A Q&A with Dr. Rois Ni Thuama
In honor of Women’s History Month and International Women’s Day, we sat down with Dr. Rois Ni Thuama, Tech100 Women Winner and Head of Cyber Governance for Red Sift, to get her thoughts and perspective on the current state of women in cybersecurity and tech and where we still need to go, as well as career advice for professionals already in the industry and those looking to get in.
Rois Ni Thuama Ph.D. is a doctor of law and subject matter expert in corporate governance, cyber governance, and risk management. She is an award-winning cybersecurity expert, with 20 years of experience in the field of cyber governance, cybercrime & fraud prevention. Throughout her career, Dr. Ni Thuama was part of the team of cybersecurity experts tasked with the revision of NATO's cybersecurity curriculum as part of the Partnership for Peace Consortium's (PfPC) Defence Education Enhancement Program housed at the Austrian Defence Academy in Vienna. She has also presented on the legal implications at The Impact of Artificial Intelligence on Future Conflicts Conference in Washington D.C., United States.
Q: What are the biggest misperceptions that women have about working in tech?
Rois: The biggest misperception, I think, is that to work in tech you must be an engineer - this is categorically not the case. Similar to the way not everyone who works for Airbus is an aviation engineer.
The cybersecurity sector has a place for lawyers, designers, salespeople, recruitment, human resources, the list goes on. It’s a burgeoning sector that will continuously evolve.
Further, the whole of society has a stake in making sure that we have responsible cybersecurity measures and tools. If you’re not at the table, then you don’t get to shape the direction we’re headed in.
Q: Do you ever run into sexism?
Yes, but not necessarily in the way you might expect. In fact, I have a book idea, ‘Sexism or dumb stuff?’. What has really surprised me over the years is that sexist attitudes come from both men and women. We all encounter colleagues who will hinder rather than help, assign the credit to themselves, or create problems and fail to apologize. But those aren’t exclusively male characteristics. Women can pull those stunts too.
What I’d prefer to focus on though is the amazing professional support, encouragement, and opportunity that I’ve got from both men and women in my career. The sooner we realize, especially in cyber security, that the enemy is the bad actor and that collaboration and support of colleagues is the winning approach, the stronger we’ll be. Let’s drop the ‘dumb stuff’ and focus on the great work.
Q: What skills do you feel are the most critical to succeeding in cybersecurity today?
Essentially, cybersecurity businesses like Red Sift help other businesses to protect and defend themselves. That means as a business we benefit from being able to communicate the problem we’re solving and how our solution addresses it. It requires that the people communicating that message take responsibility for their patch, that they are flexible enough to meet the needs of their clients and the business, and to be creative enough to work around a niggle rather than letting a triviality bring you to a standstill.
In summation, the industry welcomes good communicators, who take responsibility, and demonstrate that they are flexible and creative.
Q: What advice would you give to women looking to begin and grow their careers in the industry?
Look for a boss that you respect. It doesn’t matter if they’re making widgets. You will grow faster, learn more and flourish if you have that.
Q: What advice would you give to a woman thinking about entering the cybersecurity field for the first time?
Just go for it! There are loads of interesting, capable women in this sector already and we’re starting to see them in high-profile roles. It’s 2023, not 1870 ladies. You don’t need permission, you don’t need an invite, and you don’t need to conform to some outdated version of what it means to be a woman. The people I admire are resilient, smart, and competent and they make the sector better for being in it and that includes both women and men.
Q: Can you elaborate more on the support structures for women that need to be in place?
I don’t know if it’s structures per se, but a few modifications to address real-world, legitimate concerns can make a difference.
I can give you an example. I used to run executive dinners and found that very few women would attend. One evening after said dinner, it was 11:30 p.m. and it took me 30 minutes to get a cab and go home. At that moment I realised that dark evenings and late nights pose an unacceptable risk to women. Therefore I've started doing lunches instead, which means I’ve now got more women at the table. Minor adjustment, massive outcome.