CGP 23 | National Cybersecurity Awareness Month

National Cybersecurity Awareness Month Special: Navigating The Unconventional Route A Cybersecurity Career With Emma Jones

This episode offers you the senior consultant of Crowdstrike, Emma Jones, to celebrate National Cybersecurity Awareness Month. Emma shares the unintentional move of her career in cybersecurity. Given that she has no background in the role, the transferable core skills she possessed allowed her to fare pretty well in the space. She enjoyed each moment of her journey and never looked back on her previous career. Like everyone else, Emma faced some challenges along the way in her career, but how did she deal with them? What insights could she offer to anyone thinking of taking the cybersecurity route? Tune in to this episode and learn more.

Listen to the podcast here

 

National Cybersecurity Awareness Month Special: Navigating The Unconventional Route A Cybersecurity Career With Emma Jones

In this mini-series, to celebrate National Cybersecurity Awareness month, I’m talking to women about their careers in cybersecurity. I’m delighted to be talking to Emma Jones from CrowdStrike. Welcome, Emma. Thank you so much for joining me.

Thanks for having me. It’s a pleasure to be on the show. Thank you.

Emma is a Senior Consultant at CrowdStrike. She’s going to tell us a bit more what that involves. Let’s get started and find out about her career journey. To set it into context, could you start by telling us a little bit more about CrowdStrike and what they do?

CrowdStrike, for those who haven’t heard of them, we are a global cybersecurity technology company. Our mission is ultimately to stop breaches. Essentially, they work with a whole range of products and services and strategies to protect customers and clients from the cyber threat and from the adversity that we face in that space. That’s a little bit about CrowdStrike. My role with them is based in the services part of the business. Essentially, I work with organizations across the UK, Europe, Middle East and Africa on a huge range of cyber incident response and readiness activities to help them prepare for the threat and increase their security posture and readiness.

Tell me how you got started in your IT career.

Overcome the imposter syndrome because otherwise, it would impact you personally and professionally.

Completely unintentional move into IT/cybersecurity. Actually, I went straight into cybersecurity. My previous occupation was in UK Law Enforcement. I was in a National Law Enforcement Organization working on a whole range of crime types, different threats, different teams, non-related to technology or cyber.

What happened was I went through a promotion process and they’re quite huge campaigns, I should say, where you apply for the rank or for the grade or the position rather than a specific role. You go through a campaign, they will assess and determine who’s suitable for that particular level, then at that point they will appoint individuals into the role across the organization and across the UK.

I went through a campaign and was successful in that campaign and was really pleased to hear that. It was at that point, I found out which role I was being posted into. Honestly, I expected it would be a role that I had done before with EMA, or had exposure to a crime type I was more familiar with. No one was as surprised as me to find out that I was posted to the National Cyber Crime Unit. I had a moment where I thought, “What on earth has happened here? There must have been a mistake. Why am I going into cyber? That’s not my background. I don’t have an IT skillset.”

I wondered what had happened in the process, but actually people had recognized transferable skills as being incredibly important in cybersecurity, not least of course because the industry is still fairly new compared to many of the areas of work and disciplines, but actually very fortunately the panel who decided recognized that I had some experience that would benefit the cyber side of the team. I found myself in a position there, which entailed creating and delivering and establishing a brand new unit for all UK Law Enforcement. It was all focused on prepared activities.

I had to start from scratch, learn about the threat, and then develop a team which would do a range of different projects from exercise and through operational learning all focused on cyber incidents. It was completely unexpected, but I’ve never looked back. I enjoy every moment of it. Here I am now in CrowdStrike in the private sector.

CGP 23 | National Cybersecurity Awareness Month
National Cybersecurity Awareness Month: Familiarity and awareness increase the effectiveness and the speed of your ability to respond.

 

I love hearing stories of people who have had an unconventional route into cybersecurity. I think it’s a very positive and powerful message to hear. You mentioned there that your campaign is you’re applying for a rank rather than for a specific role, and that somebody had obviously spotted specific transferable skills that you had. Would you mind sharing a bit more about what you believe those transferable skills were or are?

I would describe them best as core skills. Some people say soft skills, I’m not a huge fan of that. I think it can really imply that you are lesser than or it’s not as important. I like to say core skills. Essentially, I would say there are probably three areas. The first is communication. With that, obviously running a team that had a national unit, you would need to work with people in many different sectors, many different organizations, both public sector and private sector, and at different levels, operational levels, all the way through to senior leaders and strategic forum.

Communication absolutely was the top skill that mattered most in this space, so that you could essentially translate a conversation or a topic and achieve what you needed to achieve in that role. The second skill I would say is probably the leadership skills and strategic thinking. Many conversations I’ve had throughout my career, people have said, “Leaders and leadership skills are saved for the senior roles.” I think anyone can be a leader in your space. If you are developing something, if you were doing something novel or creative, or you have simply taken a step forward to help bring people together, then that absolutely means you are a leader, regardless of your role.

Whilst I was in a management and leadership position, I think those skills were deemed pivotal to be able to take an idea and a vision forward, and get people to understand why you were doing some and what the outcome and benefit for everybody would be in that space. Definitely communication and leadership. Finally, and I suppose it’s an element of communication, but it’s about listening skills and the ability to understand the situation that’s presented to you, and tailor and flex your style and ability and approach.

Obviously, there are many different views and ideas that you can take forward in your space that you need to be tuned in to what the actual requirement may be. Attention to detail and that listening ability, and then translating it into the next project. I certainly think those are some top skills I had to draw upon to my journey in that role specifically.

Comparison is the thief of joy.

As you described, they are definitely core skills that anybody needs in any industry and sector, but I think particularly so in the way that cybersecurity space is evolving at the moment, then those skills are in high demand. Tell us a bit more about what you do on a day-to-day basis in your role at CrowdStrike.

