March 8 is International Women's Day, where we celebrate women's achievements in society. ESET is delighted to support the day, with a special nod to the talented women working in security.
There are many female researchers and computer experts who contribute to the field, helping everyone enjoy safer technology. We spoke to one of the most prominent: Lysa Myers, a member of our research team in the US.
WLS: How did you get interested (and started) in security?
Lysa Myers: I got started in security before I got interested in it. I was a florist for a number of years before taking a job as a receptionist at a security company during the dot com days. There was so much need for help that I got pulled in on a few projects by the virus labs, and eventually I got moved into their group, doing triage on customer's virus sample submissions. After a short while, I got so engrossed in what was going on that I started asking the researchers questions about how they did their job, so that I could help out more. Fast forward to a few years later, I was the researcher training new people.
WLS: What is it like working in a field mostly populated by men, in which you might stand out just for being a female researcher?
Lysa Myers: There is definitely a sense that I'm more visible, being a researcher who's female. At a conference where one might meet dozens of guys in the course of the event, it's often easier to remember the few females you meet. And while there have been a few uncomfortable moments over the years (especially as I'm loathe to be the center of attention!), I've always had mostly male friends, so it's not unusual for me. The people in the industry are like an extended family to me now - it's very tight-knit!
WLS: Are there any woman you admire in the security field?
Lysa Myers: There's a lot of them! I'm afraid I'll leave some out, but here are a few:
Jeannette Jarvis - Someone I met early on in anti-malware conference circles, who now works at McAfee. She is a force of nature! I've seen her accomplish so much wherever she goes, it blows my mind.
Chey Cobb - (whose last name should look pretty familiar to regular readers of this blog!) She and I cowrote one of the several chapters she and Stephen wrote in the "big blue book of security". I was impressed with her depth and breadth of knowledge just from reading her writing. But when I came to work at ESET I had a chance to meet her and talk with her, and her security knowledge is even more impressive in person!
Katie Moussouris - I've not met Katie, but I've seen her work on a lot of high profile and exciting things like BlueHat Briefings and various bug bounty programs. She's accomplished a lot, which is doubly impressive to me since we seem to be in about the same age range.
WLS: Do you think there are any female cybercriminals?
Lysa Myers: I'm sure there must be! There may be more guys in technical areas and in crime, but gender imbalance really hasn't ever stopped the criminally inclined.
WLS: Do you think there are any advantages or benefits to being a woman in this industry? Maybe things that are “easier” for you - empathy, communication, etc.
Lysa Myers: A lot of the skills I have, I learned to hone by watching men who used those skills well. I wouldn't say women are necessarily more empathic or better able to communicate, though these tend to be skills that women are more often encouraged to develop. I think I was able to become more well-known more quickly because I stick out in a crowd comprised mostly of men, so that is a sort of an advantage. But if I had not been able to back up that attention with beneficial and verifiable skills, that spotlight effect would have faded quite quickly.
There may also have been times where me being female lost me the spotlight for those who think women cannot be technical, and I would not necessarily ever know that. I don't give it much thought, either way. I do what I do and hope I'm helping people, that's the bottom line for me.
WLS: You’ve been on this for 15 years. What difference do you see between that moment when you started and now, regarding women participating in security research?
Lysa Myers: In a lot of ways, little has changed. There's still just a handful of women in the industry - for every one who leaves, another one seems to come in. I hope all the attention paid to women in security lately, and the efforts to get younger women interested in security careers, bears fruit and that some day I can look around and see a more even ratio of men and women.
WLS: What do you think the future holds for women working in security? Do you think there will be more of them?
Lysa Myers: I very much hope that there will be more. This has been a great career for me, and I think it would be a great career for a lot of women who wouldn't necessarily consider themselves computer types. There are a lot of different types of security jobs, and we need people with all sorts of different skills. I never thought I'd be working with computers for a living when I was younger, but I couldn't be happier with where I ended up. I get to help people, I get to write and travel and meet people all over the world - what's not to love?
WLS: You said in a recent interview: “I think a lot of people think this job involves staring at bytes all day, and that is really not all that it is. It is about helping people”.
Could you share a few more ideas regarding that opinion and how do you help people?
Lysa Myers: I help people use the Internet more securely. There are a lot of "Big Bads" out there, stealing people's data. Most people are as clueless about the inner workings of their computers as they are about their cars, but they understand things like "brake before you hit the car in front of you", "use your seatbelt", "change your oil and rotate your tires regularly", etc. We haven't quite reached that point with computers yet, because they are such new technology. There are a lot of things people can do that are fairly simple, which makes their computing experience safer, but they've never understood how to do it. By talking in plain and simple language, we can reach a lot of people and make their surfing safer. While I did have to learn about bits and bytes to be able to do this effectively, it's like going to college - once you have that basic understanding, you can use it to springboard into different areas of expertise.
I think there is an unfortunate stereotype about technical jobs where people are spending all day and night sitting in a dark basement (or a cube) "hacking the gibson" while drinking a lot of caffeinated soda. But that isn't reality at all. Especially as more people are realizing what a solid, secure and interesting career choice it is, and as more companies are realizing how crucial computer security is to their bottom line, there are a lot of different types of people dealing with a lot of different aspects of technology.
Image credits: ©United States Mission Geneva/Flickr