Name: Kim Crawley
Job Title: Cybersecurity writer/researcher
Company: AT&T Cybersecurity, Valid Network, Startpage
Location: Toronto, Canada
Tell us an interesting or fun fact about you.
I was born on Friday the 13th.
What drew you towards a career in cyber security?
Computers fascinate me. And I have an instinct for considering what could go wrong.
What do you enjoy most about what you do in the industry?
I get to work completely in the realm of ideas while watching practitioners do the hard stuff. I really enjoy constantly learning and sharing information.
What things are the most challenging in your role?
Juggling working for multiple companies at once.
Have you come up against any challenges or roadblocks and if so, what were they and how did you overcome them?
Yes, I dropped you of school when I was 16. I overcame the challenge of lacking credentials by sharing my research on the internet. It took years for me to get where I am today.
What have been your career defining moments?
Being included in the first Tribe of Hackers book by Marcus Carey and Jennifer Jin. The publication of The Pentester Blueprint, my collaboration with Phillip Wylie, last year.
What changes have you seen in the cyber security industry in the time that you have been in it?
People’s jobs are a lot less stable. And I got to watch the rise of modular malware. First targeting Android phones, then targeting other platforms, such as Windows.
What trends or changes do you think we will see in cyber security in the next 10 years?
Quantum computing will start to be deployed, and it’ll render all binary cryptography pointless. All cryptographic implementations will have to be quantum-proof.
How much job demand have you seen for cyber security professionals, and what things to you think will shape this demand in the coming years?
The growth of IoT will drive a greater need for cybersecurity professionals. But we won’t necessarily be hired, because some people in our industry push a dangerous cybersecurity skills gap myth.
Has the coronavirus pandemic impacted on your career, and if so in what ways?
Not much! I’ve always worked from home. But many companies have reduced their marketing budgets. So my career has transitioned more into writing books.
What soft skills do you think are important for women in cyber security to have?
Spotting professional networking opportunities, offline and online.
Why do you think more women should consider a career in cyber security?
Because people of all genders use computers. We need gender diversity in our industry so more kinds of cyber threats are prioritized.
How does someone from another industry make the move into cyber security?
It depends on which area of cybersecurity. In The Pentester Blueprint, we recommend that aspring pentesters join bug bounty programs and enter CTF competitions.
What advice would you give to a women looking to make the move into cyber security?
Find other women to mentor you.
In your perspective what are the biggest cyber security threats to companies presently?
Social engineering. Most cyber attacks start by fooling a human being.
Do you think it is important to close the gender gap in cyber security and if so, how do you think this could be done?
Yes. Companies need to be more understanding and permissive when workers need time off for health reasons or to be parents. That would help a lot in getting more gender diversity and disabled people into our industry.
While the situation in the cyber security industry has marginally improved in recent years, it is still a very male dominated world. What are your thoughts on this, and have you seen an improvement yourself?
I think things are improving, but very slowly. I’m just going by anecdotes of following women and nonbinary people in infosec on Twitter.
Finally, is there anything else you would like to share with our readers?
Lisa Ventura works very hard to improve our industry, so I’m honoured to be included in this book.
“The Rise of the Cyber Women: Volume 2” is available now via the links below: