Q&A with Microsoft Manager and author of a book that aims to boost diversity in cybersecurity – GeekWire

Posted on
Angela Marafino. (Ruben Perez Photo)

Reinventing cybersecurityis a new anthology written entirely by women and non-binary cybersecurity leaders that aims to educate, inspire, and help spark more diversity in the industry.

We recently met Angela Marafino, a client project manager at Microsoft who wrote a chapter called “A Little Less Yasss Queen, A Lot More Action!” on impostor syndrome for underrepresented groups in the tech industry.

Marafino, who works in security and compliance at Microsoft, signed copies of the book last month at the Seattle BSides conference, a cybersecurity community that organized more than 725 events around the world.

Marafino also hosts cybersecurity podcasts such as “The hacker book club” and “Focal Point Podcast.”

The interview has been edited for brevity and clarity.

GeekWire: Thanks for talking with us, Angela. How did you get into cybersecurity industry?

Angela Marafino: After I had already finished my first bachelor’s degree, I was going to study law, then I decided that what I really wanted was a career in technology. I spent some time trying to figure out which area of ​​technology to explore and determined that cybersecurity was the best path for me based on what I had read about it and the characteristics of those who excel in it. domain. I did a six-month cybersecurity bootcamp, which was an amazing experience.

Could you tell us more about the principle of “Reinventing cybersecurity”?

The concept behind Reinventing Cybersecurity was to tell “stories of rebellion and revolution,” of times when we (underrepresented people) had to fight for an unpopular opinion or to inspire waves of organizational change. We often had to champion good ideas even when they didn’t fit “popular” opinion or adapt along the way to operate under entirely new conditions. The frequency with which we all have to do these things lends itself to a plethora of valuable experiences to share.

Talk about the reference behind your chapter title in the book.

I’ve had a headline – ‘Don’t call me by your name and I won’t call you by mine’ – for a very long time because so often when someone hears someone else say, ” I have impostor syndrome,” that person says “oh, me too,” and so does everyone else. It reaffirms the concept or sentiment, rather than providing actionable information on how to move on. ‘before.

But at the very end of the editing process, I was adding all the paragraph headings and there was a part about people just saying “oh, yeah, me too. Yeah girl. Yes. Yeah.” It reminded me of the show “Broad City,” which has aired for the past few years and that’s where the phrase “Yass Queen” comes from.

But we don’t need to do that. We have to say “oh, tell me more about this and try to figure out what needs to happen and who needs to take action to help you succeed”.

What Should Be Done to Engage Women and Non-Binary Leaders in Cybersecurity?

The interest of being in this industry is there. We just have to keep amplifying the fact that there are non-binary people in tech, there are trans people in tech, there are women, and that’s what we’re doing in our careers so that they can see themselves in the positions we have. Representation matters.

What are the cybersecurity industry’s top issues related to diversity, especially for women and non-binaries?

We’ve constantly had to reinvent ourselves and how we’re perceived in this male-dominated white industry. This means having to fight frequently for a place at the table, to be heard and to have the same well-deserved opportunities as our male counterparts.

In your experience, what needs to be done to help improve diversity?

Fewer “culturally appropriate” conversations. This tends to reinforce similarity bias and a chain reaction of only hiring friends, or friends of friends, which does not lend itself to hiring a variety of qualified candidates from diverse backgrounds. . It’s best to think of this as a “culture-add” rather than a “culture-appropriate” perspective, and then support those you hire to take advantage of the opportunity to create a more diverse team. Another important element is having a more diverse group of people to participate in interviews and the hiring process as a whole.

What advice would you give to women and non-binary professionals trying to enter and progress in the industry?

Don’t be discouraged and don’t let anyone tell you there is nothing you can do. If you have a goal, surround yourself with peers and mentors who will lift you up and help you get there. It’s not an easy path, but it’s very rewarding, and we need your unique insights into your past experiences to do our best, together.

What books do you recommend for anyone entering the industry??

A book is “The Pentest plan.” The majority of people who want to break into cybersecurity want to hack things based on what they see in movies and online. This is the “cool role” in cybersecurity, and the Pentester Blueprint directly provides resources and guidance for achieving an offensive or red team-focused role. And then there’s a series called “hacker tribe.” There are four books in this series, but the first is just “Tribe of Hackers”, which is cybersecurity professionals in general, with a variety of backgrounds and in various roles. It would be a great starting point.

Leave a Reply

Your email address will not be published.