LADIES TALK CYBER SERIES - APRIL SERIES
For the first edition of AiSP’s 'Ladies Talk Cyber’ series, we interviewed Sherin Y Lee, a specialist in one of Asia’s largest pure-play cybersecurity services firm about her perceptions of the industry and how we can encourage more women to enter the field. Sherin was the founder for AiSP’s Ladies in Cyber Charter launched in November 2018, and is currently serving in AiSP’s Executive Committee as Vice President.
How to be successful in cybersecurity field
In celebration of SG
Women
year,
AiSP’s secretariat decided it was timely to launch a series of
interviews of
female leaders across industries who fulfil high impact roles, and learn
about their journeys,
experiences and
insights
The initiative aims to shed some light on what it takes to make it in
this field. The interviews can
be source
of invaluable career insights as well as opportunities for those in the
field to get a deeper
understanding of
the industry, and how its leaders are innovating to disrupt the cyber
landscape.
Introducing women with a deep interest in cybersecurity
In our first edition, we sit down with Sherin, a marketing specialist
from a
Singapore headquartered pure-play cybersecurity services firm serving
enterprises in Asia.
Sherin is the Asia Pacific Head of Marketing, Brand and Communications
for one of Asia’s largest
pure-play
end-to-end cybersecurity service providers. As a Marketing Director,
Sherin is passionate about
bringing to
market new cyber technologies and knowledge that can help solve problems
in today’s digital economy.
She
currently spearheads cybersecurity brand marketing initiatives aimed at
capturing the audiences'
imagination
to achieve brand differentiation, as well as measurable results, for the
company’s cyber security
services.
What brought you to the cybersecurity industry?
Quite by chance, I began working in Infocomm technology marketing at a
local
telco several years ago. At that time, cyber marketing was just one of
my many portfolios — I was
handling
segment marketing for B2B services such as SaaS, data centres, cloud
among others. After learning
about
different technologies’ spaces, I got curious about how cybersecurity
plays a role in all these
different
areas. There weren’t many people who could answer my questions then, so
to satisfy my curiosity, I
started
volunteering in various cyber-related associations. With that, I got to
attend seminars and expand
my cyber
knowledge, as well as meet more industry professionals from the
different areas of cybersecurity.
I have always considered myself a marketing professional. What drew me
to take the job was not only
it was in
cybersecurity, but rather the type of projects I could be involved in.
And now that I’m in it, all I
can say
is, I find it incredibly interesting and meaningful.
The cybersecurity landscape is constantly evolving, and as organisations
digitally transform their
operations,
a huge amount of problems arises. Many of these firms are willing to
invest in people to give them
solutions.
These people are in a league of their own, and it’s great to be working
alongside such brilliant
minds. I
learn a lot from them. More than that, it’s also reassuring to be
working with a company that
provides
opportunities to further your education and development.
What were your defining moments in this industry, and factors or guidance that helped you achieve them?
I believe it’s incredibly important to have mentors and coaches. Many
assume
this should be provided by your line manager, however some of the best
mentors I've had have been
individuals
across organisations, in addition to my line managers. And a number of
them came from my
volunteering days.
Success is not achieved in isolation, and I believe the teams I have
worked with at work, as well as
in my
volunteering have been instrumental in helping me get to where I am now.
They bring a host of ideas
and
differing perspectives to overcome obstacles. There is always a lot to
learn from people around you.
Having a positive mindset has been essential. Having ambition, loving
what you do, being open to
change and
opportunity as well as being adaptable have been key for me. For
example, as technology evolves,
there’s a
need to continuously learn, stay up-to-date, and even make predictions
ahead of the latest
developments.
What is it that you love most about your role?
You can do marketing for any firm, for any service. But there’s a big
difference
between marketing day-to-day consumer goods, vs a topic like
cybersecurity. Crimes of today are
cross-border.
The typical espionage, criminality and the like have morphed to
cyber-espionage, cyber criminality
and so on.