No two days are the same, as cliché as it may be. There are themes and similarities but lots of different conversations. There are a few paths on my role. The first is around working with our organization to enhance the incident response readiness. What I mean by that is getting prepared ahead of an incident to be able to deal and respond to that particular situation that they face. There’s a whole range of benefits in doing that. Not least familiarity and awareness, increase in the effectiveness and the speed of your ability to respond, given that time is always of the essence in these circumstances. That’s a huge focus for me is that preparedness initiative drilling down on some key aspects, whether that’s how you seek support in responding to an incident, what barriers you may potentially face, and how can we overcome them proactively.

The other aspect of my work is more strategic in the sense of supporting organizations in their broader security programs. Working with them to understand what keeps them up at night, what’s the biggest concern, what’s the priority, and how we can help them address those concerns and priorities. Security programs are always changing. They’re always evolving, very dynamic, and you can never do everything all at once.

It’s about having conversations with our clients across this region about what matters to them, and how best we support their effort so that they increase their resilience and readiness in that space. That’s broadly speaking of the day job. I’m really fortunate to have a couple of extra pieces of work that I can do in CrowdStrike relating to inclusion and thought leadership as well, which is fantastic. I’m very fortunate to have the time and opportunity in that perspective.

It sounds like you really enjoy the work that you do, which is brilliant. When you enjoy your work, it makes it so much easier. Since you’ve moved into the IT or the cybersecurity sector, what has been your biggest challenge in your career so far?

CGP 23 | National Cybersecurity Awareness Month
National Cybersecurity Awareness Month: To be inclusive with others, we can have thematic and strategic conversations around diversity and inclusion.

 

I would certainly say it’s around building confidence. We talked about how many people find themselves in cyber in unconventional ways, different routes and paths. I think that contributes to things like Imposter syndrome. Many people, if not everyone, suffer that, and it comes in peaks and troughs, but that was an area that I struggled with to begin with.

What comes hand-in-hand with that is building confidence and having faith and belief in my skillset and my abilities. That was quite difficult to begin with because when you would look around in cyber, it’s still fairly male-dominated. There’s still quite a technical focus rather than a core skill focused certainly at the time that I came into the industry. That sometimes can make you feel like, “I’m not quite like person X, I don’t have that knowledge of person Y, and I wouldn’t take that approach.”

Sometimes, you can then doubt your abilities and whether you’re in the right space and doing the right thing. For me, I had to overcome that because otherwise, you would be impacted both personally and professionally, and suffer in terms of not being able to really do and be who you wanted to be. I had to take the time to reflect and realize that I was in a position I was because of the skills and experience I had. They may have been different for other people, a different perspective, a different mindset or a different approach. I had to remind myself of that on a regular basis.

There’s a quote, “Comparison is the thief of joy.” That’s absolutely true. Remember the skills that you do have, and it’s not necessarily all about certifications. I came into the industry without anything like that. It was about lived experience and ability to apply knowledge. Realizing that position was fundamental to overcome that challenge. Don’t get me wrong, it can still be a challenge now, but it’s much more in check. I also have a wonderful mentor who I met through a Women in Technology program, who supports me create the safe space and has honest conversations, and helps me understand more about my potential and current value as well. That’s certainly been the biggest barrier that I’ve had to overcome.

It’s interesting you talked about a mentor because one of the other women in this mini-series talked about having a mentor as well, and how helpful that had been for her to believe in herself and to apply for the next role and to develop her career. It’s good to hear you talking about that as well. What about your proudest achievement? What’s that been?

If you wait until you feel ready, it’s usually too late.

This is always difficult to talk about. It’s not a question people ask one another so often. For me, I was nominated for a Global Women In Tech Award. That means a lot to me because it focused not just on my work in cyber incident response, but also predominantly about the work I’ve done for inclusion and inclusive practices with incidents.

I would say I’m probably most proud of it because it was the results of the work that I did a few months ago with the forum of incident response and security team. I was selected to speak at their conference. I thought about what we can do to be inclusive with them. For me, a lot of conversations and a lot of narrative, quite rightly, is always about thematic and strategic conversations around diversity and inclusion. Sometimes, those in teams and every individual every day might not feel that relates to them directly.

I wanted to take a moment to speak to those individuals within teams within the global forum to say, “This is what we can do as individuals and actually make it specific real examples, bringing it back and relate for their daily work. That was a fabulous opportunity for me to bring two topics I love together, and a wonderful moment to hear about the nomination as well. That’s where I’m at in terms of proudest achievements.

You’ve done a lot of work around inclusion and representation. What do you see are some of the potential barriers for women working in this sector?

The most prominent barrier at the moment is a lack of representation of women in two areas. The first in senior leadership roles and the second in technical roles. The industry is very vocal and passionate and supportive of having diverse representation, having women in the workforce. There are conversations about how cyber is not just technical, so women in roles that are non-technical and that are outside of the day-to-day hands-on keyboard activity, and they intersect with cyber, was certainly getting there and recognizing that and bringing women into the sector in that regard.

CGP 23 | National Cybersecurity Awareness Month
National Cybersecurity Awareness Month: Choose opportunities that you think will be best for you to support your interests in that area.

 

When it does come to senior leadership and technical hands-on keyboard positions, that is where we lack the visibility and representation. It’s important for me because we want to feel like we can have a career path and that we can do something. Everyone likes to see someone role model that opportunity. Without that can make it quite a challenge to showcase and explain to individuals and to women what a great path this career can take you on.

You’re right. There are a lot of organizations that are actively wanting to improve diversity and increase inclusion, but it’s not having those role models at the senior levels and in the technical areas. There’s that quote, “You can’t be what you can’t see.” The more we have those role models, then the more it becomes a snowball effect. Any top tips for anybody who wants to get into cybersecurity via a conventional or an unconventional route?

