Zoë Rose’s Journey To Cybersecurity While Fighting Self-Doubt
Zoë Rose is a UK-based hands-on cybersecurity specialist. Zoë has developed extensive experience in designing and executing cybersecurity improvement programs and specializes in cyber threats awareness. Zoë is a Cisco Champion and a certified Splunk Architect. She often speaks at conferences, is quoted in the media and has been featured in Vogue. It appears that Zoë has it all figured out, but what was her journey like?
"I aspired to be an interior designer but was intimidated by a very pushy and rude colleague. Then, I followed my passion for plants and switched over to botany. Unfortunately, I found out I was allergic," starts her story.
Different work experiences led Zoë to discover she enjoyed investigating computer issues while working at an accounting firm, Lazer Grant LLP. "I preferred network devices and architecture because they worked as you configured them to, and they were much simpler to understand than people! So, I began my career as an IT Manager and System Administrator," says Rose.
Fast forward ten years, Zoë still works with networks, but now her focus is on people. "I love technology. I study people to help create user-focused solutions that are not only intuitive but also built with security and privacy by design," explains Zoë.
To describe what she does for a living and what cybersecurity is for those you aren't familiar with the industry, Zoë uses several analogies.
Translator: I translate the technical language into the business language and vice versa.
Investigator: I research people, solutions, and companies online, and provide context.
Privacy advocate: I provide solutions that protect those who can't defend themselves and work hard to make that the by default.
Hacker: I look at things not for what they're meant to do, but for what I can make them do. "Sometimes people ask if I'm like Mr. Robot - which I hope suggests they think I'm cool," laughs Zoë.
"If I was getting into cybersecurity now, I would focus on one thing - such as my Network Architecture interests. I would stop trying to do everything. I would join meetups in my city and reach out to mentors. However, if I am sincere if I could do everything over, I'm not sure I'd have gone into technology. Right now, my passions lie in human behaviors, the brain, and psychology," says Zoë.
How do you make cybersecurity more appealing?
"I use gamification principles. I often work to reintroduce and enforce the positive side of cybersecurity. My goal is to bring security and privacy by design, not just to the developers and solution architects, but also to the consumers using the products. I encourage people to question the value of privacy and make sure they understand their rights. To achieve this goal, I study human behavior, motivations, and what makes us behave the way that we do. By understanding people, I can embed security without adding stress and unusable solutions. I believe it helps to make security better for everyone," says Zoë.
Most significant learning in the last ten years
"When I started my career, I assumed I wasn't smart enough to succeed. The sense of worthlessness still follows me around today, but I actively remind myself of my achievements. My goal is to be the person I needed to be ten years ago. Ten years ago, I was very vulnerable and suffering in a domestic abuse relationship. I was not security or privacy-focused, and I truly believed women, especially me, weren't going to be good enough to run things. I was terrified of the world and everyone in it. The biggest thing I learned in the last ten years, was first, women are bloody brilliant and second, I'm not that useless. Today I am the person I wanted to be when I was a kid, strong and independent, surrounded by adorable ferrets and a loving community. I also realized, to get others to care about security, you need to bring the risk closer to home. Teach them things they want to learn, things that help them in their daily lives - how to protect family, friends, and children," says Zoë.
A typical day at work
"A typical day starts with ferrets and ends with ferrets. Apart from that, one day, I investigate the latest breach report or support the board about their cybersecurity responsibilities. The other day, I might create an action plan for the organization on how to improve their consumers' protection. My goal is to create a world where security incidents don't destroy someone's life. A life where breaches don't make people lose everything, including their hope," says Zoë.
Zoë's security tips for your daily life
Make a conscious decision of your information and accounts available online. Reduce the information that isn't needed to be public, and remove accounts you don't use.
Take back control and enable multi-factor authentication (MFA) wherever possible. If SMS is the only form of MFA, set it up. It might not be the best solution, but it's still an added layer. When an organization is breached, and passwords are lost, attackers still need to get that second piece of authentication, and it can help protect your accounts.
Keep things up to date. It may not seem exciting to talk about installing updates. However, companies release updates because of identified issues. Updating software will help protect your systems and even provide access to the latest features - which is exciting!