skills, but also because you have to be really creative.

So we need even more diversity. You always have to be ahead of the Attackers. So the the more diversity we bring into cr the better now say, ok, Ingrid, you convince me Cyber is great. It's a great opportunity. I understand how in this changing world, I will always have a job if I work in Cyber. But I don't have time to go back to college and study cyber for four years and I don't have the money to pay for it. So how do I do? How do I take advantage of this opportunity? And we ask ourselves the same question and we said, OK, we need to find a different way to actually train all these people this fast. And we personally look for inspiration uh in the military where they need to train uh thousands of 18 year olds freshly come out of high school into new careers in only three months. So looking at that and bringing the exper experience we have in education, we created our saving boot camp, that's a three months intensive learning experience that's focused on giving you a new career. It's not focused on teaching you theory and, and teaching you like abstract things that in one future may or may not be helpful for you.

We're really focused on giving you hands on experience that will allow you to start adding value to your employer day one in your entry level position. In cybersecurity plus cybersecurity, it's not only diverse, but it also changes a lot because there's new threads coming in all the time.

So it's really important to that we keep learning and learning constantly. Uh And so that we adapt the content. Uh all the time. So with this kind of format, with a new paradigm, with three months intensive boot camps, you can easily get into cybersecurity and start enjoying the the benefits of this great career. So thank you. Uh If you want to reach out to me, you can uh take a picture of this QR code, it will send you to my linkedin in general, be careful with Q QR codes, but I promise this one it's real and it will not hurt you. Uh And now I'm going to stop sharing and I'm going to see if we have questions. Can uh OK. Um I don't see questions but I'm reading the chat. Uh Weakest Link. Why encourage desire? Yes, it's super important. And in fact, what we do at silent is that different roles uh have different needs of knowing uh cybersecurity. So for example, regular people, employees have one need. Developers have to know cybersecurity in order to do their job. Well, uh security people need to know different skills.

So we really focus on teaching each person what they need. And this relates to the comment here about Uiux designers that also need to know specific things about cybersecurity. Um So thank you. I'm going to keep reading the chat if there's more questions here. Uh So Martina is asking, is the bootcamp self-paced? No, it's a three month bootcamp and the reason or, or we have a, a part time version that's six months that's uh not full time. Uh It's huge, you know, when you're reskilling yourself into a new career, it requires a lot of energy. And when you are only in a self paced program that you do it, whenever you have time, it's unlikely that you're actually going to go through these 500 hours of content. So, uh we deeply believe that you need the support of your colleagues, a cohort, a facilitator that helps you go through, through all this uh process. Uh So uh it's time I need to be respectful of, of the other um uh speakers. So if you want to leave, you can leave, I'll keep answering these questions that I see here. Uh So it's your suggestion for someone who is already experience in different jobs and what to switch to cyber again, it depends on what job you are you are in.

But if you see that this is not something that's exciting for you. If you see that this may not have a future, I highly encourage you to look for a good camp around. Um I recommend ours but there's, there's others too. Uh We find a good camp. Uh You can email us in, in our page, you can reach out and, and we can tell you which boot camp is uh around your area. And it's a risk, of course, risk killing it. It's always a risk into a new career, but this industry in particular is pretty risk free. So, um you can uh find out more and you're welcome to, to reach out to me. Uh And I encourage you to, to make the jump. How would you advise women to go over unconscious gender bias at workplace? That's a big question. Uh I'm not sure I have a fast answer for that, but I think it starts with us and in general, what, what I do in my life and in my company is that uh I stay curious and, and, and I look at what we're doing and whenever there's something that sounds a little out of place, uh Thanks God here at timing, we have a very safe space where we can actually talk about it.

Uh And, and we discuss it and we have these conversations quite regularly. Um I understand that sometimes this may not be the case. And we have several women that came from, from cyber that felt very alienated because they were the only women and they were not paying attention to. But I think this is the biggest conversation that we need to be aware of in, in every workplace. Uh help more details about career growth in the cybersecurity industry. So there's, there's a lot of ways uh to grow in cybersecurity. Uh As I mentioned in the different uh kind of career paths inside cybersecurity. Uh I encourage you to uh visit the Mist nice website. Uh uh And there you, you actually have progressions and careers where, where you can uh go from one world to the other, uh how to switch. So these boot camps, what they usually do is that they also include career services that allow that help you um prepare for the job search. Uh So it's like you would go through the intensive learning experience and then uh they would help you find a job. You're not guaranteeing jobs, you still have to look for a job. But usually these bootcamps already have connections with potential employers and they can help you get that first step and once you get the first entry level position, then you know, it's up to you to grow.

Um So if I in bootcamp online, uh we haven't, we can do it in person, we can do it online online, but it's still um synchronous. So it's not like you start at any time that you want. Uh We have boot camps that start at a certain date and finish three or six months later and we are doing it remote in this case because of COVID and because we have discovered that it also has a lot of advantages uh to, to do it remotely. Uh We have a blended model where it actually works online, meaning that all the content is in our platform and in our platform, we have what we call virtual machines where you can practice and, and you can learn. Uh and then we have the se the live sessions where we teach you the soft skills that you need in order to get jobs. But also, uh we reflect and discuss all the exercises we've done during the day. So it's a, it's a more diverse experience. Uh OK, so thank you everyone. Uh very much for joining. Please feel free to reach out to me uh In linkedin. If you have more questions or if you want to know about a specific boot camp, uh you can also reach to reach out to us through uh the website and we'll be able to help you. Uh So thank you. Enjoy the conference.