There are many, and I’m sure you’ll hear some fabulous tips from all of the guests on this mini-series, but I think there are two. The first is to leverage what’s out there to support women. There are amazing networks, free training programs, and I mentioned the Women In Technology mentoring program that I joined a number of years ago. There’s so much out there, so just have a look, make the most of it, choose opportunities that you think will be best for you to support your interests in that area. You don’t need to be in a cyber role to join any of those. You could just be thinking about IT and tech position. Definitely leverage those opportunities. There’s more now than there’s ever been before.

The second tip I would have is there’s no better time than doing it now. Both for those reasons around the opportunities, but also because someone once said to me that if you wait until you feel ready, it’s usually too late. I completely agree with that. Taking a moment to leap into a new opportunity or just signing up to a program or a training course. Even if it doesn’t fully fit with what you’ve got going on right now or if you think, “I need another six months and then I’ll be ready,” just do it because something will always come in the way. That’s my main tip and something which stayed with me for my entire career so far.

I love that piece of advice. I think it’s so true because so often we put off doing things because, “I’m not quite ready or I don’t quite have the right experience yet,” then you can look back later and think, “If only I had done it sooner, if only I’d just taken up that plunge.” Emma, thank you so much for joining me. It has been interesting to hear about your slightly unconventional route into cybersecurity, but I think that’s a very positive thing to hear. I’ve loved the tips that you’ve shared as well. If people want to get in touch with you, I guess LinkedIn is the best place to do that, correct?

Yes, absolutely. Please reach out. I’m always happy to provide pointers and advice on joining the sector and where to leverage those opportunities.

Thank you so much, Emma, for joining me. We’ve been reading about Emma Jones talking about her career as a woman in cybersecurity. If there’s a spot of thought in your mind, let’s talk. Let’s talk about any questions you might have about the work I do in cybersecurity companies on attracting, developing, and retaining your female talent. Just email me at Sherry@SherryBevan.co.uk to book your free consultation call. Thank you, Emma.

Thanks. It’s been a pleasure.

 

Important Links

 

About Emma Jones

CGP 23 | National Cybersecurity Awareness MonthEmma is a Senior Consultant with CrowdStrike, who works with organisations across the UK, Europe, Middle East and Africa on a range of cybersecurity incident response and readiness initiatives. Alongside her day job, she is passionate about fostering inclusion and championing diversity, and is involved in multiple associated projects.

CGP 26 | Profit For Purpose

National Cybersecurity Awareness Month Special: The Profit For Purpose Mission In Cybersecurity With Dr. Jacqui Taylor Of Flying Binary

The cybersecurity career path appeals to women because it is purpose-driven. But most of technological innovation is driven by profit. Dr. Jacqui Taylor believes that the best of both worlds can be combined in what she calls a profit-for-purpose model. As the co-founder and CEO of Flying Binary, Jacqui is on a mission to create an inclusive technological future for everyone, and she believes the profit-for-purpose is the way to do it. In this conversation with Sherry, she explains how she made her way to a cybersecurity career and the massive role she’s now playing in detecting and fighting bad actors, including in what’s widely-considered to be the world’s first cyber-warfare history, which is currently underway in Ukraine. She also explains why the cybersecurity space is especially conducive to inclusion initiatives and how women and other underrepresented sectors can start their career path in the industry.

Listen to the podcast here

 

National Cybersecurity Awareness Month Special: The Profit For Purpose Mission In Cybersecurity With Dr. Jacqui Taylor Of Flying Binary

In this mini-series to celebrate National Cyber Security Awareness Month, I’m talking to a range of women about their careers in cybersecurity. I’m delighted to be talking to Dr. Jacqui Taylor. A very warm welcome to you, Jacqui. Thank you so much for joining me.

It’s great to be here with you, Sherry.

I feel very honored to have Jacqui as a guest and there’s so much I could say about her. She’s been voted one of the most influential women in UK technology. One of the most inspiring women in cyber. She’s been awarded an honorary Doctorate of Science and recognition for her international science work. There’s so much I could say.

In 2016, she pivoted her company FlyingBinary to meet the challenges of Web3, metaverse, and the industrial internet of things with spectacular results. Let’s jump right in to find out more about Jacqui’s career journey in the cyber world. Jacqui, I know you’ve been involved in technology in cybersecurity for a long time, but how did you get started?

I was due to take a management role in the UK’s post office and my mother took very serious ill and ultimately died in a few months. My whole career was upended because I had done an internship at a local aerospace engineering company. They came to me and said, “We can support you. We can support the family.” That was helped by the fact that my father was one of the directors, but they saw what I’d done as an intern and were keen to keep me.

I went into that and that was my start in aerospace engineering. It all went swimmingly well until I qualified. My dissertation was at a new jet engine technology to reduce the noise pollution in our cities and the first aircraft off the production were for a Middle East client. As a female engineer, I was not somebody suitable to run that.

My managing director said, “I wonder what will happen if I put an aerospace engineer into the technology department.” Then the answer was nothing because I was horrified by what I found. The long story short was, effectively, that was the beginning of software engineering for the aerospace industry because we needed to put engineering at the core of what we did because otherwise, planes would fall out of the skies, and it wouldn’t be a good thing. That’s a subtle piece that I did in terms of an industry intervention to solve the noise pollution of our aircraft. It’s something that has been a thread throughout my career.

How did you get started specifically in Cybersecurity then?

As a technologist, it’s something I have been interested in because it’s out there. It’s that societal piece. I have been a white hat for some time and I have worked with many people to do many different things. FlyingBinary’s mission is inclusion, leave no one behind. We firmly believe the future’s female and that the GDP growth that an inclusion agenda drives because I have done the assessment for 60% of the world’s GDP, so it’s a very powerful agenda.

Everything we do for the government across the world has a cyber component. We are a cyber essentials company using the national cybersecurity center accreditation, but that wasn’t our focus. Our focus was building technology for Generation Z or until I spoke at Davos in 2019 Generation Alpha and to unlock their talents for the world. We knew that technology could be leveraged and be an enabler and we were building that deep technology.

