My name is Anna Chung and I am a Principal Researcher at Unit 42, the global threat intelligence team at Palo Alto Networks.
In celebration of International Women’s Day, I wanted to share my experiences as a woman working within cyber-security; and my advice for others who are looking to get involved within the technology and cyber-industries.
My role on the Unit 42 team is to understand the cyber-threat landscape and provide intelligence assessments to help customers prioritise their actions, time and resources.
I typically spend my day researching new malicious tools, tactics and procedures discovered by the global security community. I use both internal and external tools to monitor cyber-threats, and then transform the raw materials into actionable threat intelligence. The final research results are delivered through the Palo Alto Networks Unit 42 blog, and feed into our products, as well as community sharing programmes.
My advice for women looking to start a career in cyber-security is don’t be put off by the scientific image sometimes presented.
When many people hear the term cyber-security they think it is about mathematics, coding and engineering. This can create for some an assumption that there’s a high barrier to entry.
I have a confession. My mathematics was terrible in high school and in the national entrance exam I received a score of 50 out of 100, leaving me feeling inadequate. However, I still found a career path in the information security industry.
So how did I get here?
Cyber-security is such a young industry and full of potential that it doesn’t just need people who are into maths, engineering and coding; the job demands a much more robust and diverse skill set. Some key skills sets and areas of interest include threat actor profiling, underground economics, reverse engineering, incident response, digital forensic, statistics, malware analysis, artificial intelligence, data mining, privacy and legal framework and cyber-behaviour analysis.
If you are interested in any of the subjects above, I will recommend taking online training or attending local industry meetups to learn more about cyber-security. You might gain not just a job offer, but an opportunity to redefine the future of this career path for someone else.
My own route into cyber-security started with my background in international affairs and the parallels between international cooperation for peace and prosperity; and for understanding and preventing cyber-attacks through research and communication.
I see a career in cyber-security as developing an appreciation of a niche combination of technical abuse and malicious human behaviours. This demands a very wide range of skills and knowledge. Beyond marrying those two practices, it’s about learning to harness these skills for good purposes.
As a result, my cyber-security career spans both fraud in financial technology fields and network security. While there are a lot of similarities, overall, they are fundamentally different and the solutions and strategies are quite diverse.
When I mentor women who want to enter this industry or further their cyber-security career, I utilise these experiences, insights, and professional networks to help them best navigate where they are in their career progression and what they need to do next to realise their dreams, goals and to reach their desired next step.
Knowing that, I see one of the main coaching goals as encouraging young women to respect all elements in the industry to better understand their own strengths and limitations, because we all have our own unique attributes as individuals.