At She Secures, we strive to build awareness in information security, engage existing professionals and enthusiasts in knowledge sharing and mentorship to guide ladies interested in being a part of this field. As part of this initiative we feature African women in CyberSecurity to provide insight and advice for other women who are considering a career in Information Security. Today we have the privilege to feature Ibukun Adebayo.
Ibukun Adebayo is an experienced IT, CyberSecurity and GRC leader who has developed and worked with many exceptional individuals within the Financial Services, Social Enterprise, Arts, Local Authority, Professional Services, Online Retail, and Charity sectors in the UK – to implement IT, cyber & governance systems, policies & processes to help businesses grow. She is often recommended as an IT and Cybersecurity Speaker by her CIO/CISO peers. Ibukun has over 15 years of experience and is keen to use her experience & knowledge in culturally-rich firms to deliver measurable value.
I must say it’s great to finally have you here, thank you for working with us on this. Please introduce yourself to us again, with your full name and what you do?
‘I’m ‘Ibukun Adebayo’
And who would you say is Ibukun Adebayo?
Okay, so I’m primarily a wife and mum of 5 grown up children, with my professional career as a Chief Information and Security Officer coming a distinct second to my love for my family.
Spotlight on “Ibukun Adebayo”
Wow that’s amazing. A CISO? how did you work on becoming a CISO? What programs or trainings did you take, how did you end up doing CyberSecurity?
Okay, whilst I originally studied Mass Communication, and subsequently Journalism; I started my information security career as a hardware and then infrastructure engineer – having learnt how to build and fix PCs. I was privileged to meet great managers who believed in me, along with meeting my husband who was and remains a senior infrastructure consultant. I quickly moved into CIO and head of IT roles for medium sized firms in the UK, where the responsibility for securing the infrastructure and data also fell within my remit, as each firm was reluctant to hire additional security resources. I sat the CISSP exams in 2004, in addition to MCSE, MCDBA and IT leadership exams I’d previously sat; and have never looked back. In 2016/2017, I completed Cyber exams for the Financial Services sector, along with the CISA, CRISC AND CISM certification exams – again – just to continue to develop my skills and knowledge of Cybersecurity.
This is incredible, would you say your love for PC’s drew you to taking up your first IT career in hardware/infrastructure engineer…or was it out of curiosity?
None of the above! I saw someone building a PC in their home and just thought ‘that looks so easy’, and ‘that might be a great way of earning enough money to feed my kids and to set an example to youth out there that – it’s not how well you start, but how well you finish!’.
That’s a good way, the idea of leaving off something that others can look up too
In all seriousness, we have a lot of our black youth here thinking ‘I can’t make it’, and it’s important that people who are favored enough to get into a privileged position, end up reaching out to those coming behind us. I don’t believe in ‘adaje’ (eating alone), if you see what I mean.
True, you have to try to pull others along. What do you enjoy more working in Cybersecurity and why have you remained in the field for so long when other women are continuously leaving the tech scene?
There’s a serious shortage of ‘willing’ Cybersecurity professionals out there, rather than a shortage of talent and my key driving force is the fact that we haven’t even started to defeat the scourge of cybercrime out there. I will not leave the industry, as the $2tn dollar cybercrime industry requires all hands on deck to put a dent in the profits that cybercriminals are raking in, per ANNUM!
In your experience, i’m sure you have seen a lot of women with CS degrees coming out of college, but then they get into tech and are quick to leave? Why does that happen and how can we change that? or at least reduce it?
We can’t stop this until we stop using ‘technical skills’ as the sole criteria for recruiting people into Cybersecurity roles. There’s room for intelligence analysts, strategy designers, project managers plus other skills, whereas most roles advertised will ask for a raft of technical qualifications – overlooking the gems of skills that exist within women who have graduated with Cyber degrees or with degrees in business analysis, project management, risk management etc. There’s room for everyone with an interest in Cybersecurity, but the industry should stop placing hurdles in the way of women who have the keenness and ambition to join and stay in Cybersecurity, and instead start taking a holistic view to the range of skills required from willing professionals to join the battle against cybercrime.
Spotlight on “Ibukun Adebayo”
Has gender discrimination affected you in any way?
My experience of discrimination, on many counts – is publicly documented. However, whilst I can say it’s ‘affected’ my wallet, it hasn’t affected my resolve to stand up and be counted, with regards to the fight against cybercrime.
Is this something you’d like to share on here?
I’d rather share my positive experiences of the helpers of destiny that have helped me to hold my head upright – before, during and after my experience.
I enjoy the trust and respect of many of my CISO and CIO peers in the UK, and people like Dr. Ben Booth, Ian Blakesly, my directorate members at organisations I’ve led within; and my husband (Darling-Dearest Emmanuel Adebayo) has also been instrumental in this regard. My parents have always joined my husband as intercessors, constantly praying for me and my career and these are people I’ll always mention as core helpers of my destiny through the tough times – and despite all.