The websites that we pioneered that I got the honorary Doctorate for was the foundation of our engineering background because my cofounders are electrical engineers. The combination of that science, pioneering science and the engineering background gave us an offering that hadn’t been seen before and it’s still unique across the industry.

I created the blueprint for Europe. I started my work in 2014 as an independent advisor to Minister Calvin’s office. I had the opportunity to create the blueprint for the future of Europe and for the industrial internet of things. That’s when we are all connected up and humans and robots. The day I did that was a major day in my life. I’d written my second book. I was there to present that work. It was the day that I had to come home to the UK.

I had to be on the last Eurostar train from Brussels and they guaranteed that for me. At 5:00, the doors opened. The men with guns arrived and said, “Which one of you is going to London?” That was the day that Paris was attacked. The reality of it was the technology we’d been building to create that societal intervention was also technology that the criminals didn’t have access to that allowed us to see what they brought to.

I came home on that Eurostar. I did my intervention with the high commissioner of Bangladesh on Saturday in London. We got back on that Eurostar on Sunday. Having pivoted the company to be accounts terrorism company and deploy that technology to safeguard us all against the terrorists, drug traffickers, and people traffickers. The reality of it was we had unlocked the societal piece, but there were those within society that were determined to destroy it.

800 people, 16 companies of what we built up far, down to 200 people, 6 companies that moved in to cancel terrorism agenda. Now up to seven companies because we have added something. That was around changing the way other people looked at technology, which was profit-driven. How do you make money out of this tag? To something that for us was purpose-driven, but it was with profit. It was a profit-for-purpose agenda, and that was the day that began and that caused me to look at everything in the world very differently.

Particularly what cyber was going to mean to us in the future, given the criminal activity that we had uncovered and why that was a key change in our whole industry, and then what we were going to do about it. We have been in that domain ever since. I have been in working in Ukraine since 10th of February, 2022 and we are in our seventh month now and the first ever cyber warfare that the world’s ever known. We will stay here. Our world has gotten more dangerous since that day on the 13th of November, 2015. FlyingBinary’s mission is inclusion but in a cyber safe way.

It’s very interesting that you mention this societal mission, this profit with purpose, because for lots of women, that appeals having a career with purpose. It seems to me that cyber security fits that brief. If you are working in cyber security, in very simplistic terms, it’s the goodies versus the baddies. If you are on the goodies side, then it fits that career with purpose that a lot of women want. I wondered how you feel about that.

It’s very interesting. It’s why I say the future’s female because we are able to look in a wider perspective as females. I want to stress one thing. I might be an engineer and I can spin you up some tech of whatever you need out of the top fifteen influential women in tech. Both Poppy and I can still do that. The rest of the women are guarding that agenda and are moving it forward.

It’s not a technical agenda cyber. It’s a multifaceted industry. Since the 13th of November of 2015, we have changed the way we look at it. When I stood on stage at Davos in January 2019, I articulated that all we needed was one event that we call a Zero-day Exploit in our cyber world. One event that would transform everybody’s view of what our industry was.

At the time, when I was speaking on stage, I was imagining because I knew they were under million children not vaccinated for measles in the US. I was imagining a measles epidemic. That would sweep across America and we would lose our children because we didn’t have a holistic view of what was happening, and that measles, once it’s ripe, as we find in other countries, just sweeps across the country.

I didn’t know that was going to be a Coronavirus. I was using that example because one of my colleagues from NATO in the audience challenged me. It’s so like, “What, Jacqui? What’s this Zero-day you imagine?” That’s what I said. That’s what happened and 1 billion more people came online, which gave us in our industry a new perspective on what cyber looked like.

We could no longer deal with a threat. The threat was there and it was omnipresent, and now we had to look at risk. That was where the delivery of the Empathy Economy technology. Profit-for-purpose is a new business model, but the overarching agenda is the Empathy Economy, which literally takes that original cyber view of saying technology is in the sharing economy. You get a premium model. You get this for free. You got to pay for that.

That has created the leaky bucket that I was talking about at Davos and the Empathy Economy is reimagine technology using deep tech to change the way we look at how we leverage technology. That profit for purpose and I find for many men, it’s not a female agenda, but the fact that what you are doing creates impact. What you do every day, what I do every day and what we all do in our industry is we do the work we do in order to create the world we all want to live in.

We do the work we do in order to create the world we all want to live in.

I’m talking to Sherry now when we are literally talking nuclear war or we are not talking any of that. Let’s say the chief protagonist is talking about that. We are all in our industry working towards a world we want to live in. That profit-for-purpose model has resonated hugely in the sense of that has to be the way technology is leveraged.

It’s not for its own rights. It’s not because it’s geeky. It’s not because it’s technically interesting. It’s all of those things, but what purpose does it have? What does it enable? What can we create with it? That’s where the profit-for-purpose sweet spot is. That’s unusual in our industry. Lots of great debates on it, but the societal approach is the underpinning piece of that, and the fact that we can all create the world we all want to live in. Its impact and purpose-driven.

What I find so fascinating about cybersecurity is when you are talking about Coronavirus, for example, and the way that pandemic spread. What I find quite fascinating about the cybersecurity in industry is that the biggest challenges it’s faced or the biggest is it’s overcome that we don’t hear about them because we’d be too scared if we knew everything that people who are working in information security and cyber security. If we heard everything that you’d tackled and dealt with and shut down. I’m sure we’d all be feeling a bit more anxious and nervous. I find that aspect of it. You are doing something with purpose, but it’s not something you can necessarily go and publicize.

One of the things that we say to our engineers is very much, “You’ll be zero to hero. You’ll be the most famous person that nobody ever knows.” If we are successful at what we do, you won’t hear from us. It’s very interesting. I was running an event about 25 minutes after I’d received the Russian translation about what Vladimir Putin had said. I said to them, “Who’s panicked here?” Everybody said, “No, because we are with you. You are not panicked. We are not panicked.”

