Work It ‘til You Make It – Part 1

February 11, 2019, Beck Larson, Director, CoalfireOne Scanning Services Team

(Blog One of a Multi-part Series)

I was recently asked to be a speaker on my first “Women in Cybersecurity” panel. I accepted, despite my admitted fear of speaking in public, on a stage, dishing honesty to be judged by strangers. But, I did it because I know that it’ll make me a better speaker and a better leader – the more practice, the easier it’ll get, right? I also accepted the invitation on the condition that we talk about real issues for women in cybersecurity and cut the fluff with the stereotypical female sidebars of “use your soft-skills to advance,” and “always make sure you’re the level-headed one in the room.” Ok, so those aren’t word-for-word the result of the typical all-female panel of women in cybersecurity, but it’s pretty par for the course. The worst thing about these adages and this approach to coaching women in cybersecurity is that they don’t speak to all women (they certainly don’t speak to me), and at the same time, they dilute the very thing women need to maintain in order to compete with their peers: being seen as competent equals.

We were sharing our collective experience, answering somewhat scripted questions by providing real and raw personal-experience feedback, until a panel member said one of the most personally irritating and trite phrases being floated around today, in response to a question around impostor syndrome: “fake it ‘til you make it.” I let out a super huge sigh. Here we go again, barreling down the stereotypical path of an all-female panel, indirectly validating and encouraging impostor syndrome and downplaying the impact that a supposed benign phrase can have.

I’m just going to state it plainly: I loathe that phrase, “fake it ‘til you make it.”

Let’s define the phrase/idea around “fake it.” The term “fake” in and of itself means that something is not genuine – it’s counterfeit; a forgery or a sham; inadequate. And inadequacy is rooted in impostor syndrome. Women, in my experience, can lose sight of what’s important (working hard, overcoming adversity, and developing genuine expertise) because they get sidetracked by attempting to obtain credibility and permission to be in cybersecurity in the first place. When you think about what this phrase means, and what that adjective implies to the phrase at hand, do you really want “fake” defining your efforts at honing your craft? I don’t think anyone can honestly answer “yes.” You don’t want to build a house on a false foundation.

As for me – I like knowing how things work. I’m curious about the smallest of details and wonder constantly about how everything fits together and flows, considering impact and weighing outcome. Admittedly, this is sometimes not a strength, as I get stuck in my head and at times find it difficult to get out. I’m also intrigued by science, math, technology, and am somewhat driven by innocently devious thought, i.e., if I remove or alter this element there, does this break the sequence down here? Cybersecurity is a natural fit for how I want to spend my time in my working life. So, if you’re faking something, you likely don’t want to be doing it in the first place. If you’re faking something, you’re in a position that’s subpar to your ideal, and you’re attempting to assume drive or normalcy because of outside pressures that do not align with what you want to be doing. If you’re faking something, everyone observing your fakery can see right through your attempt to blend in. The bottom line on faking it is that it never works – both the faker and the observer are acutely aware of the farce at play, and yet both parties are too polite or too pressured to admit to the sleight of hand. So first – and again, regardless of gender, you really need to ask yourself – are you in a position that rings true to what you want to be doing? Are you going after something that calls you? Are you running toward your muse, and not away from something else? If not, then please find that calling and pursue it – not only for you but for everyone around you. The very last thing that women in cybersecurity need is a woman who is miserable in her position and is there for all the wrong reasons.

So, since it’s such a popular colloquialism, in an effort to keep us all honest, let’s change “fake it ‘til you make it” to “work it ‘til you make it.” Keep doing it, whatever it is, repeatedly, making mistakes along the way, while learning from each slip-up, until you achieve what it is that you’re trying to do. If you don’t make the same mistake twice, and you’re keeping yourself honest in your attempts, then you’re moving forward and gaining grit along the way. Keep doing it until you hone your craft to the point where you can talk about it in your sleep. Keep doing it until you reach genuine artistry level; keep doing it until the people around you notice and ask for pointers. Then, keep doing it so you can reach behind you and help the next one who’s struggling to find their foothold, regardless if that person is female or male, because in achieving success, gender doesn’t matter. And accept the fact that even when you think you’ve reached mastery of something (even then, and sometimes especially then) know you can still make a mistake. The bottom line is: hold yourself accountable, keep doing it, and never, ever fake it.

In support of the necessary work going forward, the world absolutely needs cyber professionals of all types, especially now. I wonder how many people will take a moment to look around and appreciate the view once they’ve honed their craft and feel good about the amount of success they’ve achieved? What can we do as a community of like-minded individuals to perpetuate the upward momentum, so we can all rise and enjoy the view together?

Coming up in part 2 of this series, reflections on how to best support ourselves and each other.

About RISE:

Coalfire’s association of women in cybersecurity and leadership is called RISE (which stands for Recruit, Influence, Support, and Educate). RISE was developed in the fall of 2016. At RISE, we endeavor to buoy you no matter where you are in your career to provide a place to get to know others who care about your success to help you grow and learn. All of us have a story. These stories are laced with the various reasons we are in this field and ways in which we have been supported or discouraged in this career. Are you willing to share your own story? We invite you to speak to our team of extraordinary women and men. We’d love to hear from you – please contact Anne.Bayerkohler@Coalfire.com.

Beck Larson

Author

Beck Larson — Director, CoalfireOne Scanning Services Team

Recent Posts

Post Topics

Archives

Tags

2.0 3.0 access Accounting Agency AICPA Assessment assessments ASV audit AWS AWS Certified Cloud Practitioner AWS Certs AWS Summit bitcoin Black Hat Black Hat 2017 blockchain Blueborne Breach BSides BSidesLV Burp BYOD California Consumer Privacy Act careers CCPA Chertoff cloud CoalfireOne Compliance credit cards C-Store Cyber cyber attacks Cyber Engineering cyber incident Cyber Risk cyber threats cyberchrime cyberinsurance cybersecurity danger Dangers Data DDoS DevOps DFARS DFARS 7012 diacap diarmf Digital Forensics DoD DRG DSS e-banking Ed Education encryption engineering ePHI Equifax Europe EU-US Privacy Shield federal FedRAMP financial services FISMA Foglight forensics Gartner Report GDPR Google Cloud NEXT '18 government GRC hack hacker hacking Halloween Health Healthcare heartbleed Higher Higher Education HIMSS HIPAA HITECH HITRUST HITRUST CSF Horror Incident Response interview IoT ISO IT JAB JSON keylogging Kubernetes Vulnerability labs LAN law firms leadership legal legislation merchant mobile NESA News NH-ISAC NIST NIST 800-171 NIST SP 800-171 NotPetya NRF NYCCR O365 OCR of P2PE PA DSS PA-DSS password passwords Payments PCI PCI DSS penetration Penetration Testing pentesting Petya/NotPetya PHI Phishing Phising policy POODLE PowerShell Presidential Executive Order Privacy program Ransomware Retail Risk RSA RSA 2019 Safe Harbor Scanning Scans scary security security. SOC SOC 2 social social engineering Spectre Splunk Spooky Spraying Attack SSAE State Stories Story test Testing theft Virtualization Visa vulnerability Vulnerability management web Wifi wireless women XSS
Top