Industry Trends

Women in Cybersecurity: A Conversation About Careers and Challenges

By Barbara Maigret | April 18, 2022

It's no secret that the lack of gender diversity in cybersecurity is a worldwide issue. While there are many reasons why women continue to be underrepresented in this industry—significant bias and gender stereotypes drive the belief that a career in cybersecurity is not for women—many companies, including Fortinet, are now actively tackling this issue. This goes beyond seeing diversity as a worthy goal, which it is. Given the growing crisis arising from the global security skills gap, adding women to the ranks of cybersecurity professionals is essential if we want to preserve our society.

History is filled with women who have played a pivotal role in the development of our digital society—from Ada Lovelace, the world's first computer programmer, to Grace Hooper, who created new ways to code, to Margaret Hamilton, who programmed Apollo's flight software, to Elizabeth Jake Feinler, who created the first Internet directory—ARPANET—along with a mostly female staff.

Two Fortinet employees: Rashmi Deshpande, Vice President Quality Engineering and Margarette Joven, Staff AV Analyst, discuss their professional backgrounds and how they led to a role in cybersecurity. They offer advice for other women looking to start or pursue a career in cybersecurity.

What does being a woman in cybersecurity mean for you?

Rashmi: Being a woman in cybersecurity today means oceans of opportunities, challenges, and a lot of scope for innovation. Due to digital acceleration, the threat landscape is expanding faster than ever. In less than two years, the pandemic has accelerated digital acceleration further in every aspect of life. And it has also increased cyber threats and bad actors. As a result, securing devices, data, and users has become increasingly important. This has led to a growing requirement for security professionals. However, hiring good talent is challenging due to the demand and supply gap. As per the  (ISC)² Cybersecurity Workforce Study, women only make up 25% of the global cybersecurity workforce today. Fortunately, this percentage is increasing as organizations focus on training and the conscious hiring of women employees. Adding women to the ranks of the cybersecurity profession is invaluable, as I believe women are highly intuitive, and this quality can make a great addition to any cybersecurity team, both from a development and support perspective. This is a good time for women to develop their skills to take advantage of the opportunity in cybersecurity and be part of the journey to build safe and secure cyberspace.

Margarette: Cybersecurity is a fun and unique industry, offering growth opportunities, exciting day-to-day tasks, and the chance to make a real impact on individuals, corporations, and national security. Many women may not realize this, but there is a considerable variety of avenues in cybersecurity careers that are fit for different personality types. There is an urgent need for women and men with the technical and soft skills and understanding required to combat persistent and malicious cyberattacks. I'm happy to be a part of it. 

What was your career path? What inspired you to pursue a career in cybersecurity?

Rashmi: After having worked for many years as a QA engineer and leading QA teams in enterprise-class switching, routing, and Wi-Fi, it was a natural progression for me to seek out the challenges that come from a career in cybersecurity. This field is so exciting and challenging that I see myself long invested in the R&D of cybersecurity products. With the exponentially increasing digitization of the world affecting every walk of life, the world is more digitally connected and more prone to cyberattacks. As digital acceleration continues, this will only continue to increase exponentially.

When the opportunity to work on InfoSec products arose, I quickly realized that it is an excellent field of research and that being able to contribute in my way to securing the digital world would be very fulfilling. This motivated me to pursue my career further in this field. Also, with very few women currently working in InfoSec, the gender gap further inspired me to work toward breaking down barriers. Hopefully, more women will be motivated to take up research and development functions in cybersecurity.

Margarette: My first job was in cybersecurity. When I started, cybersecurity was still a relatively new field. With cyber threats growing and data breaches by both local and international organizations increasing, I chose to pursue this path as I found it exciting and very interesting. And it still is! Cybersecurity is now one of the fastest growing sectors in the IT industry and one of the top skill areas to pick up. Cybersecurity is needed in every sector, whether retail, transportation, healthcare, finance, or government services. This allows you to work with a variety of businesses and immerse yourself in different industries.

What does your job consist of, and what about your work excites you? What is the achievement you are most proud of?