CGP 26 | Profit For Purpose
Profit For Purpose: As a cybersecurity engineer, you’ll be zero to hero. You’ll be the most famous person that nobody ever knows because if you’re successful at what you do, no one will ever hear from you.

 

The thing about it is we are susceptible to what we hear. We don’t question the providence of what we hear very much because in the sharing economy. It’s a free resource. I always say the thing about that is that anything that’s free is an opinion and opinion is the lowest form of knowledge, but we consume that on a daily basis. Most of us.

The reality of it is because of that, we are affected by it. That’s because, from a neuroscience point of view, that’s how we work. Our input determines our experience and, therefore, what we create. It’s deliberate that we don’t say that. Not because we are trying to keep secrets from you, but because we want to make sure everybody else can get on with what only they can do.

We do this as cyber specialists, but then we know that enables you all to do what you are doing. For those that join our industry, that’s one of the biggest motivators. We unlock a society that allows people to imagine a completely new future. We are quite happy with that agenda because, in our own world, we are not in it for the ego.

That for-profit approach to this is where perhaps that ego piece has come in. Once you attach purpose to it, then effectively, we are all contributing the key differences. It’s competitive in the sharing economy. In the Empathy Economy, it’s collaborative. We all contribute and between us, we envisage and we build that new future.

To be honest with you, it’s a fascinating place to be and there’s absolutely room for everybody. I’m visually disabled. I’m also neuro-diverse. The world’s a hostile place to me before I start, but then that’s the perfect place to me to be in a hostile world. Dealing with other people who don’t have my learning differences and don’t have my approach in the world. They can’t outrun me because I don’t think the way they do.

I think that’s the thing. Everybody has talents. There’s a place for them in our industry. The first ever cyber warfare since 24th February 2022 means that those opportunities got bigger and interesting because so many people are now saying, “Even if I’m not in the industry, I need to take account of that.” I have got something to give to Sherry as a download because you’ve met me by Sherry. I will give you a download of what we have done in the World Economic Forum. I will tell you about being cyber safe and even if you don’t join our industry, how we are looking after you and also how to keep your home safe. What’s the most attacked device in your home and it’s not what you think?

There is a place for everybody’s talents in the cybersecurity space.

Thank you so much, Jacqui. That’s much appreciated. There is so much that we could talk about in cyber security. It’s one of those all-pervasive topics. It’s everywhere, isn’t it? Cybersecurity now in the same way as technology is everywhere now. We were talking earlier, before we started, how manufacturing companies, for example, are so much more technology-driven than they were decades ago. What do you see as being the real opportunities for people joining the sector, but in particular for women joining the sector is what I’m most interested in?

As an industry, certainly in the UK, we have repositioned during the pandemic because so many people came to join the efforts of what we were doing and we were given advice and were bringing people into our world that caused us to think again about career paths. We are looking for something that we are always going to use technology. That’s only going to be on the increase, but how do we use that inclusively? We need to perhaps take the biases of what we do now and make it a more inclusive agenda.

The thing that I love about it, the young people, I was advising a young lady who’s getting ready to do internships on this. She was saying, “How did you choose?” I said, “Don’t choose. Just start because it’s all laid out for us as women.” As we are purpose-driven and because we have a more holistic view of the world. I would argue more of a societal view because of the roles that we play.

The hardest thing is how to choose, and I always say, “Just start. Just pick the piece.” Perhaps aligns with what you are doing now, and then take it from there. The one thing that’s perhaps different about our cyber world that perhaps you wouldn’t find in any other career path is non-ecstatic. The criminals never tell us what they are going to do tomorrow. What we have to do tomorrow is always different.

CGP 26 | Profit For Purpose
Profit For Purpose: The cybersecurity career path is non-static. The criminals never tell us what they’re going to do tomorrow. So what we have to do tomorrow is always going to be different. And that means you get to make your own career pathway.

 

For that, that means you make your own career pathway. You pretty much can choose and tomorrow is always going to be more interesting than today. Every time we shut something down, understand what they are using, make it inaccessible, they will find something else. Then that means we are the real problem solvers to say, “Now I’m going to evolve what I do.”

The fact that there are no days the same means that any part you fancy doing has a role for you, whether it’s within our sector directly like in FlyingBinary or within like we were talking about manufacturing. The cyber piece is because we move to the industrial internet of things where everything’s connected. The cyber response becomes very different.

There’s unlikely several years from now that anybody reading this won’t be in some way involved. Whether you are in the midst of what we are doing and helping pioneer the next steps, that’s a choice. If you wanted to tell people about what we are thinking about and you wanted to share what’s going forward, then this show is great because effectively, you can share this show and say, “It’s going to be all of us, so do we want to know more?”

We are curious as females. We love the idea what’s that about. I want to understand that a bit better and it’s not scary because everything we all do makes the world a safer place. That’s why I turned that on its head and was interested to hear the pioneers I was talking to. We are not scared because you are here and you are quite calm.

Given the news we have had, I’m quite calm because I know that as a group, community, or as a collaborative force, we won’t be outsmarted. All of you reading may welcome to join us and enhance that purpose. I’m so confident it will be where I am and how exciting that we can design the world we want to live in because the technology allows us to do that, and the cyber response is a wrapper around it all.

CGP 26 | Profit For Purpose
Profit For Purpose: It’s exciting how we can design the world we want to live in because of technology. And the cyber-response is a wrapper around it all.

 

I love that expression. Don’t choose. Just start. That’s perfect for anybody trying to break into the technology or into the cyber security sector. Into any sector that you are trying to break into, just start because then paths will open up for you. Getting started is something I often say to people. Just do it. Just get started. Don’t dither. It’s never too soon. Never too late. Before we finish, Jacqui, I love talking to you and find it fascinating, but what’s your top tip for anybody who wants to know more about cyber security?

