This Q&A is with Abeer Khedr, Head of Information and Security, at Egypt's biggest bank by assets, the National Bank of Egypt. It is part of Salaam Gateway’s International Women's Day 2020 series that is co-designed and curated by Nyra Mahmood, MD of UK-based Simply Sharia Human Capital (SSHC LTD), the publishers of the 2016 report "Women in Islamic Finance & Islamic Economy”.
Salaam Gateway: How did you get into cyber security and what inspired you to continue this path?
Abeer Khedr: Actually, I studied and practiced a related field: Information Technology. I studied computer science at the American University in Cairo and had my master's degree later in Business Information Technology.
A few years of working as a programmer, a business analyst and an IT administrator were followed by a slight career change and my decision, inspired by my husband who was also working in the field, to get into IT assurance and cyber security consulting.
I joined one of the big four firms at their Egypt office for six years. I learned a lot from the consulting experience and working with clients from different industries and while performing IT audits and security assessments, I noticed there was always a need for "how to" mitigate the findings.
This is what inspired me to continue in this path: to help organizations "fix" security issues, build the right security governance structures and practices, protect valuable information assets and inspire a culture of continuous improvement. I discovered this was my true passion.
2. How do you see the leadership role of women in cybersecurity evolving in this space, especially among the top C-level positions?
This has progressed a lot in the last few years.
More women in Egypt and the region are given the opportunity to lead cyber security functions in large organizations in different industries.
If we speak about financial services industry, several of the large banks in Egypt have women CISOs. This has been possible through awareness efforts to draw attention to the value diversity brings in leadership in general and in technology and cyber security fields in particular.
More initiatives to encourage women rise to leadership positions are also encouraged by countries' leadership in the Middle East like the Top 50 women initiative in Egypt and the Saudi initiative to increase women leaders in cybersecurity.
3. What personally drives you in this space and to work with women specifically?
I know from my experience that the field of cyber security, though very rewarding also has its challenges.
I realize the importance of a support system for women as well as encouragement and guidance which I have been lucky to have throughout my career.
I believe I should give back and support young women talent who I know that once given the right opportunity to be discovered, they will excel and shine. I feel it's my duty to do as much effort as I can to be part of the awareness efforts to support inclusion of women in technology and cyber security.
4. There is a perception that cyber security field is for men especially since it requires long hours. How do you manage your work-life balance and what would you advice women in this space?
It's not an easy field but this doesn’t mean that women cannot pursue it.
Everything is possible with passion and determination and time management skills.
Some opinions advocate that for women to achieve work-life balance, they must strictly segregate their work from their personal life. I don’t think this is a working formula for cyber security field. A CISO must manage a cyber-security function around the clock. They need to communicate with senior management even beyond standard working hours.
Therefore, I believe that integrating both worlds is a better way to strike the right work-life balance. I used to take time away from work to attend a meeting with my son's teachers at school, but at the same time, I used to work on deliverables for clients after I put my son to bed as a child.
We could be doing an activity with our family when we spend a few minutes on a call to address an issue at work. Actually, when our children see how much we love our work and are passionate about it, they would respect this and it would actually develop their sense of commitment and responsibility later in their careers.
5. Why do you think it’s important to bring more women into the cybersecurity sector and what can we do to promote diversity, narrow the gap and attract more women talent to cyber space?
If the industry is already suffering the scarcity of needed cyber security resources, then opening up opportunities to more women talent will solve the scarcity problem.
Most of us realize the value of diverse teams: more than one perspective to an issue, creative solutions to problems, and a representation of the wider audience companies and organizations serve because it is a diverse audience.
In cyber security, women have many natural abilities that match needed skills in cyber security: ability to multitask, natural risk aversion, communication & networking, flexibility among others. Business leaders will sure benefit from adding women talent with these abilities in their teams.
6. Women make up only 20% of the cybersecurity workforce. While that's up from a mere 13% in 2017 and 11% in 2013, there's still a lot of opportunity to be seized in cybersecurity careers. What is the biggest gap and hence biggest opportunity for women in cyber space?
Indeed. Although, good progress was achieved since 2013 yet there is opportunity for more.
Currently, a gap can still be observed in some cyber security careers: young women start in the field, but not all continue in this path.