Rashmi: As VP, Quality Engineering at Fortinet, I lead teams responsible for validating the Fortinet products that are part of Fortinet's Secure Access Networking portfolio in the area of AIOps (Artificial Intelligence for IT Operations), application security, vulnerability testing, and LAN cloud.

At Fortinet, there is something new to learn every day. Over the last two years, our team has worked on five new products as part of end-to-end development, from the conceptualization phase to customer engagements. I look forward to going to work in a diverse, inclusive, and employee-friendly work environment every day. Fortinet is a tremendous equal opportunity employer and treats us like we are like a Fortinet family.

Fortinet also strongly believes in innovation. Fortinet is a leading innovator in cybersecurity, and I would say building a highly innovation-focused QA team is one of my most significant achievements. Over the last eight years, my team has generated numerous patents and contributed to Fortinet's success journey. I am very thankful to my team for all their support.

Margarette: My job consists primarily of training newer AV (anti-virus) analysts on how to analyze malware and helping them improve their skills. One achievement that I'm proud of is the training program I had a significant role in creating. This program has helped form the AV analyst team into what it is today. AV analysts play an essential role in cybersecurity. Part security engineer, part digital forensics expert, and part programmer, this crucial function provides in-depth intelligence and analysis about threats, including taking a close look at the tools and methods used by cybercriminals. By analyzing the malware used in an attack, new defenses can be deployed or refined as needed. The ability to reverse-engineer malicious code is paramount in an effective defensive strategy, and this is where a malware analyst brings value to the cybersecurity team. The cross between being a programmer and a cyber detective makes this an exciting job.

When it comes to progressing to a leadership role, what are the most important traits women must develop?

Rashmi: Organizations must invest in their employees. Recognizing, mentoring, and growing talent is one of the most essential traits for a leader. The trick is to identify the value of thinking outside the box. Women leaders should encourage other women to apply for training and positions within their company and give them opportunities to lead projects and teams. No one can get to the second or third rung of the ladder until they are on the first rung, which also requires you to act as a mentor. Apart from being a good team leader, leaders need to be equally accountable for their team's success and failure. Learn from failures. Effective delegation is another vital trait. A leader should be ready to take or give away responsibility when needed.

Margarette: Taking responsibility by taking ownership of projects and tasks, meeting deadlines, and enhancing your ability to solve problems are valuable assets to any company and could present you with senior leadership opportunities. Such skills show your tenacity and resilience and the ability to inspire confidence in the executive team and your direct reports. Another critical trait is being open to change as situations evolve to succeed through every business's ebb and flow.

How have you dealt with challenges throughout your career, and what would be your main advice to girls and women considering careers in cybersecurity?

Rashmi: Throughout my career, I have seen challenges as learning opportunities. I have learned from failures, tried new things, taken advice, and sought out support from my managers and colleagues. I have been fortunate to get good support from my mentors and team throughout my career. My advice to girls/women is to be focused on your goal. Cybersecurity is an ever-changing field due to a multitude of dynamics involved in the evolution of technology and the fact that bad actors are always ahead of the curve. It is also very important to be ready to learn new things and be proud to be part of securing the cyberspace so many rely on. On a personal front, accept that you cannot handle everything on your own. Seek help from colleagues, family, and friends whenever you are overwhelmed. As much as a career in cybersecurity can be challenging, it can also be very rewarding, both emotionally and financially.

Margarette: It's very common to get stuck when trying to figure out a problem. And it's important for girls and women to know that this is normal and does not necessarily mean that their skills are inferior. Just take a deep breath, break down the problem into manageable parts, and tackle one piece at a time. With patience, hard work, and determination, a solution will usually present itself. Even if you later find out that a solution isn't possible, you've learned a lot of things along the way, which will be helpful later on when you encounter the next big problem.

Tune in to a special edition of FortinetLIVE to hear more about women in #cybersecurity and fostering diversity. Read other employee stories from Fortinet: FortinetLife Perspectives series.

Find out more about how Fortinet's Training Advancement Agenda (TAA) and NSE Training Institute programs—including the Certification ProgramSecurity Academy Program, and Veterans Program—are helping to solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.