Information security is broad ─ we don’t only chase hackers, she says.
Itumeleng Makgati, group information security executive at Standard Bank, has always gravitated towards the sciences. It was just another problem to solve for her, while her classmates found subjects such as mathematics and science intimidating.
“My love for problem-solving dates back as early as high school,” she says. “I was always fascinated by the sciences, and I really enjoyed working on challenging tasks. That fascination and inquisitiveness made me want to dive deeper into those subjects in order to understand how things worked,” she adds.
“I attended a technical high school and took up subjects like technical drawing and engineering. I was more interested in figuring out how I could build something myself rather than buy it off the shelf.”
It was when she attended a careers exhibition at Wits while in high school and heard about the future of technology and how things were going to be digitalised in the future, that Itumeleng had an aha moment. “I was never interested in taking up a typical career path and this was the inspiration I was looking for,” she says. “Right there, I knew what I was going to study and that was computer science.
“The odds were stacked against me: I had never laid my hands on a computer until I went to my first computer science lecture at university. However, I wasn’t shaken. I have the innate ability to learn new things quickly and this is what I tapped into,” she says.
There’s more to security
Within the IT discipline, Itumeleng found herself leaning towards the information security side of things. “We say that businesses today are digital businesses, but that statement has to be backed by some sense of comfort for your clients, employees and shareholders. Reassuring them that if the intention is to digitalise the business, there has to be a strategy that informs how you will protect that environment as well,” she notes. This is even more crucial in the financial services sector, with more customers migrating to digital services, she adds.
According to Itumeleng, this adoption forces security specialists to think hard around building resilient systems and give customers the peace of mind that their transactions will be secure when they do them from the comfort of their homes. “Managing that risk for a business is truly where my interest lies. Because security is still a relatively new sector, we must constantly be innovative and create new solutions,” she explains. Security is actually running with the unicorns in a unicorn vs. dinosaur scenario, because security-related concepts are still being developed.”
Let’s change the status quo, she says. “Information security is still a very male-dominated field and even as I attend security conferences, the bulk of the speakers on the programme are men,” she says. She wants to change this by introducing more women, particularly young women. “However, a more important question would be: why aren’t there more women interested in this field?”
Itumeleng thinks one explanation for this might be the idea that security is a 24-hour profession. “The bad actors never sleep. Therefore, you must always be available, which makes security an even less appealing choice for young women who want to start a family.” She disagrees and says that information security has many facets. “Security is broad and there are a lot more security-related activities besides merely incident response. You could be on the strategic side of security or the cultural awareness side of security,” she explains.
Future security specialists
Itumeleng has high hopes that, if the right conversation happens around information security, young women will make up the next generation of security experts. She believes that programmes like Cyber Girls are the ideal place to start. Cyber Girls is a platform that trains young women across the continent. It educates them about all of the potential career options in security, and provides them with high-level training, cloud security, and mentorship as they pursue the appropriate certifications.
“I also believe that there is huge value in mentoring young people, as I was mentored as well. We need to learn from those that have walked the path before us,” she points out. Mentorship doesn’t always have to come from someone who looks like you or sounds like you – just someone who advocates for you.”
It’s your very own board of directors, as she puts it: “individuals who can open doors for you and who have the characteristics, competencies, and experience you desire. I call it a board because it takes more than one person to give you all the knowledge that you need – advisors for both technical and leadership related matters.”
Itumeleng enjoys reading in her spare time and reading multiple books at a time. When she wants to lighten the mood, she reads novels, and when she wants to expand her knowledge, she switches to research papers.
“I’m currently reading Talk Like TED by Carmine Gallo: it’s been very helpful for preparing for my public speaking engagements,” she says. “I am also reading A Hacker’s Mind by Bruce Schneier, which is quite useful for my work in information security.” And Start with Why by Simon Sinek, an amazing book on leadership, which draws on a wide range of real-life stories: Simon weaves together a clear vision of what it truly takes to lead and inspire.”