Lack of support systems, demanding hours, perception of inability to handle multiple responsibilities all can deter women from pursuing leadership positions in cyber security.
Also, we don’t see many women who are SOC analysts or managers again because of the mentioned reasons and the perceived judgement that women cannot handle working in shifts.
However, if we increase awareness efforts and highlight successful examples in both career paths, women will be encouraged and motivated to more effectively learn and apply time management techniques, will not shy out from seeking support and will be more confident and determined to persist to reach and succeed at leadership positions in cyber security.
7. What advice would you have for young women who are just entering the security world either in their first job or who are maybe looking to pivot from another job outside of the security or tech landscape and stepping into the cyber world?
Learning and specialized knowledge acquisition in your target cyber security path is crucial.
Some people say security certifications are not important. I would say they are; they are not the only factor, but they are a proof that someone has learned and got fairly assessed in a certain body of knowledge.
This proof is necessary especially for fresh grads and young women who want to switch from other careers.
Learning should not also happen in isolation from practice. I remember in my early years of working in cyber security, I would work in the mornings till afternoons, manage my other life responsibilities in the evenings and stay late at night to study.
Also, where possible, you need to work more than others if you want to stand out. Why not volunteer to do additional tasks or support other colleagues. This will definitely pay off and make you stand out as a dedicated supportive hard working professional.
8. Tell us more about your Women in CyberSecurity Middle East (WiCSME) initiative - why did you think it was important to create one for women in Middle East?
This is the initiative dearest to my heart. The group was founded with passion and commitment by eight women from different countries in the Middle East with the objective of supporting more women in the region join and continue in cyber security. The group has grown from those eight ladies to over 600 women at the moment. We have ladies from UAE, Egypt, Kuwait, Saudi Arabia, Oman, Jordan, Algeria and other countries.
We have created groups and accounts on many platforms such as LinkedIn and Twitter and Telegram to share technical knowledge between our members. We also arrange regular talks with celebrities and influencers in the field who generously give their time and support and share their experience with our ladies in the ME.
We also arrange regular virtual technical sessions where members of our group who are specialized in certain cyber security topics to explain them to the rest of the group. We also support with job opportunities where we can and support our ladies in academia with needed mentoring or survey responses. This initiative is timely today as we see more support from nation leaders in the Middle East as we mentioned earlier and we plan to capitalize on this.
9. How do you see the trend of women participation in technology in the Middle East and the importance of nurturing their talent through mentorship and training?
Women started working in technology earlier than cyber security particularly in software programming as early as the nineties.
Since then, more women have been steadily participating in the technology industry. It's important to encourage this and provide the needed mentorship and training for younger generations.
There are many active Women in Tech groups in the region and are doing a great job mentoring young women talent opening up opportunities for them. Nurturing this talent through support, organizing idea hackathons and similar competitions will motivate the young ladies and bring out their creative ideas and further inspire their interest in today's new technology particularly AI and its promising applications in all fields.
10. The Islamic economy is rapidly moving towards a technology revolution, requiring high consideration for cybersecurity and filling the talent gap. How important do you think is the role of women in the cyber space for the Islamic economy?
Similar to what we see in conventional economy, Islamic economy products are also moving towards digitalization.
Blockchain is also proving to be useful since it offers many of the features important for Islamic economies such as prevention of fraud, trust and traceability.
With this rapid evolution in technology, cyber threats also arise and it becomes more important to mitigate in an agile, risk-based manner with the necessary speed not to hinder adoption of the new technology but at the same time address its risks. Young ambitious women in cyber security in the Middle East and other Islamic countries can easily fit the needed profile for this mission.
With their passion to learn and develop their knowledge and skills in the field and keep abreast of the arising threats, I'm sure they will bridge the resource gap and protect their companies' investments in the new digital solutions.
After all, they are the proud granddaughters of early Muslim women scholars and scientists: the likes of Fatima el Fihri and Mariam el Astrolabyia.
I'm positive of their commitment and determination to succeed in cyber security and technology and I'm confident the coming couple of years will witness a spike in the percentage of women participation and women leadership in these fields.
(Questions by Iman Ali Liaqat, Junior Research Analyst, DinarStandard)
Continue reading Salaam Gateway’s International Women's Day 2020 series.
© SalaamGateway.com 2020 All Rights Reserved