PHOTOGRAPHED BY ERIC CASSINI, PROFESSIONAL PhotographeR FROM Paris TO Los-Angeles
According to my CV, I have 12 years of professional experience. I turn 36 this year. It’s bizarre because part of me still feels like a student as I am continuously learning and part of me feels like 350 because of all the unbelievable experiences I’ve been through, but my actual age is 35, and I have just progressed from a Regional ISO Lead Implementer to a Regional Information Security Officer. I’ve heard people say that your age defines your career and you should be so and so to start your CISO – Chief Information Security Officer – career. So, I’ll post on here my findings on what I consider helped me evolve through my professional journey. I also thought I’d share some lessons I’ve learned, because it’s International Women’s Day! #sharingiscaring
Being a leader does not equal having a lot of friends. Being in a leadership role is an interesting experience, especially in a multi-cultural environment.
Many female leaders have asked me or pointed out this consideration: “Do I need to be liked?”
The answer is no, you don’t. As a leader you can not be liked or “approved” by everyone. Having to put in place a #cyber #security programme that will need the collaboration of various stakeholders will define various tasks, and sometimes more work for some. It also raises some conflict of interest with for example the innovation team or the technical team. They usually have deadlines to follow, and I am usually the one who says “Sorry, you can’t go live, fix me first those critical and high findings”.
Said that, a major important aspect to be considered is respect. Your employees. must respect you as a female leader. They need to value your guidance and understand your advices. This does not mean “liking” you but knowing and appreciating your skills, journey and current position.
You need to follow your responsibilities and obligations towards the company. Do not let yourself being influenced by those who have a different agenda.
Don’t assume. Years of experience do not mean knowledge by default.
I have mentioned 12 years of experience in my CV. That said, those are JUST years. Everyone has a different path and lives things in a different way. Everyone has as well a different learning capability or learning pace.
In my CV, for example, I have not included that I was also a teacher in high and engineering schools. I was teaching electronics, mathematics, and physics. This experience taught me a lot more than anyone can imagine, including the fact that 17-years old are really hard to control! ? It does not seem to be directly relevant to my current career, but it is. I find my strength in my awareness courses and trainings, related to my teaching experiences and the pedagogical mentorship that I have had.
The other aspect related to my journey was – I have addressed this before – that I have been working a lot… A lot …. I have never had working-hours (Maybe slightly in the MEA). This might sound crazy, but I do love working … Because my work is my passion and I really enjoy it… When I was younger, I could program with Matlab (A numerical computing environment and proprietary programming language developed by MathWorks) for a few hours every day of the week, work in the afternoons in an insurance company (Sometimes also during the weekends) and deal with my small tutoring business during the evenings. I had at that time much more energy, I must confess…
I was doing also a lot of interviews during my career, and one thing came up every time – years of experience, diplomas and certificates are not an assurance of skills neither knowledge by themselves. People might argue with this statement but believe me I have gone through unbelievable interviews …. Including people with more than 20 years’ experience on paper in a field where they were unable to answer related technical questions. When I interview a professional cyber security, who claims to have “10 years of experience” managing cyber security projects, I don’t want such a person to give me a blank glare when I ask what you would do to address data transfer from one provider to another. I need that professional to clearly state a strategy or at least high-level considerations for such a change. I expect cyber security professionals to know what security practices are or have an idea, especially when it comes to managerial and leadership roles. And if they don’t know, then I’m not at all interested by their “X years of experience”.
I have also accelerated my learning with traveling for studies and business. Immerging yourself in a different culture every couple of years might be difficult but it is very rewarding. You meet new people, and discover new cultures, new working habits, and new lives.
Doing those things have taught me an immense variety of skills, and I felt like I was having different parallel lives, learning different roles and especially discovering new environments.
Avoid negativity as much as you can. In a male-dominated industry, where women represent a minority, you might face challenges. Those challenges are not unique to you and are not related – most of the time – to your skills, but conscious and/or unconscious biases. Most of men who have been around me, are absolutely trying to encourage inclusion and diversity. They will also realise their own unconscious biases and address them.
But, let me tell you more what I am especially trying to discuss here. On regular basis, I share on social media about my journey, feedback, and experiences. This can be great as it inspires and encourages other women, however it can also bring those who do not understand or do not want to understand. Trolls with negative comments, unbelievably mean attitude are hiding behind a screen, and because what I post is mostly #different tend to aggress me and prove a point. They do not try to understand the path, experience or career of the individual. They just assume due to their own insecurities that they must be right.
I do not respond. I block those. In fact, I learned to do that. I think it is very important for anyone’s confidence and self-esteem as well to avoid and block such kind of negativity within the social media or in real life, when possible.
Continuous small comments on social media or from your colleagues, or bosses can affect your metal health and push you even towards depression. Act on it as soon as possible.
I learned also that fighting bullying can be as simple as learning to laugh about it.
Failing is normal. Failing again is normal. Keeping going and trying harder and better is the right thing to do.
It important to learn from your failures and take risks to grow personally and professionally.
I have shared before that due to my overconfidence, I have failed my first attempt to pass the CISSP. What I have done afterwards? I took the book and learned, read and prepared for the exam ? !
