The cyber security industry has made progress with gender diversity in the past few years, but there is still a long way to go. But there have been few women leaders who are leading by example and encouraging other women to be a part of this fascinating industry.
Keeping the spotlight intact on such inspiring leaders from the cyber security industry, we at CIO Look set out on an endeavor to find the Most Eminent Women Leaders in Security. On that journey, we crossed paths with Tanya Janca, the author of ‘Alice and Bob Learn Application Security’ and the Founder and CEO of We Hack Purple.
Tanya brings her 20 years of experience of coding and IT to the table. She has won countless awards and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). Alongside, she is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. With leaders like Tanya, the future of cyber security for women looks promising.
Let’s find out more about Tanya and how she is contributing to the cyber security industry through We Hack Purple.
Below are the highlights of the interview:
Give us a brief overview of your position at We Hack Purple Academy, and your journey since inception.
I am the founder of We Hack Purple. When I started this organization, I knew that I wanted to share knowledge with as many people as possible to move our industry towards a more secure future. We started as a subscription model, where I would produce regular amounts of content for our subscribers. Eventually, we realized that if I spent more time creating in-depth courses, rather than creating small amounts of content on a more regular basis, it would create more value for our customers and industry, so we stopped the subscription model. Throughout this time, I moved from being only a content creator to performing sales, learning about marketing, and especially about leadership, blossoming into the CEO I am today.
As a business leader, what is your thought on the changes in the Information Technology & Services and Coaching industry after the pandemic?
Information technology services and their uses have changed drastically during the pandemic. I believe that more people, than ever before, are now online and expecting the services they depend on to follow them there. Unfortunately, cybercriminals have also followed this trend, stepping up their game and taking advantage of people who are scared about the pandemic and playing on their emotions to make phishing attacks even more devastating. I feel that companies are taking security more seriously than before, but not seriously enough for me! We need to make products that are safe and secure for our users, and I believe it is our duty to protect our customers and their data.
What is your thought on the necessity of a positive work culture? In what ways do you implement it at your organization?
I believe that people work for money, but they excel for their boss and/or leadership team. I have had amazing managers, mediocre ones, and awful bosses whom I wish that I had never met. At We Hack Purple, we have a list of values that we always follow, and this has really helped all of us create a more positive work culture. We also have 360 reviews with all managers and employees, to ensure we hear everyone’s side of things. I try to ensure that everyone has their needs heard, and if possible, met. I also ask employees to tell me when there are problems because sometimes it just doesn’t come up in any of these other situations, and I believe that my team is my most important resource. At WHP, our people are more valuable than any physical or digital asset, so we treat them that way.
What is your opinion on the advancements of Higher Education to improve the offerings with newer technological developments, especially when it comes to building secured companies?
I have a lot of negative feelings about universities and colleges and their slow change in regard to technology, especially cyber security. I have had many of them reach out and ask me to work for (approximately) minimum wage in order to make them thousands and thousands of dollars. They want cyber security professionals to create curriculum and teach it, for ‘adjunct professor’ rates, which is very, very low pay. Think “Walmart greeter” pay. Because I’m not a PhD, and I’m not part of their academic pyramid scheme, I’m not considered a ‘real’ professor (despite the fact that I have extensive industry experience, have written a book, and have founded my own Academy). The result of this academic system is that all of us with relevant and up-to-date skills can make significantly more (exponentially more) by working within our field, rather than academia. I believe that current academic systems that I have seen within North America are currently failing their students.
If a trades college were graduating students that did not know how to do their jobs safely and securely, and buildings were burning down, or bridges were falling down around the world, that would not be acceptable. But right now, universities and colleges worldwide are releasing software developers that are creating incredibly insecure applications, because they don’t want to pay people to teach their courses unless they are part of their academic system. I believe the system is completely broken.
Which is the best way to meet today’s and tomorrow’s challenges with your company’s exceptional application and services for urgent needs coming our way?
Investing in your staff, and upgrading your technologist skills, is an excellent investment for today and tomorrow. If you have a team of software developers that you are not keeping up-to-date on security trends and teaching them how to ensure the software they are creating is secure, you will be behind your competition.
In what ways do you or your company contributed to the community? If given a chance, what change would you bring in creating a “Community of Secured online learning?
We Hack Purple contributes to the community in many ways. Not only have we created a free online community (community.wehackpurple.com), we also provide free content to the public, a diversity scholarship, and I am the founder of #cyberMentoringMonday (an informal mentor/mentee matching community effort that runs every Monday).
How do you envision sustaining your company’s competency in a cutthroat and volatile world of Security? Where do you see yourself and the company in the next five years?
We Hack Purple is planning to ensure we concentrate on teaching skills that are practical. Many security training companies focus on the glamorous, or obscure, or more “interesting”. We focus on making you completely awesome at your job, or the job you hope to have someday. We want to focus on real life examples, how to set direction, how to solve problems. We want to create students who you can hire directly into a job and know they will excel. Job-ready grads is not something that we believe will ever go out of style.