Trusted information is crucial in an industry where one wrong move stands between being protected and attacked. This is the heart of Rebecca Taylor’s position as the Threat Intelligence Knowledge Manager at Secureworks. In this episode, she sits down with Sherry Bevan to tell us more about her role, along with the interesting career journey that took her from studying English and Creative Writing to the cybersecurity space. Rebecca talks about the importance of having trusted and clean knowledge accessible to the right teams. What is more, she also shares some of the challenges she faced as a woman in the industry, offering advice for others as they step into their career in a male-dominated space.
Listen to the podcast here
Delivering Trusted, Clean, And Accessible Knowledge With Rebecca Taylor Of Secureworks To Celebrate National Cybersecurity Awareness Month
Let’s get into our episode. In this mini-series to celebrate National Cybersecurity Awareness Month, I’m talking to women about their careers in cybersecurity. I’m delighted to be talking to Rebecca Taylor from Secureworks. Welcome, Rebecca. Thank you so much for joining me.
Thank you so much for inviting me.
I’m delighted to talk to you. Rebecca is the Threat Intelligence Knowledge Manager at Secureworks. Let’s find out a bit more about her career journey. Perhaps to set it into context, could you start by telling us a bit more about Secureworks and what they do?
Secureworks is a cybersecurity leader. We focus on enabling customers and partners to out space and outmaneuver adversaries in a more precise way so they can respond to cyber threats and risks. It is achieved in lots of different ways by using things like cloud-native, security platforms and different intelligence-driven security solutions. That’s backed up with lots of threat intelligence and research. We’ve got a lot of large teams that are equipped with the best people in the world to help protect customers.
How did you get started in an IT or cybersecurity career?
The biggest thing about knowledge is that it has to be trusted.
For me, it was very much by chance. When I was 24, I was working in kitchen goods dealing with kitchen insurance for appliances. I didn’t know what my calling was. I’d studied English and Creative Writing at the University of Portsmouth. I was finding my feet. At that time, I received a phone call from Secureworks Talent Acquisition asking if I would be interested in interviewing for a personal assistant role. I jumped at the chance.
When I’m walking through that door the first time, I knew very much that I’d found an organization and an entity that could give me a great platform for growth and development but also an industry that was always going to keep evolving, one that was never going to go away. Over the last few years, I’ve focused on studying, getting as much exposure to the organization, IT and cyber as possible, making a footprint and working hard. I’m in this fabulous position where I’m their Threat Intelligence Knowledge Manager and counter-threat unit.
What exactly is it that you do on a day-to-day basis?
From a high level, what it means is that I’m responsible for ensuring that we ingest all threat intelligence to the best of our ability and that it’s standardized, maintained and accessible for those who need it. On a day-to-day basis, my role can vary quite a lot. It depends on what we’re seeing, what we’re hearing and what we need to ingest and work on but ultimately, I need to make sure that what we have is accessible, our knowledge is clean and it can be used by whoever needs it.
When you say that our knowledge is clean, what does that mean?
It’s been put in the correct format that’s accessible to the right teams, stored in the appropriate ways and can be trusted because the biggest thing about knowledge is that it has to be trusted. If you start letting knowledge seep through that maybe isn’t accurate, it can not only affect us internally. It could be as simple as a threat researcher is misinformed or it could go the whole hog and end up being that a customer ends up misinformed. That’s the one thing we don’t want to happen. To make it clean means to make sure that it’s accurate and trustworthy.
Thinking about your career, what’s been your biggest challenge?
For me, it’s been a mixture of things. Like a lot of people, my biggest one has always been self-doubt. I knew for a long time that I wanted to progress and do more but it took me a very long time to get in the headspace to believe I could and that I could do it. I relied on quite a lot of mentors in my organization to help get me into that correct and good head space. The second real challenge for me has been a lot about gender stereotypes.