There are lots of resources out there, but it’s the people. You’ve got other cyber specialists. I count myself and that around this show. Find out more about what we are all doing. You’ve got, however many people you’ve got in this series. You’ve got immediate connections. We are all very open to talking about what we do. We put resources out. I predominantly put cyber resources out on LinkedIn because that’s where my community of businesses look to consume that, but we are all very approachable. We are all of us quite enthusiastic about what we do and why creating impact with the work we do is so rewarding.

Ping us, interact on a post, ask some questions because we know that effectively, it’s all of our responses that collective. The one thing we can guarantee is community defeats terrorists, drug traffickers, and people traffickers. Being part of that community, connecting with us all, asking questions, and reading the rest of the talks on this series. You are part of us because you are reading this and then you are part of the change we will make across the world. That’s my top tip. We are very approachable and very enthusiastic and just ask.

Community defeats terrorists, drugs traffickers, and people traffickers. And so being part of the community, connecting with cybersecurity professionals, asking questions, and listening to talks makes you part of the change that cybersecurity makes across the world.

Thank you so much to you, Jacqui. I have enjoyed talking to you about your career and your purpose mission. That is absolutely fascinating. I could go on talking for hours, but we won’t. For those of you who’ve been reading, I hope you’ve enjoyed this episode. More episodes on the show at SherryBevan.co.uk. If it sparked a thought in your mind, please do connect and let’s talk and book an exploratory call with me to give you the opportunity to ask any questions you have about the work I do with cybersecurity companies on attracting, developing, and retaining your female talent. Email me at SherryBevan.co.uk to book your call. Thank you so much, Jacqui, for joining me.

It’s been a real pleasure. Thanks for reading, everybody.

 

Important Links

 

About Dr. Jacqui Taylor

CGP 26 | Profit For PurposeAs #15 Most Influential Woman in UK Technology and 21 Most Inspiring Women in Cyber Dr Jacqui Taylor was awarded an Honorary Doctorate of Science in recognition of her international web science work. One of the 250 Founders of the UK’s Digital Economy, in 2016 she pivoted her company FlyingBinary to meet the challenges of Web 3.0, the Metaverse and the Industrial Internet of Things (IIoT) with spectacular results.

CGP 9 | Imposter Syndrome

The Impacts Of Imposter Syndrome On The Gender Pay Gap And What To Do About It With Clare Josa

Imposter Syndrome is already an issue for leaders, but the stigma imposed by gender only amplifies it. This can manifest itself in your organization in many ways, one of which is through the gender pay gap. Today, joining your host Sherry Bevan is the leading authority on Imposter Syndrome in the UK, Clare Josa. She speaks on her landmark research study about Imposter Syndrome to clearly define the phenomena and its impacts on the gender pay gap. She also discusses concrete examples of how it affects employees and leaders in the workplace. Plus, Clare shares tips for companies on how to be more proactive in dealing with Imposter Syndrome to promote an equitable workplace and empower its workforce. Tune in to this insightful discussion to learn more!

Listen to the podcast here

The Impacts Of Imposter Syndrome On The Gender Pay Gap And What To Do About It With Clare Josa

I’m excited, because in this episode we’re exploring how the imposter syndrome affects your gender pay gap. I’m delighted to be talking to Clare Josa. She is the UK‘s leading authority on imposter syndrome. She’s the author of eight books and an expert in the neuroscience and psychology of performance. Her original training as an engineer specializing in Six Sigma and Lean manufacturing means her inspirational approach is grounded in practical common sense, creating breakthroughs, not burnout. Naturally, we’re going to be talking about imposter syndrome and I hope you get something valuable from this to help you close your gender pay gap. Clare, welcome. Thank you so much for joining me.

Thank you so much for having me on the show, Sherry.

I’m delighted to have got you on because you’ve got so much experience but I’ve thought for those people reading, who maybe don’t know what we’re talking about when we refer to the imposter syndrome, perhaps you could start by giving us your definition of what it means.

Imposter syndrome is the secret fear that people are going to find out that we’re not good enough, that we’re faking it, that they made a mistake hiring us, that we don’t belong. It’s something that keeps us awake at 3:00 in the morning. I often define it with my clients, my students and my readers as the secret fear of others judging us, the way we’re judging ourselves. It’s different to self-doubt. What we found in the 2019 imposter syndrome research study is self-doubt is about what we can and can’t do. It’s about confidence, skills, and capabilities. Imposter syndrome is about who we think we are. It’s down there at the identity level, much deeper. Somebody running self-doubt might think, “I messed up that presentation.” If you’re running imposter syndrome as well, you’ll think, “What if they find out I’m not good enough?”

It’s that difference between who you are and what you think about yourself, your confidence in your skills and your experience.

I talk about the imposter syndrome gap as being the gap between who we see ourselves as being and who we think we need to be to do, achieve something or step up for a goal because sometimes we can run. That’s the self-sabotage of imposter syndrome kicking in. Sometimes we can’t. We build over that gap, what I call the bridge of coping strategies. How will I succeed despite imposter syndrome? It takes huge amounts of energy. It causes anxiety. It means that we’re hypervigilant, that’s fight-flight-freeze response is constantly engaged, looking for threats. We can cope most of the time but if something major comes up like pandemic, working remotely from home whilst juggling educating children or having to handle being the only one in the office when everybody else is remote. This thing can mean the previous dormant imposter syndrome comes out to play with gusto.

What led you to become an expert in this area?

I started out in Mechanical Engineering. My Master’s degree was in Mechanical Engineering. In Germany, you don’t get much more left-brain than that but I’d always been passionate about how people ticked. After fifteen years in engineering, I studied to become an NLP trainer. I moved to become the head of market research at one of the world’s most disruptive brands, which was great. That was the link between the engineers, the marketing team and the customers. It’s like a three-way translator. There came a point where I was studying more about how to help people change their lives, how to help them to help themselves. Looking at what I knew from Six Sigma about how to take the fluff out of those processes and make them more reliable and concrete. Back in 2003, I left, set up my own business. One of the things I was doing back then was executive mentoring.