The best success is the one that’s most difficult. I am not saying that everything needs to be difficult, however you must remember not being discouraged when a failure arises. Our society unfortunately doesn’t reward downfalls; thus, those are part of our lives. We do not need to mention one of the most known historical hardest failure before success – Thomas Edison – it took him 1000 tries before he successfully developed a prototype.
Many females in cyber security or other fields get discouraged by failure – the first rejection, the first exam failure, the first deception … Ladies, it is part of our lives, and if someone judges you on your failures, then pass and move on … This is valid if you continue and challenge yourself to succeed afterwards.
Our world is success-driven and is pushing individuals towards a standard success definition. Success is personal, as happiness.
Also, being wrong is an inevitable part of being alive. And yet, we go through life loudly asserting that we are right about almost everything – from our political beliefs to our private memories, to our cyber security strategy …
Evict the drama. Unfortunately, in our societies, we tend to link female and drama. Thus avoid any situation leading or increasing this bias. It does not bring anything constructive and does not help you with your personal and professional branding.
That said, it does not mean being speechless or do not fighting for your own beliefs, ideas and conceptions. Make sure that you are doing it the right way and do not focus on “bad” negative situations in your life.
Each morning when you decide to go to work, your attitude will either make people doubt your professional abilities or create trust in your skills, knowledge and professionalism.
What type of professional you would like to be?
Leave your own fear of success. After some online discreditation of women capabilities in the cyber security industry, you might be faced with your own fear to succeed and limit yourself.
The only person who fixes limits to growth is yourself. One very good advice that I have got through a leader in the finance industry who organized a women leadership dinner is the “non-negotiable”. Those help you define your position, value and get control over your life.
Success might bring change and often means a greater impact on more people. We frequently self-sabotage without even knowing we are doing it.
On regular basis, I do not know how my new assignment will work or if it will succeed. I try my best and always ask for feedback and mentorship. There is always a tremendous amount of planning and effort put into keeping my customers secure and resilient.
I’ve learned not to let external opinions define the value I place on my own life choices and values.
Ask. Recently I discovered Reconnoitre Scanner, and I would have done quicker and more efficiently if I got things that way along.
The lesson here would be asking around. Do not get scared by asking help to your peers. It will make your time more efficient and you will achieve greater results. No one knows everything. We learn every day.
Asking questions is the most effective way of learning. People who think that they know it all do not ask questions….
The asking comes as well handy when it comes to other professional areas, like new project attributions, promotions, salaries, etc. Male counterparts always ask about those very straightforward. Women tend to wait for it to happen. If you do not ask you might wait way too long.
Apologize for making a mistake. Even the most powerful and know leader has done mistakes. Some of the biggest mistakes in the history are:
- Turning down Brian Acton and Jan Koum for a job.
- Ordering trains that were too wide.
- Not buying Google for $1m.
- Misspelling a company name. More than 250 people lost their jobs when Companies House mistook a 124-year-old Welsh family business called Taylor and Sons for Taylor and Son – a company that filed for bankruptcy in 2009.
- The burning of the library at Alexandria.
Some of the good takeaways or steps when it comes to apologising within the workplace are:
- Be sincere.
- Take true responsibility.
- Be empathic.
- Don’t make excuses but provide a rational explanation.
- Suggest ways to make up for your mistake.
- Accept the consequences.
- Learn from it.
it to happen. If you do not ask you might wait way too long.
Delegate. I learned that I have very competent people in my life who care and want to be involved in my daily work and tasks.
Delegation is imperative for efficiency and development. The accurate delegation leads not only to the team’s efficiency, but also to the involvement of every team member, increasing everyone’s development. It also helps you as a female leader to bring and share the right values within the organization, including diversity and inclusion.
You are in charge of strategizing the next steps for your team, thus you need to delegate the daily tasks that are not within your scope to efficiently address those which are.
As a team leader, you possess the skills and abilities to coach your team members and delegate tasks to them so that they can evolve in their career.
Define Your Goals. There is no norm. Decide your life. You put the conditions and values. You decide how your life needs to look like and what you would like to achieve.
I have always been writing down my goals and trying even to putt them daily when I have a lot of tasks and achievements.
Make sure that your goals are:
I tend to write down highly difficult goals so I can achieve more. That is my strategy.
I hope this article is an inspiration for all of you out there, and I am wishing a HAPPY INTERNATIONAL WOMEN DAY IN 2019 !
Magda Lilia Chelly is the co-founder of a cybersecurity marketplace Responsible Cyber and an identity wallet Secucial. Both companies are based in Singapore, however Magda spends most of her time within her clients’ offices, as she is also a CISO On Demand. With her expertise, and technical background Magda provides a 360 degrees cyber security support for companies; from governance to incident management, she coordinates and builds resilient businesses. Magda’ latest two projected covered the roles of an ISO Lead Implementer for a Fortune 500 and a business information security officer role for a MAS regulated Fortune 500 company covering 13 countries in Asia Pacific.
Magda is currently based in Singapore, and constantly traveling around the World. She speaks five languages fluently and has a PhD in Telecommunication Engineering with a subsequent specialization in cyber security and a CISSP. She also was recently nominated as global leader of the year at a TOP 50 cyber security influencer globally, TOP 30 women leaders in cyber security, as well as TOP 58 Women In Cyber Security to Follow on Twitter and TOP 20 Cyber Security Experts.