My career in cybersecurity was not mapped out. I earned my bachelor of science degree in business administration, with a concentration in information systems from Xavier University, but one thing was for sure: I did not want to be a coder. I found that as I pursued my education, different opportunities in a variety of fields opened themselves up to me. Next, I decided to pursue my law degree – I earned my J.D. from Texas Southern University – and while I was in law school, the FBI came in to recruit. I was intrigued; so after practicing law for a short period of time in Washington, D.C., I began working as a special agent for the FBI, and in addition, served as the information systems security officer for the Los Angeles Field Division.
Upon leaving the FBI, I looked around at the skills I had obtained – from IT to legal to investigating cybercrime – and believed that a career in information security was the right fit for me. I thought that obtaining the Certified Information Systems Security Professional (CISSP®) certification would help me validate what I knew based on my experience, as well as add credibility to me as a professional when I transitioned from government service into the private sector.
Having my CISSP has helped open doors for me as it is looked upon as one of the highest industry certifications you can obtain. It validates that an experienced cybersecurity professional is working from a standard of common knowledge. The CISSP also helps to set the foundation for consistency in the industry.
Along with having my certification, one of the best things about being a member of (ISC)² is the special programs they provide. Early on after obtaining my CISSP, I signed up and delivered several Safe and Secure Online® presentations in my community. I had the opportunity to speak with school-age children, Girl Scout organizations and parents about the challenges faced by children online. Being able to speak to children about cyber dangers, as well as their parents, regarding what to look out for, was one of the most rewarding experiences in my career.
Luckily, I followed my mother’s advice and got an education. Because of that, I’ve had the pleasure of experiencing so many wonderful career highlights: Being a licensed attorney, an FBI special agent, a business owner, a college instructor and now an executive – these achievements make me take a deep exhale when I think about it. I am one of those people who always has some type of goal for myself – both professionally and personally. I believe that if you are not striving for success in life, you miss out on the opportunity to be the best version of yourself. Of course, I have specific goals to become a chief information security officer, hold board membership positions and more; but essentially, my goals all come down to using my knowledge and experience to help move the needle forward in cybersecurity.
I was once told that when you feel passionate about something, you have to get involved to effectuate change. As an African American woman, I believe that it is part of my responsibility, as I obtain success, to be visible and to inspire others. This is what led to my involvement with the International Consortium of Minority Cybersecurity Professionals (ICMCP). As a single mother and an executive, I have limited time. However, I believe in the mission of the ICMCP – to find ways to bring more women and minorities into the field of cybersecurity. The organization also provides support to those already in the field, because historically, women and minorities tend to leave cybersecurity careers early. We have a severe shortage of talent in cybersecurity for various reasons. Part of the ICMCP’s mission is to attract talent from a multitude of areas – both from traditional and nontraditional disciplines – so that we can bring more talent into the pipeline.
Personally, I believe that we need diverse talent. This isn’t limited to sex, race or cultural diversity, but diversity in thoughts, actions, problem-solving skills and leadership abilities as well. This will take us much further in our “secure the world” directive.
Mary Chaney, Esq., CISSP is the director of worldwide information security at Johnson & Johnson and co-chair of the fundraising committee for the International Consortium of Minority Cybersecurity Professionals (ICMCP).