When it comes to women leaders in cybersecurity, Guncha Malik, currently serving as the Compliance Leader at IBM, stands out. Having started her career as an IT professional over 20 years ago, Guncha didn’t receive much encouragement from her peers when she decided to transition into Cybersecurity. Back then, women in cybersecurity were not mainstream, but today things have changed. More and more women working in IT are breaking norms and making cybersecurity their career choice.
We spoke with Guncha Malik as a part of our Women’s Day special coverage. She talked extensively about her journey and suitable career paths for aspiring female cybersecurity experts. Here are the highlights:
Q. Why do you believe there are so few women in the cybersecurity industry, specifically the Vulnerability Assessment and Penetration Testing domain?
Like any technical field, vulnerability assessment and penetration testing require dedicated time to harness the skill. This domain progresses after short periods because of newly emerging technologies and threats. Professionals should continue building on their knowledge to grow their expertise. Understanding the exploits and practicing to run those payloads requires undivided focus. Women in IT take multiple responsibilities on the home front along with their work. They might find it challenging to keep up their skills at pace with their peers. That, in my opinion, would be the main reason why we see fewer women in VAPT departments. But if women working in IT are technically sound and get all the necessary support from their family to learn and grow in this field, I am sure they can perform as well as, or even better than, men.
Q. How did you build your confidence as a woman in cybersecurity?
When I transitioned into the cybersecurity domain, it was not perceived as a mainstream career path when it comes to software development. But, being a woman, helped me continue on this path. One of the traits of being a woman is that we are always driven by a cause, and this very trait helped me pursue my interests and gain expertise in the cybersecurity domain. I picked up knowledge and skills faster and started using this expertise as a part of security practices in the development cycles.
Of course, it has not been an easy path. When you try to change the norms, there will a few who support you and many who don’t. My tip is — don’t be demotivated by the handful who are vocal to criticize you; be motivated by those who stand by your side and support your work.
Q. What excited you the most about VAPT, and why should other women in IT also consider careers in VAPT?
Cybersecurity is a vast domain, and I am still learning new technologies and practices. Every new learning opportunity excites me and pushes me further towards my goal! When I started in this domain, I tried to get a few important security practices implemented in the development cycles. I slowly realized there was so much more to VAPT than I had initially known about. Within a year, I was already signing up for the CEH course, which only increased my thirst to know more and take on more challenges. I went on to take the ECSA credential and started performing these tests myself.
Q. Can you recommend any certifications or courses necessary to be successful in the IT security field?
Depending on the area of expertise, there are various certifications available. For a basic introduction, CEH is a good start. However, if you wish to gain expertise in the ethical hacking stream, ECSA and LPT are highly recommended. These certifications help aspiring candidates in cybersecurity easily showcase their expertise to hiring companies. One should always look out for further learning opportunities as it will help in the professional growth.
Q. What would you like to tell the women professionals and students who wish to learn cybersecurity but hesitate as it is considered a male-dominated sector?
My suggestion would be: Don’t let male dominance deter you from choosing what you like to do. If you do find it interesting, take the first step, and things will follow. It is often the first step that is the most difficult. There is no reason for only male colleagues to perform well in this field as compared to their female counterparts.
Guncha Malik is one of the many cybersecurity professionals who have cleared the path for more women in cybersecurity to help make it an all-inclusive sector. For more information, feel free to check out Certified Network Defender, Certified Ethical Hacker and Certified Penetration Testing Professional on EC-Council.