Imposter syndrome is the secret fear of others judging us the way we’re judging ourselves.

My first client had this weird thing. They were confident. Everybody thought they had the act together and it was 3:00 the morning they were dying inside. My next client and then my next client and it got me researching what is going on. The coaching skills I’ve learned weren’t touching it. I needed something deeper. That was several years ago. The rest is they say is history. I have spent the last several years specializing in the imposter syndrome work that classic tools don’t touch.

We talked about what the imposter syndrome is but what we haven’t talked about is who experiences it. Who has it?

Everyone. There’s no it’s men, it’s women. There’s no you’re old, you’re young. We found in the 2019 research study that 52% of female respondents had struggled with it daily or regularly in 2020 alone, to an extent that it impacted their work and their home life. The figure for men was 49%. Pretty much the same. The difference was how they handled it. Women were twenty times more likely than men to go and talk to someone to ask for help. Men were five times more likely than women to turn to alcohol, drugs and medication to push on through. The other huge thing and this is relevant to the gender pay gap, the male respondents tended to do that feel the fear and do it anyway thing. Pushing it down, pushing on through, “I’m terrified. It’s causing me anxiety. I’m drinking too much but I’m going for that promotion anyway.”

They would get to that stage. When they got promoted, very often, the job title gave them the external validation they needed to mean that they could settle into it. What we found with the female respondents is they would hold back stepping up. They would even volunteer other people if they got the tap on the shoulder to go for the next role. Thirty-seven percent in 2020 alone had not asked for a pay raise they knew they deserved as a result of imposter syndrome.

Sixty percent we found were routinely not taking credit for what they’d achieved, even doing that classic, “I had but,” if they were praised volunteering self-criticism, meaning that they want not to top of mind for those promotions and opportunities. They were not letting their light shine because, for them, the emotional side of imposter syndrome was simply strong. It held them back. It caused them to subconsciously self-sabotage rather than step up to the next level and pushing on through it for them was much less of an option.

I was about to ask, what did your research tell us about how imposter syndrome affects the gender pay gap? You answered it succinctly there but what more does your research tell us about the imposter syndrome and the gender pay gap and how it has an impact?

We found that there were three hidden drivers of the gender pay gap, which most organizations aren’t aware of, they can’t address. One of them was the alpha male competitive culture at the most senior levels in too many organizations still. There comes to a point where if a woman gets promoted beyond that level, she either has to change how she behaves to become more of a man or she has to find ways to cope with being in a highly competitive alpha male environment.

Even some of the most heart-centered organizations I’ve worked with in those top couple of levels, it’s suddenly a complete culture change. Women don’t feel like they belong. They feel that fear of, “What if they realize they made a mistake hiring me or putting me in this role?” They also found at those senior levels that the spotlight that was on them for being a female in that role rather than a person in that role meant that their secret fears of, “What if they realize I’m not good enough?” It was like having a supernova shining on them. That was one aspect.

CGP 9 | Imposter Syndrome
Imposter Syndrome: Imposter syndrome is the secret fear that people are going to find out that we’re not good enough, that we’re faking it, that they made a mistake hiring us, that we don’t belong.

The second factor that was driving the gender pay gap that we found was the lack of flexible working. The expectation that at the more senior levels, you’re going to do the longer days, you’re going to do the overnight when we can travel, that you’ve got to wave goodbye to school concerts and all that thing. Many women felt they didn’t want to have to choose. Even if a company offered flexible working because you’ve got this internal dialogue where you’re judging yourself and you’re worried that others are doing it too. If you accepted the flexible working, you were worried that people were judging you and that somehow would see you as not pulling your weight not being good enough. That was factor two. Factor three was all of the self-sabotage that comes in there from imposter syndrome.

If you imagine, you’re going to step up to a leadership role, you’re going to take responsibility and you are going to be visible at that level. If it’s 3:00 in the morning, you’re lying awake and your inner critic is telling you all the reasons why you’re not good enough, it’s extremely hard to feel congruent and safe doing that. One of the other things we found is that at senior levels, women were likely to apply for a promotion externally to leave a company they love because they were scared of what they perceived as the shame of failure if it became public knowledge that they’d gone for a role that they then didn’t get.

I hear that with a lot of technology companies, where women have applied for promotion and not got it. They’ve then left the organization or they haven’t even applied internally because they’re worried about failing in their eyes. They decide to go for that promotion outside the company, which means you’re losing good female talent.

Somebody else is gaining from the hard work that you’ve put in working with that person and developing them over those years.

We’ve got these three hidden drivers that often companies aren’t particularly aware of. If they’re hidden and you don’t know you’ve got them then there’s not an awful lot that you can only manage what you can see, can’t you?

It’s one of the reasons why I’m passionate about this and my podcast that you are sharing is important because secretly, we know if we have an alpha male culture at the senior level. We will never admit it to the shareholders and we don’t have to wash our dirty linen in public but we know. Secretly, we know whether we’re expecting our leadership team to work hours. That means they’re choosing between career and children, loved ones, care, responsibilities or having a life. By raising the awareness and asking the question, if we were honest, we took our emotions and our biases out of this, are any of these three factors at play? With that third factor of imposter syndrome, there’s something that a lot of companies have been doing that is well-intentioned but it’s making it worse, which is giving women that helping hand. It will seem as quotas or positive discrimination and it’s not being phrased like that.

If you take somebody who secretly believes they don’t belong, that a mistake was made hiring them, who’s scared they’re going to be found out as not good enough and a fraud and you give them that pushups the next level then it amplifies those feelings. They can then look around. I remember when I had imposter syndrome in my engineering days, I was promoted extremely young to senior engineer. The rumor that went around the factories are, “She got the job because she’s a girl.” My imposter syndrome meant I believed it. It can undermine the integrity and respect of female leaders if you are in any way saying to have given them the advantage. I talk about equity instead of equality.

