Cybercrime is becoming more common in today’s technologically advanced society. Cyber-attacks cost businesses hundreds of billions of dollars a year, and the call for experts to battle these threats is on the rise. In fact, the demand for cybersecurity professionals is growing at a rate 12 times faster than the total labor market! According to research conducted by Frost & Sullivan for the Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, only 11 percent of the world’s information security workforce are women. There’s tremendous room available for women to enter the cybersecurity market! Dr. Amelia Estwick, program manager of the National Cybersecurity Institute at Excelsior College, has worked in this field for some time and recently sat down with Excelsior to share her story and recommendation for a career path in cybersecurity.
Excelsior: How did you first get started in cybersecurity?
Estwick: In the early 90s, I enlisted in the United States Army as a telecommunications operator, which was a job within the Intelligence/Signal Corps careers. My main responsibility was to ensure all military communications were secure during tactical (field) operations. I credit my military experience for introducing me to the opportunities in the security field.
Excelsior: What jobs have you held in this field?
Estwick: After I completed my military service and finished my bachelor’s degree in computer information systems, I earned a National Physical Sciences Consortium Fellowship to pursue graduate studies in computer science. The National Security Agency (NSA) sponsored my fellowship while I was in graduate school at the George Washington University. I worked at NSA during the summer as a computer science researcher.
As a researcher, I spent most of my time developing software tools and techniques to protect the government’s data and networks against unauthorized intrusions. From my research position, I eventually joined the NSA full-time and moved into more leadership roles, including systems engineer, senior cyber analyst, and finally technical director within NSA’s Threat Operations Center (TOC). The TOC is a large organization with over 200 people working around the clock, 24/7/365, to monitor and defend government and military networks against cyber-attacks.
As one of a few women technical directors in the Agency, being selected was the highlight of my NSA career. Last year I left the NSA after 15+ years of government civilian service to pursue work in academia.
Excelsior: What is your favorite part about working in this field?
Estwick: I’ve been in this field for so long, it’s hard to nail down my favorite part; however, I guess I love change and the opportunity to problem solve! Cybersecurity is a dynamic field and there’s been so many changes in technology and processes that have directly impacted the cybersecurity landscape.
I’m amazed how far this field has advanced since I started; we still have hard problems to solve like how we process large amounts of data (big data) and how we integrate machine learning and human intelligence (artificial intelligence).
As the program manager for NCI, my favorite part is engaging with current and prospective students who want to pursue education to carve a career path in cybersecurity. I find it very rewarding to help someone in reaching their educational and career goals.
Excelsior: What do you feel the future look likes for women in cybersecurity?
Estwick: I consider myself an optimist, so I believe the future looks bright for women in this career field. I know there’s work to be done to increase the STEM pipeline for young girls and women, especially for those following a career path in cybersecurity. Cybersecurity is a multidisciplinary field, and there’s so much opportunity for women with various skill sets and backgrounds to contribute. In the 20+ years I’ve been in this field, I’ve seen more initiatives to increase the involvement of women and minorities in the field; however, we need to make sure we support women and minorities when they do enter the field in order to retain the pipeline. I think an important factor in addressing diversity and inclusion is to work on plugging the leaks so we can retain the pipeline for the future.
Excelsior: What educational background/certification/training would you recommend for someone pursuing this career path?
Estwick: Since cybersecurity is a multidisciplinary field, it really depends on what specific cybersecurity career path the person chooses to pursue that will ultimately decide what sort of background and/or training is needed.
For example, there are many cybersecurity jobs for someone with certain certifications like the Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP). Both certifications require an extensive technical background, and I do believe having one provides more options to work in cybersecurity. I also believe there are enough cybersecurity career paths to choose from where someone without a technical background can still contribute to the field.
This is why academic institutions such as Excelsior College have provided students with information on career pathways because there are so many paths to work in cybersecurity. We live in a digital society and that means we need people from various backgrounds and skill sets to contribute in protecting our society against threat actors such as nation states, hacktivists, organized criminals, script kiddies, and even the insider. My recommendation for anyone pursuing a career path in cybersecurity would be to follow your passion, be a problem solver, and innovate!