Editor’s note: Women of color were noticeably absent from most of the top women in cyber and top security bloggers lists in 2016. I applaud the work of those who were celebrated because the recognition is certainly well-deserved.
However, I want to expose students in my demographic to women who look like them. They need to know that we are out here ready to help them navigate the complexities of this field.
I also want to create our own “Top Lists” to celebrate our accomplishments just in case future lists exclude us, inadvertently or otherwise.
We are not waiting any longer to be chosen. We are choosing ourselves as of February 2017 because gender diversity is not enough.
Meet Danyetta Fleming Magana, CEO of Covenent Security Solutions, the first feature of our #WeCyberToo Talent Spotlight.
What inspired (or forced) you to get into cybersecurity?
I got into cybersecurity via serendipity. I graduated from University of Illinois Urbana Champaign engineering program and was offered a full time job as a civilian for the US Army at their Communications and Electronics Command (CECOM). Once I was there, management decided that my role would be to assist in the “security accreditation” of systems or what we now term as cybersecurity. I was given a box of multi colored books and several great mentors who helped me basically learn “on the job” about information security.
What is the most difficult challenge you have faced as a woman in a male dominated field?
The most difficult challenge I’ve faced is similar to the movie Hidden Figures, people tend not to want to listen to what you have to say the first time around. A lot of time, this is due to their own limited perceptions of women and especially women of color. I had my fair share of having people walk out of meetings or go behind my back to validate if what I stated was true or could be acted upon.
How did you overcome said challenge?
I never focused on the barrier; I just kept doing what I had to do to get us to complete our mission. Over time, your reputation speaks for itself. People tend to realize that after checking behind you on 20 occasions that maybe you know what you are doing and have something to contribute. I always kept focus on my goal to do what was needed to provide the best cybersecurity advice possible and keep people thinking of better ways to secure our missions. Often the perceptions faded on their own over time.
What advice would you give someone looking to enter the information security field?
My advice is to only go into this field if you enjoy learning and can be humble enough to know you most likely will never know everything. In my early days when we talked securing a network, we had computers with towers sitting on the floor under your desk and cell phone texting without emojis 🙂
Fast forward 20 years later and we have cell phones that rival the computing power of one of our desktops and we are trying to figure out the role of Artificial Intelligence. This is to point out that technology moves fast and so does our field of cybersecurity. The best cyber people I know stay humble and are always willing to learn. The true expert is the one that embraces the speed of what is changing in our world.
What formal education, skillsets, and/certifications do you recommend that people start with to stand out among other candidates in the cyber security field?
I would suggest obtaining a technical degree, whether computer science or engineering, as the top degrees. However, this is not the only path toward a successful career in cybersecurity.
In terms of certifications these following are the ones I see most strongly recruited and hired with a premium:
- Security + for entry level cybersecurity candidates
- CISSP (Certified Information Systems Security Professionals)
- CISA (Certified Information Security Auditors)
- CEH (Certified Ethical Hackers)
I did want to note that this is what is happening right now, but always keep in mind the industry is changing. I am finding more demand in Healthcare and Legal as well. So obtaining a degree in Health Information Technology then obtaining a certification or specialization in cyber is beneficial. Hospitals were the top target in 2016 and that will continue as we march ahead in 2017. This trend is extended to legal firms as well.
Obtaining a law degree with a minor in Technology is also in strong demand as breaches rise and law firms need that blended skill set to handle this expanding area of litigation.
Can you provide a high-level overview (5 bullet points) of your career path if someone wanted to pursue a similar route?
- Invest in your education. Make a choice to invest in a degree that affords you the opportunity to set a strong foundation for varied opportunities to be opened to you.
- Deliberately create a path for doing what you love and what the world needs. I too often see young people following one or the other. If no one needs what you love, then you cannot provide value or get paid. Also vice versa: if you do what the world needs and you are miserable, your wasted joy has a high price. Be deliberate and willing to take risks to find that intersection.
- Keep Learning. I can’t say once I found cybersecurity that this has been easy. There have been a lot of success but just as many disappointments. It takes work to spend your weekend learning about how the latest Mobile OS or what malware is now impacting my clients. This is work and it is not a mind meld activity. So it may mean missing a party or a fun weekend because you are online researching or reading new books to keep your skills fresh.
- Stay focused. Cybersecurity is a bit of a party – you can do so many things but you typically become good at one or two areas. Some really sharp people are good in several areas, but find a niche and focus your time there if possible.
- Have fun and joy. In the end I do this because it excites me personally. It is not a task to read articles on the latest malware or current cyber legislation. I enjoy doing it. I may not always want to, but I enjoy helping my clients figure out the best way to protect their livelihood and their companies. Any success requires investment. The investment only comes when it is something you enjoy doing instead of feeling compelled to do so just to get a big paycheck.
Why did you become a CISSP?
I have been a CISSP since March of 2002. I initially pursued this to provide for myself the additional validation and credentials necessary to advance in my chosen field. It provides an instant way for people that deal with me and my company to see that we have taken the time to study our craft and keep studying our craft to provide them with the best advice on cybersecurity.
What advice would you give someone looking to study for the CISSP exam?
I received my CISSP over a decade ago, so not sure on study tips 😉 However in an attempt to track what I’ve seen in successful candidates, I can offer the below: Allow plenty of time to study on average I’ve heard 2 to 3 months or study time. In addition investing in a boot camp for training is helpful as well.
What project(s) are you most proud of?
There are actually two projects I am most proud of for my company:
- Our support with a large scale defense program for over a decade that supported our troops worldwide in providing cybersecurity support. We have supported this program across multiple countries from Germany to South Korea and provided a holistic support that spanned their needs from security auditing, to development of security policy, security testing to secure design of networks and architectures, to include security operations support alongside our brave men and women. It shows the dedication of our team to meet cybersecurity anywhere globally and consistently.
- The second project is a summer program we did with the DC Boys and Girls Club as part of a STEAM grant from the city. We did training for the DC Boys and Girls club students ages 10 to 12 years old. We introduced them to cybersecurity through hands on activities, computer labs and instruction. This was a wonderful chance to engage students who traditionally don’t get exposed to cybersecurity. It was a great opportunity for them to learn, have fun and get introduced to a potential career opportunity in need of their energy and talent.
Thank you so much for taking the time to share your wisdom! How do you want readers to contact you?
Twitter: @fleming_magana
LinkedIn: https://www.linkedin.com/in/covsec4u
Email: [email protected]
Website: www.covenantsec.com
Danyetta Fleming Magana founded Covenant Security Solutions in 2003. Her goal is to stretch the envelope for how we thing about our information and find new and innovative ways to secure our way of life in digital form. Mrs. Magana is a Certified Information Systems Security Professional (CISSP) a global recognized certification in the information security arena. She has been published in the Defense Information Systems Agency IA Newsletter and interviewed as a expert on Federal News Radio’s “Mark Amtower Show.” In 2001, Mrs. Magana received the Black Engineer of the Year Award for the “Most Promising Engineer in Government.” She is a board member on the Armed Forces Communications and Electronics Association (AFCEA), International Technology Committee and the Howard University Information System Board. In addition, Mrs. Magana was recipient of the Army’s Achievement Medal for Civilian Service. Also her company was recognized by Diversity Business for 2014, 2012 and 2011 as one of the “Top 500 African American Owned Business’ in the US”.
Mrs. Magana is a graduate of the University of Illinois Urbana Champaign with a B.S. in Engineering.