Being part of the cyber security community and shaping it for the better is really important to CovertSwarm. Not only do we actively share our knowledge and experience, but we network with experts in a range of specialisms, and only invest in the brightest talent and most brilliant minds. To encourage more people into cyber and create greater diversity in our sector, we’re also offering a limited number of paid internships each year.
Today, we’re interviewing Faith Bray, our first intern at CovertSwarm and now a fully-fledged, full-time member of the team. Faith comes to us from a background in computing and healthcare — here’s her story.
What drew you to the cyber security industry?
I actually started my career in healthcare, but I grew up with a techy background, so cyber has always been in my blood. My grandfather was an engineer, my dad was a handyman who loved to tinker with electronics, and I was always around technology from a young age. I did a computing degree and post-grad in digital forensics, with a mind to go into blue teaming [where organisations try to prevent or protect against an attempted breach], but found the sector hard to break into – which led me to my other passion, healthcare.
But when Covid hit, I found myself with time to spend on reading, playing about with software and hardware, and breaking video games – all the things I’d loved in my childhood. I realised that’s what I wanted to do, so started to seriously think about applying for roles.
How did you hear about the CS internship and what made you apply?
I’d long had an interest in the defensive side of cyber – particularly the investigatory element – but was awarded a grant for a training bootcamp and began to experiment more with offensive red teaming [where organisations use penetration testing and ethical hacking to attempt to breach an organisation] . To me, penetration testing and other red teaming techniques that encourage you to think on your feet are more fun and mentally stimulating
But the industry is really hard to crack – especially as, being a woman, you tend to only apply for things you’re qualified for, and can miss out on opportunities. I was posting about this very topic on LinkedIn when a mutual friend put me in touch with Luke [Potter,CovertSwarm’s COO]. A new internship programme had just been set up there, and I was offered the role.
What was the internship like for you?
Being the first intern for CovertSwarm felt like being a pioneer for the cause, and I’ve worked hard to build the structure of the programme for those who come after me. I picked up more in the three months I was an intern than in the whole year previous. The team is amazingly supportive and patient, especially when I ask questions that might seem obvious to them!
I loved the internship and I’m now officially part of the team – which isn’t always a given on these kinds of programmes, and feels like a huge honour.
What were the main things you learned on the programme?
The biggest and most important thing is that you need to be legally sound in everything you do. For example, with penetration testing, you have a scope to work within. You can’t stray from it or breach it. There’s also lots of cross-over with skills, even though every member of our Hives [teams] has their specialisms. In lots of situations, you need to be systematic, problem-solve and build a picture of the facts as you go.
Our industry is notoriously male-oriented. In your opinion, what’s holding women back from a cyber security role?
Cyber is hugely lacking in women’s presence and input, so there were no real role models for me when growing up, and there’s little representation even now I work in the sector. There’s a big issue with the attitudes people have towards girls doing maths and computing at a young age, which was especially true when I was choosing my degree.
There’s also a lot of gatekeeping involved, with very few women in high positions, so we don’t see other women in the industry to follow their lead. It’s daunting for women to even try, and there’s a huge expectation that they need to prove themselves more than men do in terms of experience. But, CovertSwarm isn’t anything like this, which is hugely reassuring!
What do you feel CovertSwarm could do to welcome more female talent?
It’s really a question of carrying on what’s been started, not just with internships, partnerships and opportunities [CovertSwarm has teamed up with Dundee & Angus College as curriculum partner], but in the way we operate. We’re an entirely remote workforce in locations all around the world, with all kinds of schedules. That’s a big plus for anyone who needs flexibility, but especially for women, as we’re more likely to be primary carers. Working from home and flexible working is also great for disabled people too.
What would you change or improve about the cyber security industry in general?
Investing in greater diversity and in grassroots projects – it’s as simple as that. Worryingly, though, many people think there isn’t an issue with our sector, or that we ‘need more at the top and not the bottom’. Really, that’s the wrong way to think about it, as we need to be prioritising making progress, and seeing how each part fits together.
I’d also add that diversity isn’t just about colour, disability or gender. It’s also about age. I’m a forty three-year old woman who’s already had a career in another industry, but I’ve got a lot to bring to the table. And that’s why CovertSwarm’s internship is so great – it’s truly open to all.
Thanks to Faith for her time. Now she’s part of our team, we’re looking forward to how her insights and experience can shape our work – and our sector – for the better.
If you’re interested in our careers, internships and opportunities, take a look at our careers page, or find out more about what it’s like to work at CovertSwarm.
Our door is always open.
Cybersecurity Glossary
Read this comprehensive list we’ve compiled to assist experts, C-level executives, and those embarking on a cybersecurity career in navigating the extensive array of terms in…
An In-Depth Guide to Remote Desktop Protocol (RDP)
The continually changing nature of today’s workplace has made remote access technology essential.
Mitigating Credential Stuffing Attacks with IP Rotation: Strategies and Considerations
This article covers effective strategies to fight credential-stuffing attacks using IP rotation. By Ibai Castells
CovertSwarm at DEF CON 32: Insights from the Swarm
This time last week, our Swarm was taking over Las Vegas at DEF CON 32 – one of the biggest and oldest hacker conventions in the…