I am a mum. I do have that label and I carry that label as a woman but I also want to have a career. I do have my goals and ambitions. I found that I do work in cybersecurity but I didn’t want to necessarily be in the gender stereotypical role in the cyber field. Breaking through that, being able to become more technical and hopefully, in time, become a specialist has been a journey for me but also breaking down gender stereotypes that maybe friends or family have held of what I should be like and what I should do has been a challenge as I’ve pushed through with my career.
There’s that stereotype of people who work in cybersecurity being geeky and very introverted people. It is the stereotype that we often see but to be successful in cybersecurity, you need to have strong interpersonal and communication skills.
The real beauty of cyber security is that it’s not going away and that it’s very present.
It’s a mixture of assumptions of what a person in cyber is or should be. There’s the weight or the vision that we carry of what a woman or a mum should be. It’s taken me time to bring those all together and decide, “I don’t have to fit with any of them. I can be myself. I can have a footprint that is made by me in the way that I want it to be.” It took time for me to own that and be confident with that. Also, to know that I was doing the right thing by me.
When we realize that we can go to work, be ourselves and bring our whole selves to work is when we start to make progress in our careers and have the biggest success. It’s getting to that point and that can be challenging sometimes. You mentioned the mindset and referenced Imposter syndrome. What was the biggest thing that helped you get over that?
For me, I started to explore not only mentoring but training opportunities. I joined this Releasing Female Potential Program that was run by one of our sister companies. By doing that, I changed my perspective of I can do more and that it is okay to want more, regardless of the fact at that point in time, I didn’t necessarily have any technical qualifications. It’s all about what you make it. I knew that I wanted to do more, could do more and needed to get to do more.
I bounced off of that program and found myself a good mentor. I’ve got three because they all offer me very different perspectives, opinions and support. Finding the right mentor for me that could help drive me, help connect me with people that maybe were more like me or that could appreciate what I was trying to accomplish. It all helped me to get to that point.
Thinking about cybersecurity, there are training and qualifications. I imagine that to be successful in cybersecurity, you’ve got to constantly be training and learning new stuff.
The real beauty of cybersecurity is that it’s not going away and it’s very present. Keeping abreast of what’s happening in the media, making sure that you’re reading up and seeing what’s happening in itself is a way for you to learn and develop. You can begin to see new ways like what may be threats are behaving, new risks changes, evolutions and all these kinds of things.
At least at Secureworks, you do get to learn a lot on the job. By having that exposure, seeing the threat landscape change and evolve and having access to the latest threat intelligence and metrics, you can learn as you go along. It isn’t necessarily about having these huge qualifications. It’s very much about being open to listening and learning as things change around you. Technical qualifications can support. I did English and creative writing so I had in no way any kind of technical background.
You can pick up stuff as you learn and it doesn’t have to cost you a fortune. There are so many free courses available. You’ll probably find as well if you have a mentor that you can do lots of training through them. If you pick the right ones, at least they can teach you what they know and share that knowledge. Whilst there is sometimes the need for training qualifications, it isn’t the be-all and end-all.
Thank you for explaining a bit more about that. It’s quite interesting that 2 or 3 people that I’ve spoken to have studied English or History and then have gone on to have a career in cybersecurity. I find that quite fascinating. I’m wondering. What’s been your proudest achievement in your career?
I have a few. I spoke about that Releasing Female Potential Program. That was a big achievement at a time when I needed it to flick that switch and get that drive to progress in my career. I’m also very proud of the fact that I have pushed myself. I have got 2 amazing points in my career but I also have 2 children and like a lot of us, I have gone through the pandemic too.
The cybersecurity industry worldwide is facing a talent shortage.
Having that career, having that identity that fulfills me, owning my ambition and having that drive is something I’m super proud of. If I suppose, take it back to my career, being the first Instant Response Knowledge Manager and the first Threat Intelligence Knowledge Manager is a real pat on the back for my organization that they do believe and trust in me.
What is it that you enjoy about the work that you do?
