SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Interview: A chat with SolarWinds' Destiny Bertucci and how she discovered IT security
Fri, 9th Mar 2018
FYI, this story is more than a year old

International Women's Day may have passed, but there's no reason why society shouldn't keep up that recognition every day of the year. SolarWinds ‘head geek' Destiny Bertucci is a woman in security, visiting Australia as part of Cisco Live.

We caught up with her to discuss the changing nature of cybersecurity, the skills shortage and how women are represented not only in security but in the wider IT world.

What exactly is a ‘head geek'? Bertucci explains that it's about sharing technical knowledge and encouraging discussion in an area of expertise with the wold. Her expertise lies in security, networking, and monitoring areas.

“United, the SolarWinds Head Geeks bring over 120 collective years of real-world expertise and renowned industry credentials to provide the IT pro community with perspectives, advice, and discussion on the latest trends and challenges in technology.

Medicine or IT? The 50/50 choice

What's the difference between IT and a Licensed Practical Nurse (LPN)? They may sound like different crazy fields, but they are quite alike, Bertucci explains.

When she was considering her career, it was a 50/50 shot of even thinking about IT. She started as an LPN but found she wasn't cut out for the emotional attachment to patients.

“I would literally cry coming home and work extra hours to check on people and it was a stressful nightmare at 18 years old.

From then, it was either a choice of medicine or technology.

“I jumped straight into the Security +, CCNA, and A+ courses at the local vocational school and never looked back. The Networking element kept me engaged and the security has always sparked an excitement within me. “

And the similarity between IT and health? Bertucci explains:

“The human body is a great network if you think about it.  From a security standpoint prescriptions to optimise or protect the body is interesting and at the same time, hard to stay on top of with mutated viruses and new bacteria that can be introduced.

The security skills shortage

As the security industry knows, there is a skills shortage across the globe. Training programmes and industry partnerships are bridging the gap, but ultimately it's down to the people to see security as an attractive career.

“I don't know how you could not be attracted to security! I feel like a lot of people think about security as a hindrance and need to understand it is actually a great way to have standardisation and growth within an organisation. It is constantly changing. My focus currently is on user education.

It's not just about technical skillsets, Bertucci explains.

“All kinds of personality types can work in security. We need outgoing people to help bridge the gap between departments and open conversations. Security needs people with different skill sets: people that love to read and find answers, like researchers. Developers are also needed to help create new ways to block threats and help protect data in every sector.

She believes that while not everyone is a people person, security needs a dose of charisma and personable interactions, particularly when driving security policies to all levels within organisations.

 “The main point is that it's not just a silo where you're sitting at your desk paranoid and never trusting anyone again. There are ample opportunities and areas within the security field that can really talk to people's inner passions and bring out some really great talent.

Women in security (and IT)

When it comes to women and men in IT, people are focusing too hard on trying to explain why women are excelling in IT, which has produced a number of myths, Bertucci explains.

“I've had conversations where some people try to tell me how creative women are and that they offer more ‘thinking out of the box' types of solutions. However, history shows men are just the same.

“We've been excelling for years in these areas but at low numbers and it has taken great women to be exceptional to even be allowed to work in some fields, but it has opened the door and broken the enticing glass ceilings.

“In reality I work in a company that is filled with women in many roles. Conferences are starting to blend more and that makes me very excited.

Women are at the top of their fields in malware and pentesting without a doubt, Bertucci says. While she can't speak for other women, she finds the industry fascinating.

“I love the sense of being in control and finding any issues and solving them. That is my passion. I'm the person that cannot leave puzzles unfinished and have the ability to stay up for hours to complete them once started. Security is ever changing and I think that is why my personality type works well within this field.  It's a constant dance and I'm no longer being led, I'm leading my partners around.

She believes there's nothing preventing women from entering IT – and the stigma is now going away, particularly with more encouragement to get girls into STEM programmes.

“There is a TON of maths and sciences in the medical fields that women are vastly within currently. I believe the options for IT are being seen as a level playing field so women are walking through those doors without wondering as they used to do.

“The enigma of what the ‘IT world' is, is now gone as technology is all around us and in our hands daily. Without thinking about it we are all in technology and feel comfortable with it.

Security is not just an IT issue any more – it's a business issue. As organisations start to understand that and invest in their technology users, the more they are protecting people from malicious intent.

So for those in IT, or those who know of people interested in the field, Bertucci has sage advice:

“JUMP in! There is a spot waiting for you in IT within every field. Security is fantastic if you like to troubleshoot and have an eye for detail for compliance. There are so many options to continue to build your skills and get into the field. I would definitely recommend doing certifications alongside any university IT degrees you do or want to do. The hands-on experience and testing will be great to have.