It’s no secret there’s a massive gender disparity in the field of cybersecurity—even after the efforts of the last decade to increase gender diversity, the cybersecurity workforce remains starkly male-dominated. One way to start chipping away at the issue is to gain a more complete understanding of how women and individuals from other underrepresented gender identities in the field got here, what barriers they’ve experienced, and the advice they have for career seekers from underrepresented groups. That’s why I interviewed Rachel Zabawa, a rising talent in cybersecurity here at F5.
Rachel began her cybersecurity career at F5 in sales and transitioned to product marketing, where she currently focuses on full-proxy network security designed to protect networks and data centers against incoming threats, as well as channel partnerships. Outside of work, you’re most likely to find Rachel spending time on creative endeavors such as reading, writing, illustrating, and painting.
Rachael: If someone asked me 10 years ago if I thought I’d be in cybersecurity today, I would’ve said no. For a while I was on a totally different career path. How’d you become interested in cybersecurity?
Rachel Z.: Like you and many other cybersecurity experts I know, I wasn’t actively trying to get into the cybersecurity field. My previous job was in the financial industry, which is greatly impacted by cyberattacks such as volumetric DDoS attacks, brute force attacks, phishing, smishing, and social engineering.
I was naturally drawn to the field because I was interested in how these types of attacks were being executed and how to defend against them.
So, when I switched jobs, I ended up switching my career overall from finance to cybersecurity. It seemed like a natural fit—I’m definitely someone who takes their own personal account security and privacy very seriously. And being part of the solutions that enable others to really take control of their security is fulfilling.
Rachael: The other day I was reading Take Back Control of Your Personal Data, and it reports some interesting stats from a survey on how comfortably equipped people feel in managing their privacy. For example, only 16% felt very in control of their personal data, while nearly 90% expressed concern over their data being shared with third parties. Does stuff like that keep you up at night?
Rachel Z.: I’m very anxious about a lack of governmental controls around personal security and privacy. The large policy gap means that apps are allowed to track and sell your personal data for profit, and they’re only required to do the bare minimum to keep your identity safe from cyberattacks. Regular and increasing reports of publicly disclosed data breaches and scaling attacks such as DDoS are a result of this policy gap.
Every organization is constantly battling advancing attacks like these, and part of my job is to keep the public informed of security solutions like F5 BIG-IP Advanced Firewall Manager (AFM). At F5, we adapt our solutions to advance with the evolving cybersecurity threat landscape, so people and companies can rest easy knowing their data is being protected.
Rachael: Tell me about your experience as a woman in cybersecurity. What’s it like to be part of an underrepresented gender group in the field?
Rachel Z.: Being a woman in any industry that has been, or continues to be, male-dominated is taxing. Common issues are easily identified on paper or in hindsight, but they’re immensely difficult to call out and course correct when experienced in small doses on a daily basis. One example is gatekeeping information. Particularly in specialized industries, people sometimes withhold information, especially from women who are new to the field. It’s like there’s an unspoken trial period for outsiders, where you have to prove yourself to others to get the necessary information to complete your work.
Another example is tone policing, where you risk being perceived negatively unless you end every sentence with a vocal uptick or harmless question and end every email with an emoji, so the actual content of what you’re saying is more palatable to those around you. I haven’t had this experience at F5, but I had many instances of this in my previous jobs.
There’s always a delicate balance between being taken seriously as a woman or member of another underrepresented group and not coming off in a way that society perceives as arrogant, rude, or angry. It adds significant anxiety and stress to daily tasks, while also potentially diminishing authority you have on a subject. Plus, it’s mentally taxing and burdensome to continuously explain and cite examples in order to justify your feelings on the subject.
Rachael: In one of my past careers someone told me I needed to smile more, so I’d come off warmer. I remember being caught really off guard. Smiling wasn’t impacting my performance, and the person didn’t even know me well. For a while that micro-interaction made me pretty insecure. How can organizations better deal with these issues?
Rachel Z.: I think F5 handles this really well, actually. Not only are there clear expectations for working together as a community, but F5 also hires a plethora of intelligent and talented people who are forward-thinking and take communication and inclusion seriously. I believe F5 is a role model in the tech industry in this matter. I feel respected and appreciated in my role by people on my immediate team and those I work with outside of it—even in simple everyday interactions. I can’t speak for all women or for everyone in an underrepresented group, but for me, moving to F5 gave me the opportunity to learn more about a field I was interested in. And I get to learn from experts and have my questions and quest for knowledge and self-betterment taken seriously in all facets of my job.
Rachael: How important is diversity to the cybersecurity industry?
Rachel Z.: Diversity is indisputably important. Without diversity, you lack the ability to understand another person’s lived experiences, and you miss out on their unique perspective and intelligence. Cybercriminals are continuously evolving. They don’t limit themselves to a specific culture, religion, gender, or other characteristic, so why would we?
By confining yourself to a narrow view, you risk repeating potentially inefficient procedures or processes that don’t evolve because you don’t have the benefit of different perspectives. Growing and maintaining diversity in the industry keeps people more open to new ideas and creative processes. And my personal experience is that when you have the opportunity to meet and participate in a discussion with a diverse group of people, you can gain a whole new perspective on something that you wouldn’t be able to reach on your own. So, the question really becomes, why limit your industry, or yourself, to being closed off and becoming stagnant when you have the chance to grow?
Rachel's book collection
Rachael: Cybercrime Magazine has a rolling list of cybercriminal arrests and convictions, and the diversity is eye opening. How can the community better support underrepresented genders—and other underrepresented groups—in cybersecurity?
Rachel Z.: I can only speak for myself here—there are so many nuances that each underrepresented group experiences. Coming from a place of privilege, I know that I need to do more research, educate myself, and own up to my own ignorance when it comes to biases or actions that affect a community that I’m not a member of. Ideally, the cybersecurity community can listen and acknowledge that there are so many underrepresented groups that are affected by things that others may be socially blind to. So, after gaining awareness and acknowledging the tribulations that are socially forced upon underrepresented groups, the community needs to step back and work with these groups, elevate their perspectives, and ensure their seats at the table are permanent and equally reinforced.
Rachael: I agree and especially think listening is a crucial element that you call out. What advice do you have for people thinking of entering cybersecurity whose gender group is underrepresented in tech fields?
Rachel Z.: Continually drive towards your goal and be your own advocate. I was adamant about finding a career that I liked and felt supported in. While I had to take on jobs to stay afloat that didn’t really fall into the career field I wanted, I was able to pivot the skills I learned in each role to be successful in my current career. But it takes time and rejection to actually get to the place you want to be. Perseverance is key.
Other Q&A in this Blog Series
A Journey to Gender Equity: Q&A with Navpreet Gill on Empowering Women in Cybersecurity
A Journey to Gender Equity: Q&A with Erin Verna on the Importance of Diversity in Cybersecurity
A Journey to Gender Equity: Q&A with Jenn Gile on Navigating a Successful Career in Cybersecurity
Dive Into Cybersecurity Awareness Month with a Candid Q&A on Gender Equity with Angel Grant
A Journey to Gender Equity: Q&A with Kara Sprague on Breaking Through as a Woman in Cybersecurity
Learn More
See how BIG-IP AFM protects against DDoS attacks
Check out the most recent F5 D&I report
Explore cybersecurity careers at F5
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...