There was a fantastic meme on social media. The dad taking two children to a football match. One was older than the other they couldn’t see over the barrier. The dad got two equal boxes. One child could see over, the other one still couldn’t. Equity is giving that second child the box that they need so they can both see but this does not come in the form of quotes and positive discrimination. It comes in the form of, what does this person needs to be able to thrive? Do they need support in ditching imposter syndrome? Do they need us to put serious work into the flexibility of hours? Do they need us to create a senior-level environment and culture where anybody can thrive with God as if their gender, their ethnicity, their socioeconomic class? Looking at what you need to do to create equity so that it’s fair for everybody rather than giving people that helping hand creates this feeling of resentment.

Make asking for help with imposter syndrome as acceptable as asking for help with Microsoft Excel.

I’ve got clients where there were men who thought they were about to get the next promotion. A woman then got it out of the blue. Everybody knew it was because they’d been told they had to have a quote on the board. That woman had to leave because nobody would respect her authority, even though she might have been the best candidate. We have to be careful at how we handle this, how we communicate it and how we’re being seen to be fair.

What can companies do then in practical terms to stop that imposter syndrome affecting the gender pay gap?

One of the first things is that we need to be training leaders in imposter syndrome in being able to spot the signs. We’re good at hiding it when it’s running because we feel ashamed. It’s an identity level. It’s about who I am as a person. We put a lot of effort into hiding it. By the time we ask for help with it, it means it’s got to a stage where that bridge of coping strategies is no longer enough. It takes courage. Training managers to be able to spot the warning signs. For example, one of the things I do is I train imposter syndrome first status in an organization so they can be a point of contact because it’s removing the taboo. I’m on a mission to make asking for help with imposter syndrome as acceptable as asking for help with Microsoft Excel macros.

Nobody would think twice if they suddenly had to do something complex on Microsoft Office but saying, “I need training on that.” We need to get there with imposter syndrome because it can lead to mental health issues, anxiety, depression, stress, burnout. It can trigger all of these. Having that HR, in-house coaches, leaders, line managers, having the basic awareness, having key points of contact in the business who can help, you can do more than just offer tea and sympathy. Also, having programs that give people practical tools because not everybody needs a full-blown, “Let’s dive in and deal with imposter syndrome.” Sometimes it might be training in how to choose which thoughts to feed. How to be able to press pause on that inner dialogue? I have my Inner Critic Bootcamp program that they can study for that in six weeks, which helps to stop the cycle.

Sometimes they might want to dive in more deeply and work with somebody. You might want some in-house mentors who’ve trained in the deeper work to clear out imposter syndrome particularly if you have people who are stepping up from line management to leadership roles. What triggers imposter syndrome particularly is any shift in identity. For example, becoming a parent, returning from maternity leave. We see it a lot with university students when they graduate. Becoming a leader, a shift in identity opens up that imposter syndrome gap between who you see yourself as being and who you think you need to be. Actively putting imposter syndrome clearing programs into your leadership development strategy, meaning that anybody who is running it without shame, without taboo, without judgment can have a route they can follow that says, “I want to clear this out.” They get to fulfill their potential.

One of the things that happen if somebody gets promoted because part of them is saying, “I want to do this role.” Part of them is screaming, “What if they find me out?” They can turn into a micro-managing boss in as little as a few weeks. The symptoms, the stress, and the anxiety of imposter syndrome can be pushed on down through the team quickly. It can turn a rising star into someone that’s creating a toxic team without even realizing.

Which is another big issue for organizations because that will create other employee engagement issues and employee retention issues.

If anybody in that team was running imposter syndrome, they were at the coping stage and it was dormant then it can trigger it for them as well. In terms of the gender pay gap, having that clear strategy is yes, you would give your team members the development they need to get ready to be leaders. That is not just the practical external strategies. That also has to be the inside work so that they can let go of whatever might be holding them back from becoming a leader that inspires people to thrive and create successful, happy teams.

CGP 9 | Imposter Syndrome
Imposter Syndrome: It can undermine the integrity and respect of female leaders if you are in any way saying to have given them the advantage.

This is what we all want at the end of the day because it means that you improve productivity, profitability and your reputation as an employer in the workplace. I’ve enjoyed talking to you about this. I know I could talk all day on this topic because your knowledge and expertise are valuable. If people want to get in touch with you and find out more about what you do, how can they get hold of you?

The research study white paper that might be useful for readers is at DitchingImposterSyndrome.com/research. I’m on LinkedIn, @ClareJosa. There’s only one of me on normal days. My main website is ClareJosa.com. That’s where you can find all resources. I’ve got things like an advice guide that can be useful for someone who does have imposter syndrome. That’s completely free. That’s at ClareJosa.com/advice. That helps you to know what to say, to know which mistakes to avoid and to be able to start supporting that internal discussion to remove the imposter syndrome taboo and get people to support that they need.

Thank you so much to my guest, Clare. I’ve enjoyed talking to you about imposter syndrome and how this can impact the gender pay gap. I hope you, as readers, have enjoyed reading this episode, too. Thank you so much, Clare.

Thank you so much, Sherry.

If this has sparked a thought in your mind, I’d love you to come and book an exploratory chat with me to give you an opportunity to ask any questions you have about the work I do at technology companies on attracting, developing and retaining your female talents that you can close the gender pay gap. Email me at Sherry@SherryBevan.co.uk to book your call. Thank you for reading.

Important Links:

About Clare Josa

Clare Josa is the UK’s leading authority on Imposter Syndrome, the author of eight books, and an expert in the neuroscience and psychology of performance.

Her original training as an engineer, specialising in Six Sigma and Lean Manufacturing, means her inspirational approach is grounded in practical common sense, creating breakthroughs not burnout.