Tech Talent Spotlight Series: Lisa Ventura MBE

Lisa Ventura is an award-winning cyber security awareness consultant, writer, and speaker. She is the Founder of Cyber Security Unity, a global community organisation that is dedicated to bringing individuals and companies together who actively work in cyber security to help combat the growing cyber threat. Lisa is also a mindset and mental health coach and offers help and support to those affected by stress, burnout, and mental health issues in cyber security and Infosec.

She is passionate about raising awareness of the growing cyber threat to prevent cyber-attacks and cyber fraud, and actively supports women and those who are neurodiverse into careers in cyber security. Her books “The Rise of the Cyber Women: Volume 1 and Volume 2” were released in 2020 and 2021 to great acclaim.

Lisa sits on the Advisory Group of the West Midlands Cyber Resilience Centre, sits on the board of Think Digital Partners as their Cyber Security Advisor and is a member of the Advisory Council for the International Security Expo event. In 2021 she was named as one of IT Security Guru’s “Most Inspiring Women in Cyber Security” and won the “Positive Role Model for Gender” award in ITV News’s National Diversity Awards in 2020. She has also won numerous other awards for her work including SC Magazine’s “Outstanding Contribution to Cyber Security” award.

Please can you introduce yourself, and tell us about your career/ what does job role entail and what led you to pursue a career in cybersecurity?

My name is Lisa Ventura and I’m the Founder of Cyber Security Unity, a global community organisation that exists to help unite the cyber security industry to help combat the growing cyber threat. The industry is stronger together to beat cyber crime. I’m also a writer/blogger, keynote speaker and a cyber security awareness consultant.

Can you tell us about a moment in your career that made you proud?

I think the proudest moment was when I found out I’d won ITV News’s National Diversity Award for my work in cyber security in the “Positive Role Model” category in 2020. I couldn’t believe I had won, there were far more worthy candidates and my imposter syndrome went through the roof that day! My trophy sits proudly in my office and it is a reminder of how far I’ve gone in my career despite some significant challenges.

What do you think are the biggest obstacles that a woman working in the technology sector faces? And with respect to your professional career, what have been yours?

While there has been some positive progress with encouraging more women into careers in cyber security, such as programs aimed at getting girls and women into the field, there is still much to be done to encourage them to join.

Retention is a key problem. Many often leave the industry due to burnout, lack of career progression and the toxic culture often found in the industry. Many efforts to address more inclusion and diversity in cyber security don’t go much further than a few PR pitches and lack anything substantial.  Sadly, women are still paid less, promoted less and deal with discrimination and harassment, which leads to the pursuit of other career paths away from cyber security. Equally, with such technical terminology often being used this can be very off putting to women looking to enter the industry.

In terms of challenges I’ve faced in my career, I have been a victim of the gender pay gap where I discovered that male counterparts doing exactly the same role as me were paid far more, and I now campaign heavily to stop this outdated practice. I’ve also been subjected to bullying and abuse throughout my career.
 

You’re a business mentor for Women in Business, Women in Cyber Security, Women in Tech and more. How does your own personal journey into tech help you when mentoring?

I think my lived experiences help when it comes to mentoring others in cyber security as I can provide real world examples of what I have been through to hopefully help others understand that they are not alone. This is especially true for things like dealing with imposter syndrome, bullying and abuse, the gender pay gap and mental health in the workplace.
 

We’re witnessing more women in tech and cybersecurity than ever before however there still is a lack of women in the tech sector. Do you think enough is being done by businesses to address the gender imbalance in cybersecurity and the technology industry as a whole and how would you encourage more women to join the ever-evolving industry?

The media and popular culture often portrays cyber security as being done by a socially inept young guy in a hoodie, this began in the 1980s and is still prevalent today. This is not the right image to attract a more diverse workforce into the industry, and even for companies and academic programs that have tried to overcome this image, the perception that it exists and that cyber security is hostile towards women deters many girls and women from entering it. Combatting this misconception is a must to attracting more women into the industry.

I also think we need much greater representation of under-represented groups in cyber security across all aspects of society and media. There are many strong female role models in cyber security who deserve to have their voices amplified. News outlets need to stop citing male cyber security experts, industry conferences should include more female speakers and demonstrate their commitment to having inclusive codes of conduct.  If women and girls don’t see it, they won’t want to be it. Women must e visible and seen as experts in cyber security but ufortunately when women are contacted for their insights it is often to talk about gender issues and not about their technical skills and capabilities.  Therefore, when girls see female role models in cyber security, they often only hear awful statistics and not the great work that women are doing in the industry. 

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

Part of my work with Cyber Security Unity is to provide safe spaces for women, those who are neurodiverse and those from minority groups to be able to share their challenges and meet and network with others who may be going through similar challenges. Cyber Security Unity is all about greater collaboration to not only combat the growing cyber threat but also support each other in cyber so we feel listened to and included.

How has the tech industry changed for women since you started in tech and what do you think the future hold for women in cyber?

When I started out in cyber security in 2009 it was extremely male dominated, there were very few women. I think this is partly because women often don’t apply for promotions and other high-level jobs as they feel they don’t stand a chance of being considered, but promoting men ahead of women is holding us all back. Diversity delivers better financial results, a better culture and better business decision making. There are fewer women in executive positions compared to men across the board and not just in cyber security; recent research has shown that while women comprise 73% of the workforce in entry and junior level roles, female representation drops to 42% at the level of senior management. When it comes to director-level posts, just 32% of these are held by women across the board.

Women aren’t the only underrepresented group in tech – what can be done to encourage more neurodiverse and autistic individuals to enter the cybersecurity industry?

While many neurodiverse people may find some parts of work and socializing more difficult, conditions that fall into the category can also give them particular strengths. There are many skills associated with Autism, such as pattern-spotting, attention to detail and problem-solving. Autistic people may approach problems differently and can provide extremely creative solutions. Many of these characteristics can be particularly useful in technical disciplines, and security roles in particular. The Infosec Institute lists IT and networking skills, analytical skills and auditing skills among the top five that are most important for Cyber Security professionals.

Sadly while neurodiverse candidates bring many benefits to the workforce, many interview processes do not give them the best chance of success. Davies warns that some assessment tools in particular can be challenging for neurodiverse individuals, such as group interviews. Improving the interview process is not enough though, organisations must also ensure that neurodiverse colleagues are given the right platform to perform once they begin work.

You are a strong advocate for all things related to neurodiversity, and are vocal about being autistic and neurodiverse, how did you navigate your journey in the cybersecurity industry and how has this inspired you to help others who are on the spectrum?

I wasn’t diagnosed as autistic until 2018 so quite late in life, but it explained so much about why I am the way I am, and why I struggled in the workplace so much. It enabled me to make some positive changes such as working from home in my own space and being able to control things like lighting, sound and noise, even things like having my desk and workspace set up a certain way, as this all helped to reduce the amount of sensory overload I experienced in the office. I also build in “down” time in between video calls which also helps.

What advice would you pass on to anyone from a minority background to help them progress in this industry?

Not wanting to sound too much like the Nike ad slogan, just do it! The industry is very welcoming and there is a strong community in cyber security and tech who are willing to help you every step of the way in your career.

A huge thank you to Lisa Ventura for dedicating her time for this interview. 

More information about Lisa can be found on www.lisaventura.co.uk. 

Lisa’s twitter - @cybergeekgirl and @cybersecunity
Lisa’s LinkedIn - https://www.linkedin.com/in/lisasventura/