Q1. First of all – could you provide a short overview of Microfocus and the work and the objectives of the company? Which services and products do you provide and what are the target groups?
Microfocus is a British software engineering company with four main portfolios, Security, Risk & Governance, Enterprise Dev Ops, Hybrid IT Management and Predictive Analytics. So focusing on the security portfolio – we help our customers with Breach Defence and Privacy. Our solutions cover all phases of the NIST Cyber Security framework at depth but at a high level we help in three main areas. Applications – we help make applications better and more secure through our class leading Fortify application security testing solution. In Identity Management, we help customers secure; staff, customer and device identities with our NetIQ solutions making authentication and authorization, smoother faster and more secure. And thirdly we talk about data where we help in two ways, we identify the sensitive and personal information that matters most through e-discovery tools and we protect that data with encryption solutions protecting data at rest or in transit with Voltage Secure Data.
- The central subject of the CTF will be showcasing women talent in a technical field. What is your understanding of this approach? And why should organisations pursue this initiative ?
Capture the Flag is essentially a competitive technical challenge involving classic attack/defend or red team/blue team scenarios. This makes it not only accessible, fun and engaging but also it does actually represent real world challenges that we face in cyber security. If we can better understand, at first hand, the vulnerabilities in systems in order to defeat and attack them then we can use that same learning to build more secure applications at the start, making them secure by design and also understand how to better defend and protect them.
- In many organizations cybersecurity diversity is seen as a challenging area. What do you think reality is like? Where do you think the real challenges are?
Well it’s a fact that in cyber security we have both a gender gap and a skills gaps, in fact we are facing a critical global skills shortage of 1.8million roles by 2022. In this region, in Singapore there is a shortfall of between 2000 to 3500 resources over the next three years. We need to address that gap, together, as an industry by using all of the available resource pool and to me it just makes sense that in bridging the gender gap we help to address the overall skills gap. We are also competing with other disciplines from the emerging graduate talent pool so we have to evangelize to female graduates that not only is cyber security, engaging, exciting and rewarding but that they have a significant contribution to make.
I feel that there is a much stronger technical bias than there is a gender bias. For men to believe that women are less technically skilled or qualified based on their gender is wrong. To state that there are less women in cyber and therefore less technically skilled women in the cybersecurity workplace (in number) is accurate today but this should not be perceived as evidence that they are not capable of doing so simply rather evidence that they have not been encouraged and supported in doing so.
- Cybersecurity is sometimes just seen as a male dominated industry where women do not have a say. With your involvement, how do you believe are you creating a shift in this perception?
There are some myths around cybersecurity. One that it is all about attack and defence tactics, an ever evolving game of cat and mouse between hackers, attackers and defenders. To a degree that’s true but it is an overused stereotype. Second; that it is all purely technical. Sure, technical qualifications and skills will help but it is always about PEOPLE, PROCESS and TECHNOLOGY. The modern CISO needs a much wider skillset including; strategic thinking, communications, analysis, marketing, financial management, people management and customer focus. And its ‘EQ’ job as well as ‘IQ’ one. In those areas, women have excelled and performed sometimes arguably better than men.
If we look at the success and opportunity that women enjoy in the military today, both in Singapore and in the UK. Women are leading in areas such as combat engineering, artillery and intelligence analysis. For diversity to succeed there is a need for both gender students at early stage to be encouraged and interested into cyber security, including undertaking further infosec training through their studies or after graduation.
- From your perspective what are the biggest security challenges organisations face to hire diverse talent and women in particular?
Availability of the qualified talent. In my last role at NCC Group over some 70-80 hire decisions the successful hire percentage was higher in women that in men. Where that talent exists I would hire women in cyber security roles without reservation or gender bias.
- How did you start your career in cyber? What are the women role model who played an important role in your professional career ?
I came from a military background of security and intelligence in 1999 so I understood security principles at depth – I undertook training in Information Technology and networks, coupled with my security knowledge before completing an MSC in IT Security in 2002. I was hired into my first role in cyber security by and reported to a woman who led the service management function and went on to become CTO of a global manufacturing company. As a consultant for 10 years I have engaged with many CISO and CTOs and over recent years – women in these roles have become more numerous, more prominent and noticeably very effective.
- In that context – what do you expect the outcome of the CTF will be ?
I would hope that it inspires and engages this group that this activity is challenging intellectually that it both a technical analysis and problem solving activity but it is arguably just as much about humans and how they interact with and respond to technology – this is the really interesting aspect. There is an obvious demonstration of the power and reward of team work. I hope that they will be motivated to explore study and job opportunities in cyber security.
Follow us on social media:
|Micro Focus helps you run and transform your business. Driven by customer-centric innovation, our software provides the critical tools you need to build, operate, secure, and analyze the enterprise in a constantly changing world. Right now, that means powering your digital transformation with solutions spanning four key areas:
By design, these solutions bridge the gap between existing and emerging technologies—which means you can innovate faster, with less risk, in the race to digital transformation.