March 7, 2016
I almost didn’t apply for my current job because I didn’t think I would fit in.
In an email forward, the sender encouraged me to apply to run a new cybersecurity center at Berkeley. “I don’t really think they’re requiring cybersecurity experience,” he said, as if that would bolster my confidence. But I still hesitated.
I was a lawyer and political scientist, not a computer science PhD. I was a college sorority girl (yes, I admitted that out loud).
It wasn’t as though I’d never heard the word cybersecurity before. While at the Department of Homeland Security, during a lull between bosses, I had dug into a handful of cyber-related projects. Even before that, I was deeply involved in my law school’s Information Society Project, helping to stand up a clinic on Media and Freedom of Information Access. I even had written a piece for the Yale Law Journal on Watson, the Jeopardy! Computer. The piece argued, tongue in cheek, that the computer might be better than Justice Scalia (may he rest in peace) at practicing his particular brand of originalism.
But even with those experiences, I didn’t feel that I would fit into the cybersecurity world. I was a lawyer and political scientist, not a computer science PhD. I was a college sorority girl (yes, I admitted that out loud). My favorite movie is Love Actually. I’ve never seen a real Sci-Fi movie. (Does Honey I Shrunk the Kids count?)
At the time the Berkeley job came across my desk, I had been asking around about cyber opportunities for several months. But I still decided to apply mainly to get the interview practice. My mom agreed. “There’s no way you’re going to get this job, but it’s good practice,” she told me. Friends look baffled as I described my trip across the Bay to Berkeley for the interview. “Your computer is 4 years old, and you just got a smartphone six months ago!” It was only around the fifth round of the interview process that I realized I had an actual chance.
Since getting and starting my job, I have discovered that my experience is all too typical. At a recent New America gathering of women in cybersecurity, we did an informal survey of the mid-career professional women in the room. Thirty-eight out of 40 had lateraled into cybersecurity from another field. If that number is representative, it means 95 percent of women will face a decision of whether to enter a field that is completely (or mostly) unfamiliar to them.
In other words, we need people from all walks of life to work on cybersecurity problems. And unless we expand the frame of who “belongs” in cybersecurity, we’re not going to get there.
At the same time, it is exactly because women come from different perspectives that their participation in the field is so important. Whether the question is how to design a legal framework that balances the needs of government surveillance with privacy, how to identify data that has been manipulated, or how to get people to actually keep their passwords secure, cybersecurity is about a lot more than just technological know-how. We need sociologists, psychologists, lawyers, and economists to understand human behavior; designers and data scientists to help change that behavior; and businesspeople and bio-scientists to bring products to market. In other words, we need people from all walks of life to work on cybersecurity problems. And unless we expand the frame of who “belongs” in cybersecurity, we’re not going to get there.
In brief, it’s true. I don’t fit into the old cybersecurity world. And frankly, that’s a good thing.
Betsy Cooper is the Executive Director of the Berkeley Center for Long-Term Cybersecurity. Betsy arrived at UC Berkeley from the Department of Homeland Security, where she served as an attorney advisor to the Deputy General Counsel and as a policy counselor in the Office of Policy. She will share her story at New America’s Cybersecurity for a New America conference in Washington, DC on March 9.
This post is part of Humans of Cybersecurity, a dedicated section on Context that celebrates stories of the people and ideas that are are changing our digital lives. It is part of New America’s Women in Cybersecurity Project, which seeks to dramatically increase the representation of women in the cybersecurity/information security field by fostering strategic partnerships with industry leaders, producing cutting-edge workforce research, and championing women’s voices in media. This is a project of New America’s broader Cybersecurity Initiative, which aims to clarify and connect the often disjointed debates and policies that surround the security of our networks.