Having the opportunity to contribute in the fight against such things
makes my work a lot more
meaningful.
There’s a lot of pride in working for a firm that only focuses on doing
cyber well. The company’s
responsibility ranges from helping C-suites identify their cyber
strategies and gaps, to designing
and
building complex secure-by-design infrastructures, up to being there for
clients for incident
response. It’s
these things that can help organisations take a pro-active stance in
their cyber defence strategies.
Being
able to contribute to that is fulfilling.
The marketing we do requires that we work with experts who share and
present ideas to board members
and
industry leaders, being able to influence decisions based on what we can
learn from incidents and
what we can
improve. These make our work constantly rewarding, and because things
are moving so fast, there’s
always
something to learn. Every day is a new day.
Prominent Cybersecurity trends:
What are some of the trends you have seen in the market lately, and what do you think will emerge in the future?
Staff’s awareness of technology and cyber risks has been on the
rise—from those
within the business to shareholders and board level—most probably due
the recent and big cyber
incidents that
we’ve seen. They realise that its everyone’s responsibility to recognise
a threat when they see one.
Therefore, there has been a greater shift and more importance placed on
protecting organisations
against these
risks. But this is just the beginning. My marketing team has a strong
role to play in driving this
education
via the content that we release.
The sophistication and skills of attackers are growing by the minute.
Previously, there were only
single
individuals, but now we’re seeing more organised cybercrime groups, and
even state-sponsored
entities, getting
the spotlight. To defend against their more advanced attacks,
organisations will need to
consistently develop
their skills.
The more complex an organisation’s technology ecosystem is (with IoT,
machine learning, chat-bots,
data lakes,
block-chain to name but a few), the more challenging it becomes to
address both inherent and new
risks.
Moreover, as organisations acquire more technology and use data for
business growth, there needs to
be greater
regulatory scrutiny and oversight on the exposure of their customer
information. This requires them
to place
greater importance on compliance. But as different geographical
locations impose varying set of
compliance
requirements, addressing them can be challenging.
Females in Cyber Security
What can we do to encourage more women to join the cybersecurity sector?
As an industry we need to continue working on education, awareness,
industry
perception, providing support and preventing barriers for entry.
In particular, to pass on key messages :
- Don’t be scared and to be willing to take on challenges.
- Find mentors and coaches who will help you come up with ideas on how to navigate the industry.
- Join associations like AiSP, ISACA, ISC2, attend their seminars and meet-ups, and read books to understand and learn from other practitioners. I’m very thankful to have mentors, both male and female, who have provided me guidance, answered my questions and pointed me in the right direction over the years.
- Have the willingness to continuously learn. This sector is constantly evolving. Every day there is a challenge and opportunity to learn something new. If you are naturally curious and willing to think unconventionally, this would be a great career move.
Final thoughts
How can you debunk the myth that cybersecurity is only for men? Is there any indication this stereotyping is changing?
I believe there is still more to be done despite the advancements
towards
creating more diversity within cybersecurity and the tech industry. It’s
not easy, but my female
cyber peers
are actively pursuing this goal.
The Ladies in Cyber Charter is very close to my heart – I founded this
charter because I believe in
the
importance of having access to women working and leading in senior
leadership in their chosen
fields. These
women form the backbone of confidence to future CEOs and CISOs of
tomorrow.
Don’t get me wrong, I’m not talking about highlighting women because
they are women. What we really
want to do
here is to highlight the good work produced by women in cyber. We’ve
seen women build their
companies, create
products, stand out in deep research, and even become trusted cyber
advisors on strategy. It’s about
the
talent, skills and accomplishments, not gender.
It’s only when we have a strong network of support, and do enough in
highlighting the amazing work
produced by
women in cyber, that we will get there. We’ve only just started, and it
is my sincere hope that more
women
will join us in this meaningful cause.
We are only as limited in our outreach to students, as the number of
women who sign up as mentors.