Those are the people that matter more. Are there any projects you are currently focused on in cybersecurity or things you would like to pursue in future matter?
The impending GDPR privacy regulations due to take effect from May 25th 2018, is taking up a lot of consultancy time and I’m also engaged in conducting short term contracts with multiple agencies, training InfoSec leaders in Cyber and Information Risk leadership
You have got quite a number of certifications, what do you suggest to young women out there who are interested in this field as regards to earning certifications and skills?
I’ve set a target for this year, by God’s grace, to return to being a fully fledged practitioner i..e. with a preferred joint role as a CIO and CISO rather than being just one or the other. The long-term goal is a Chief Operating Officer role, hence the MBA in Finance that I attained in 2016. Not everyone can afford to sit for certifications, and I pray I’m in a position to influence this in the future and probably train and sponsor women in that regard – as I used to do this for people interested in project management careers, and in obtaining PRINCE2 certification a few years ago. The core focus though should be about acquiring ‘knowledge’ above certification as I keep saying the cybercriminal isn’t interested in our certificates, they’re seeking to beat our knowledge and gain unauthorized access to our systems by bypassing the controls put in place by the Cybersecurity professional. A certificate won’t defend one in the day of a cyber attack, only knowledge will!
Yes, knowledge should be key even when sitting for certifications. How do you balance working plus raising and growing a family being a senior woman professional in tech, coupled with the African mindset that you can’t possibly do it all
I’ve had ample support, with my parents living nearby, a loving husband and children that have given me peace of mind – but I’ve never had the mindset that you can’t do it all; rather the mindset that ‘with God, all things are possible’. I remember a funny incident with my husband many years ago, where I rang him at 9am in his office, from work that day to tell him we had a critical system outage at work – and joked that I may have to stay all night if we couldn’t fix it.
African women in Cybersecurity
Three Managers stayed behind with me to fix the issues, all men. One of the men’s wife was outside London, another in the United States and the third in Asia. Each of their spouses rang to see how they were doing in the middle of the night, whereas my husband rang at about 7am the next morning to say our 2 year old son had just woken him up – and he’d only just realised I hadn’t returned home! We ended up staying for 26 hours at work, but my husband had great faith in me and knew that I’ll always stay with my team in the trenches to fix problems where needed – and not leave my team until the problem was fixed! When you’ve got a husband who believes in you – even whilst sleeping (!) – of course you end up believing you can do anything you set your heart upon to do!
Awwhhh that’s so amazing. Having people who believe in you really helps, I think!
Yes it goes a long way and makes everyone’s life a lot easier.
Absolutely. Do you have any advice for young women women who’d like to join the field of Cybersecurity, what should they know? what should they expect? and how do they stay relevant in the field?
Don’t view your dreams as ‘impossible’ because if you can conceive a dream – you can achieve it. Cybersecurity professionals need the knowledge and understanding of risk management, finance, business, technology and a whole raft of knowledge I mentioned at the recent EMEA ISC2 Secure Summit in the UK last month. In terms of ‘what is to be expected?’ I’d say, go into the field with the mindset of a ‘professional’ rather than focus on the fact you’re a ‘woman’. Each person’s experience will be different, so don’t expect to go through the same experience as that of another woman or person.
To stay relevant, keep reading, keep researching, keep networking, and there are many YouTube lecture videos on different areas of Cybersecurity so make good use of these because no knowledge is wasted.
Spotlight on “Ibukun Adebayo”
Awesome! How can we bring more young women into the field, and how do you get kids interested? so at least they know what it is before moving on to college and their minds are prepared?
Raising an interest in cybersecurity shouldn’t be too difficult nowadays because almost every young woman has a smart phone, and I see many parents giving their kids their phones to play with or getting them iPads or smart gadgets. If a kid or young woman is smart enough to work out how to use a technical gadget, then surely they’re smart enough to join in an industry that is focused on protecting the information contained within these different technologies also.
Could you please mention 3 of your favorite bookmarked page on your PC
LinkedIn, RISC Credivel (UK) Ltd, and Twitter.
Thank you so much Ma’am. Is there anything else you’d like to share that we might have skipped or you’d like others to know?
Just to say to both of you and to all women out there – ‘don’t let anyone tell you that you’re not good enough, and don’t ever give up on your dream to make an impact in the Cybersecurity sphere as, if it weren’t meant to be – then someone else would have had the dream and not you’! Thanks, once more, for the privilege of this interview.
Connect with Ibukun on LinkedIn and Twitter
SheSecures Spotlight is set to inspire the next wave of women in infosec to step forward and positively influence future development.
“You can’t make decisions based on fear and the possibility of what might happen” – Michelle Obama