12th September 2019
“The cyber “geeks” are now being crowned cyber heroes, and I want to be a part of that movement”
Sophia McCall, pictured above third in from the left, is representing the UK in the European Cyber Security Challenge not just as a competitor, but as a captain for the team!
She got in touch to share an interview she had done with Cyber Security Challenge UK and she shared some inspiring words for females that are looking to work in what is currently a male dominated industry. So, without further delay, let’s see what she said.
First things first, tell us a bit about your story to date.
I currently study Cyber Security Management at university. My course is really varied, but mainly focuses on high-level security understanding such as risk management, governance and compliance, business continuity, etc. Everything technical I know, I’ve actually taught myself in my spare time!
I didn’t get into cyber security until about three years ago. Originally I wanted to be a programmer, but after studying software development for two years I decided that perhaps programming wasn’t for me. I knew I wanted to stay in tech, and that’s when my teacher at the time recommended cyber security. My first CTF (Capture the Flag) was about two years ago and I remember feeling pretty bad the entire day because I didn’t know how to solve anything – I could barely use Linux command line! After that, I spent months on end practicing in my own time and trying to learn technical concepts outside of lecture hours. At my first CSC competition a few months later, I qualified for both Masterclass and Team UK in one go… and the rest is history!
In my spare time I speak at conferences and panels, and I’m an ambassador for several school programmes where I speak to the younger generation about how to break into the industry and host workshops on fundamental hacking concepts. This will be my third year on Team UK at the ECSC, and I’m adamant that we will bring home the gold!
Did a particular person or event play a role in your decision to pursue a career in cyber security?
There hasn’t been a particular moment as such, but I’ve definitely met a few inspirational individuals along the way! One of the first talks I attended was delivered by Dr Jessica Barker: it was truly inspiring and definitely influenced my desire to pursue a career in cyber security. I also have my lecturers from South Devon College to thank for convincing me to pick a security degree. When I was in college, I was really unsure about what I wanted to do and which path to take, but my lecturers played a massive role in encouraging me to go to university to study security. (Thank you Gruffy, Peggy, Andy and Conrad, to name a few!)
What have you got in store to keep Team UK motivated and at the top of their game in the run up to the ECSC 2019 Finals?
I created a three month training plan to help prepare the team for the competition. In addition to this our wonderful training partners, NCC Group, as well as Immersive Labs, have provided us with invaluable resources for us to utilise – and a couple of training weekends too! I know we will be in a good place for the ECSC in October: our team skill set is incredibly varied and everyone is eager to engage with the training.
As this will be my third year competing in the competition, I’ve tried to tailor our training to focus on topics of interest from previous years. Since the Seniors from our team have all attended the competition before, I have also set up a Junior/Senior mentor system not only for technical support for the Juniors but also for all-round support to ease any worries that our younger team members may have about the competition.
We think you make a great role model for girls out there either considering taking up cyber security/STEM subjects, as well as those who haven’t even thought of it yet. What would your advice be to young girls considering cyber security?
There is a lot of stigma surrounding the security industry. There is still a societal impression of your stereotypical hacker, and this was definitely an issue for me before I joined the industry. As a woman in cyber, I think you have to challenge and break a lot of boundaries.It can sometimes feel quite isolating being the minority gender in a workplace, but I have been fortunate to work for NCC Group this year where that isolation has been mitigated and I feel comfortable and accepted.
I think my biggest piece of advice is probably just go for it! It’s a massive leap of faith, but I’m glad I chose cyber security. In a blog post, I once wrote: “So why would I want to jump into a world where information security professionals are being relied on more and more with every “The hackers are going to win!” news headline? I mean, that’s a lot of pressure. Well that’s because the cyber “geeks” are now being crowned cyber heroes, and I want to be a part of that movement.” I 100% still stick with that. Security professionals are being valued more and more everyday, and soon enough we will be the heroes of the future. As Acid Burn (Hackers 1995) once said… “Never send a boy to do a woman’s job”.
You’ve already built a strong personal brand for yourself online. How important do you think it is to create your own visibility in the cyber security industry?
This is definitely super important! The security industry is extremely connected (pardon the pun) – and creating a personal brand and networking is vital for a “newbie” to the industry.
If you could use your cyber security skills and experience to do anything, what would it be?
I’d love to be a CISO! I absolutely love being technical, but equally I really enjoy the more “business” side of cyber, such as policy development, risk management, etc. A big part of my personality is that I enjoy helping people; it’s one of the reasons I chose to go into security. I also really enjoy being challenged in the workplace and pushing my skills to the limits, so I think a CISO role would be ideal!
And what can we expect to see next from Sophia McCall?
Now that my placement year has ended, the bottom line is that I’m hoping for a successful career in cyber security! I’ve tried to work hard over the past few years to build a stable career in the subject I love, so it’s slightly daunting that in less than a year I’ll be ready for the big wide world!
It’ll be really weird going back to university as my routine will completely change – but completing a placement year has unlocked a drive to complete my studies to the highest standard I can. I’m hoping that in the next year I’ll also be more engaged with conferences and will definitely try to do more calls for papers, etc. By leading Team UK I also hope it will help with my personal brand and hone my leadership and team management skills – which will no doubt be great skills to have when I enter the industry professionally next year. I can’t wait for what the future will bring!
South Devon College and her team of computing lecturers are incredibly proud of the impact Sophia is making on the Cyber Security industry. We wish her the best of luck going forward and will be cheering her on as she goes for gold!