PERSPECTIVES FROM THE FIELD

The strength of Indiana is that we bring together a variety of perspectives from the plethora of areas that touch the field of cyber, especially through the Indiana Executive Council on Cybersecurity (IECC). Hence the name "Perspectives From the Field Series" in which we invite experts to discuss the real and challenging issues we are facing in the field and the proposed solutions from the experts to better the lives and businesses of all Hoosiers. In the latest installment of our series, Raymond Kirk shares his perspective on the importance of diversity in the world of cybersecurity.  This week’s blog is the first in a three-part blog series in celebration of Black History Month.

By Raymond Kirk

Each February, the United States, Canada, the United Kingdom, and other countries observe Black History Month. It’s a month-long celebration of the generations of black people who have elevated society by the way in which they’ve lived their lives. It’s also an opportunity for us to recognize that there’s still plenty of work to do in the name of promoting diversity and inclusion.

This moment reaches into every sector—including cybersecurity. Indeed, ISC2 found that minority representation in the cybersecurity profession was just 26%. Fewer than a quarter (23%) of those individuals held leadership positions in their places of work. That’s despite the fact that 62% of minorities in cybersecurity held a master’s degree or higher, ISC2 learned.

Camille Stewart, Google’s head of security policy for Google Play and Android, explained that such a lack of minority representation—especially in leadership positions—ultimately holds back the cybersecurity industry. She used the example of a critical infrastructure company to demonstrate this reality to Dark Reading:

If you are contemplating how to build resilient systems internally that will then affect a diverse consumer base – your critical infrastructure, whether it’s water or electricity – how that [then] affects the daily lives of people who live in predominantly white suburbia versus a black suburban area, versus an inner city with a diverse array of socioeconomic folks, [these] things will be different: The city’s ability to respond. The city’s ability to mobilize around whatever your mitigation is. The impact it will have on how the children in the home are able to connect to school. The ability for the family to have a generator to back them up should the electricity go out. The ability to combat food insecurity if you’ve lost water, or electricity, etc. All of those things change based on things like race and socioeconomic status. And if your mitigations don’t contemplate for the diversity of your consumer base, you have a problem.

Clearly, diversity is instrumental in creating a more secure world. But that raises an important question: how do we foster diversity in cybersecurity?

The State of Security reached out to me along with several other cybersecurity experts to ask us about our experiences in the industry. Together, our responses provide a roadmap with which we can honor Black History Month and make the cybersecurity industry a more inclusive place for all.

On the Importance of Mentors

Question 1: Mentorship is extremely important in the world of cybersecurity. During your career, who has helped open doors for you? Who has had a positive impact on your life and how?

Raymond Kirk, @Raymond_The_PM

When it comes to mentors and positive impacts, I believe it’s important to have these interactions early in life.

For me, I’ve been fortunate enough to have an extremely talented and impactful mentor from the time I was in high school: Charlton Hudnell, an economics and social studies teacher at the time, who had a way of encouraging me and my peers to strive to be positive members of society, understand the landscape which we would need to navigate and learn the importance of leadership through service.

These values have translated directly into my professional career. In practice, this meant doing work you can be proud of, staying hungry to excel, knowing your value and giving back. I trace all my success back to Charlton Hudnell and the potential he saw in me as a young man.

There is also De Cranford, a Program Director/Guru whom I admire. She has truly shown me how to take large organizational and life challenges and then break them down and execute! She is restless in holding me accountable for my continuous improvement both personally and professionally.

Then there’s Danyell Johnson, my former manager during my Technical Consultant role at Hewlett Packard. He was a great mentor; he encouraged me to get as much training and knowledge about as many products and technologies as I could get my head around. He saw potential in me that created the space and time for professional development from data center experiences to pursuing my path to a PM.

Finally, I had the pleasure of working with Roderick Thornton, a project manager, during our time implementing one of the largest global implementations of Salesforce that had ever been done at the time. He showed me how to communicate and gain executive buy-in, manage multiple stakeholders and deadlines, and make it all look easy.

Emanuel Ghebreyesus, @etg71

I think mentoring is more than just the work you do in your cyber security job/world. What you do in your work is defined by who you are as a person, how you have gotten there, what drives you to excel, your principles, your work ethics, your ambitions, what self-challenges you take on to enhance your ability get you committed to a cause, what you are trying to achieve and for what or whom you are driving yourself.

With this in mind, I would like to honor a few mentors:

• My father and father-in-law are and will always be my greatest mentors. It would be impossible to cover all I have learnt, continue to learn and their achievements here, as I would need to write a book each for them; however, I have included a summary below.