I’m in a lovely position where I confidently know that I am making a difference and that I am contributing to the cybersecurity community. That’s something that does mean a lot to me and is something I enjoy. I’m able to do conferences, write blogs and mentor. I feel like I’m leaving a solid footprint and a good legacy, which is important to me. I’m lucky as well that Secureworks is a remote-first employer. That means that 90% of us are remote workers. That is something I enjoy about what I do because I don’t have the pressure of having to commute or make sacrifices in terms of being there for my family. I can have the best of both and be as involved in my career and with my colleagues as I can be with my family.
What do you see are some of the potential barriers for women in cybersecurity or perhaps aren’t in cybersecurity yet but would like to move into that area?
The biggest barrier was the lack of women in high-ranking cyber positions. Sitting there knowing that I wanted more but not seeing necessarily that inspirational figure, I didn’t know whom I could look up to who maybe had a similar path or a family like me. Also, similar ceilings like we have. That is improving. There is more representation but I do think for younger people or those who may be looking to progress into STEM, it’s hard if there is that continued lack of representation.
I still think there’s a lot that needs to be done from a diversity and inclusion perspective. As a woman, I do have different needs from my counterparts. I do face different adversities and have different stereotypes and external demands, potentially to some of my other colleagues. There’s this whole space that needs to be explored to make cyber more inclusive but until a lot of these larger cybersecurity organizations start pushing and changing their D&I initiatives, there’ll continue to be that gap and barrier for people wanting to have a cybersecurity career.
Having role models in more senior positions, you often hear people saying you can’t be what you can’t see. We’re starting to see change but sometimes it’s slower than I want it to be. It’s good to see that things are starting to change. You’ve talked about potential barriers. What about opportunities for women in the sector?
There are a lot of opportunities. The cybersecurity industry worldwide is facing a talent shortage. It is something we talk about quite often. We need millions more people so the opportunities are very real. There are lots of roles out there. We only need to apply for them and believe in ourselves to make that application. In the same way within our organizations, there are ways we can be advocating and promote opportunities for women, things such as via our employee resource groups, newsletters, reward and recognition. There are lots of different ways to help women rise.
Another huge opportunity is all these sub-security courses that are available. There are loads of free ones that I have used like FutureLearn, which I massively recommend. For me, mentorship was a real game changer. Finding the right mentor for you can open up so many more opportunities and give you that platform to excel and find the career you’re looking for.
Something occurred to me while you were talking. There are certainly lots of opportunities. It’s for us to go and reach out to those opportunities. If women are reading this who are thinking about a career in cybersecurity, what would you say are the skills that they need?
It does depend. When people think about cybersecurity, they think it’s sitting behind a computer, knowing technical skills, knowing how to hack or code and all these things but that isn’t it. There are so many different types of roles in cybersecurity. There are marketing teams, finance, design and speaking opportunities. There are so many different facets to cybersecurity so you don’t have to fit a mould that maybe you’ve built into your head. If you want to apply, think about what you enjoy doing and find the cyber role that fits that. You don’t have to change yourself just because you want to work in cybersecurity.
Rebecca, thank you so much. I enjoyed talking to you. If people want to get in touch with you, you’re on LinkedIn, aren’t you?
I am, indeed. I’m happy to take any questions or help where I can.
Thank you so much to my guest, Rebecca Taylor from Secureworks. I’ve enjoyed hearing about Rebecca’s career and her thoughts about being a woman in cybersecurity. If it sparked a thought in your mind, let’s talk. An exploratory call with me gives you the opportunity to ask any questions you have about the work that I do with cybersecurity companies on attracting, developing and retaining your female talent. Get in touch with me by email at Sherry@SherryBevan.co.uk to book your call.
About Rebecca Taylor
Rebecca joined Secureworks in 2014, where she developed an immediate passion for cybersecurity. Rebecca quickly expanded her cyber acumen, moving into Secureworks first Threat Intelligence Knowledge Manager role in 2022.
Rebecca is primarily focused on the implementation of knowledge management processes and procedures for the Counter Threat Unit, the ingestion and management of Secureworks Threat Intelligence knowledge, and its associated quality, storage and maintenance.