My father and father-in-law are both entrepreneurs with extensive experiences, who have taught me the world of business and how to be a successful businessperson by always knowing what you are talking about, always being prepared, being flexible to adapt to any situation and dare to dream the impossible. My father’s commitment to progress, to his family and to self-sacrifice to pay for and provide me with the education I had in UK boarding schools and tutorial colleges was something very few Eritreans have ever achieved. Please note that in the 1980s the average earning for Eritreans was ~£75/month.

It is not often, where you would find a family as complicated and/or as diverse as mine. Out of the 19 siblings my wife and I have, only the two youngest are not married or in a long relationship. We are a diverse family because we are married to and have children with people from multiple backgrounds (Eritrean, Ethiopian, Caucasian English, Black American, Moroccan, Caribbean, Mexican, Canarian, Spanish, Venezuelan, Kenyan, and French), who are accepted and are equal. Our children speak 12 languages between them.

• VPs and Directors (Richard Parkinson, James Stirk, Mike Dalton, and Ross Allen), who had different impacts on me.

Richard and Mike saw the potential I had coming from an IBM background, when I first started in cyber security at Network Associates. They continued to drive me to keep getting trained on the solutions and kept providing me with bespoke spiff incentives ($5K-10K/month). They committed to me, and I gave my word to never let them down when they needed me to bring in more business when they needed it most.

Ross Allen (aka “The Bull” and “Rossweiler”) built like a wall and scary as hell, but who drove me to excel with his carrot and stick approach

James Stirk: He ran the government team at Oracle for over 20 years before he joined Intel Security/McAfee at the same time as my second term. He knew everything about government business and drove me to learn something that didn’t about the UK Government. He recommended people to be my mentors, but I didn’t want anyone else because no one else knew more than he did.

Paul Rutland: My SE at McAfee, who took time to train me personally and continuously on all things that had to do with firewalls, IPS and IDS systems. This became my main business generators during my time at Intel Security/McAfee. I drove the business from $200K to $4.5 million a year.

Fareedah Shaheed, @CyberFareedah

I would not be where I am today without mentorship and coaching along the way. A couple of people that have been pivotal in my journey are Dr. Jessica Barker, Jane Frankland, Crystal Ro and Aprille Franks. There have been so many others; if I forget to name them, please charge that to my mind and not my heart. Each one of these people has opened countless doors for me and given me phenomenal advice for my life and career. Every single achievement the public sees can be traced back to my mentors’ and coaches’ continuous support.

Gabriel Gumbs, @GabrielGumbs

There is no shortage of people who have opened doors for me in this industry and throughout my career. A couple of those examples have been in unexpected ways, however. If I have to mention any one of them by name, it would be the person who hired me for my very first infosec job: Richard Shuemaker.

I had a very strong interest in security and had been involved in the local security community in New York City, however at the time I was a network engineer. Richard took a chance on a scrappy propeller head and helped me navigate not only the bits and bytes of the professional security world but also the business side. He was my first mentor; we became friends over the years, and since then, I have always felt a calling for paying it forward.

Ambler T. Jackson, LinkedIn

Mentors are key to success in any field, and they may be official mentors or unofficial mentors.  My professional journey has allowed me to work with several unofficial mentors, both men and women, who have helped open doors for me and shape my career in cybersecurity.  I’ve been fortunate to work with people at various levels of management and leadership who believed in me, provided growth opportunities, and gave sound guidance and invaluable feedback based on their own unique and diverse experiences in the field.

The feedback that I received always helped me plan the next step for my career path.  My peers and colleagues have also served as mentors by sharing relevant information and opportunities with me and encouraging me along the way.

Jihana Barrett, @iamjihana

I can honestly say that different people have poured into my success in this industry. I did not have any direct, streamlined mentorship. When it was time to study for a certification, I sought help from a particular group or individual when I needed to hone my knowledge and my skillset. When I needed more confidence. I turned to another group for leadership, and I guess guidance in that way.

So, it was not one particular person, but there has been guidance and mentorship throughout this entire process because there was no way it wasn’t going to happen.

Also, I think another reason why I didn’t have streamlined mentorship was because I didn’t see anyone that was my gender or my ethnicity doing what I was doing. They were engineers, or they did something else, but they didn’t specifically do cybersecurity.

And I remember at one point in my career really seeking that out. And then I realized I just had to create it for myself and then take up that charge, take on that charge to do it for the next generation.

So, that’s why I do career days at my high school. And when people want to talk about how to get into the industry, I offer a consultation on that because I know what it felt like to not feel like there was anyone doing what I wanted to do or anyone to ask those questions from. Because of that, my life and how it’s impacted me has just been phenomenal.

Honestly, I know that cybersecurity is my calling, and it’s what my purpose is in. How I present it and package it to others is how I have the most positive impact.

In part two of our special three-part blog series celebrating Black History Month - on Wednesday, Feb. 22nd, Raymond Kirk discusses the question of “How to Become a Better Ally”.