If you follow us on LinkedIn, you’ll know that we’ve been talking about two things all March: Women’s History Month and cybersecurity, especially ransomware. To put the cherry on top of it all, we interviewed Heather Macchi about how she got her start in tech and what she sees on the cybersecurity horizon.
As Director of Operations here at JetSweep, Heather is focused on honing our processes to improve efficiency and our customers’ experience. She’s a workflow pro, helping our teams work through snags and roadblocks so they can get the job done! She’s also currently pursuing a master’s degree in cybersecurity and has quickly become our in-house cybersecurity expert.
Read on to learn about the challenges she’s faced as a woman working in such a male-dominated field and her insights for other women looking to pursue a career in tech. She also was kind enough to share her cybersecurity expertise and provide some advice for companies looking to improve security in the coming year.
- What do you do on a day-to-day basis as Director of Operations?
I work with the other departments to help streamline individual processes, and how everything works together. If you think of the life cycle a customer might experience while working with JetSweep, my underlying goal is to figure out the most efficient or best way for that flow to happen. Some current projects I am helping with right now are the AWS Migration Competency, formalizing some of our Managed Service processes, and finetuning our CRM system
2. What excites you about your work?
Useful problem-solving. I could probably be doing anything – as long as I had a challenge to work on or a problem to solve that makes something better, I could be happy. With that said, computers and evolving technology tend to yield a lot of problems, so the IT field is very appropriate for exercising this skillset.
3. Can you share a bit about your background?
My undergrad is in mathematics, and my first IT-related role was in sales at a technology managed service provider (MSP), so I was essentially a blank slate with regards to computing technology. I put a lot of personal time into studying and earned a more technical position at that company. From there I studied for and attained various IT certifications and got myself involved in everything I could to gain more experience. Most of my technical background is in IT networking and desktop support, and I have taken a personal interest in cybersecurity wherever possible.
4. What sparked your interest in cybersecurity?
Initially, I took an interest in cybersecurity because, at the time, it was something that not many others were paying attention to. I had a sense it was going to be a very valuable skillset to work on. Five years later, I feel it was the right decision. When I started getting more exposure to what cybersecurity encompasses, I realized there was more opportunity than I realized. Within the cybersecurity field, there is a great need for talent at all levels, including in management and process, which is more where my natural aptitude lies. Currently, I am in a master’s degree program for cybersecurity and am almost halfway through the last class before my dissertation.
5. What pushed you to get an advanced degree in cybersecurity?
I worked briefly on an internal Help Desk for a financial institution and while I was there, there was a lot of free time for professional development. I took advantage and applied for a master’s program in cybersecurity. When I was doing my undergrad, I thought briefly about joining the NSA– cybersecurity actually couples very well with mathematics. For example, encryption is based on advanced mathematics, so it seemed a natural choice for my path at the time.
6. Was there a noticeable change between the number of women in your undergraduate versus your graduate-level courses?
During my undergrad program, there were usually at least a handful of other women in the class with me. In my graduate program, there is often only one to three women including myself.
7. Did you have someone in your life that really supported you in pursuing your interests?
Some of the folks I worked with when I first started my career were probably the most inspiring for me in pursuing this path. There were two lead engineers I worked with who were brilliant, they knew so much about so many technologies, and if they didn’t know – they found out. If no one else knew the answer, it was to these two that everything escalated. I had quite a bit of respect for that and sought to learn what I could from these guys. I find myself working with one of them again here at JetSweep, he is part of our professional services team, delivering AWS solutions.
8. What do you think the benefits are for women working in the tech industry?
Diversity of skillsets and perspectives. Everyone has something they are good at. By having both men and women working in the tech industry, you broaden the opportunity for more varied skills and ideologies. As a particular example, I have gotten very positive feedback for having a “nurturing attitude” when working on a help desk.
9. Have you ever second-guessed your decision or experienced impostor syndrome?
More often when I first started my career, I am my own worst critic so to dive into a field I had no experience in, I was constantly questioning whether I could do it, whether I should be doing it. I gained confidence over the years that as long as I tried my hardest and used every opportunity to learn, I could do it. It also helped to discover that many other people I considered highly successful had felt similar hesitations throughout their careers.
10. What advice would you give to younger women looking to start a career in tech today?
Being the only woman in many of my work environments has been a challenge, I have had to mask who I am sometimes to fit in, and have been in situations where I was overtly made to feel bad because “the guys couldn’t be guys” when I was around. Not trying to digress on this, but it was one of the things that made me question what I was doing. I have gained confidence over the years and now I don’t worry so much about what people think because I know I can produce good results. My advice to young women entering the field is to stick with it, no matter what. Pursuing a STEM career has been one of the most empowering things I have done for myself.
- Switching gears now to your specialty, what are some cybersecurity trends that you’ve noticed in the last year?
Unfortunately, most businesses don’t take cybersecurity seriously until it’s too late and they have been the victim of an attack. However, a positive trend is that more and more businesses are focusing on their cybersecurity and trying to figure out what they should be doing. On the contrary, I have noticed an increase in large-scale cyber-attacks, affecting governments, Fortune 500, and international entities. The SolarWinds breach from last year was huge, and the recent Exchange hack from last month was more than a little scary.
12. What cybersecurity threats do you think are on the horizon?
I feel like more advanced persistent threats are going to be the crux of a lot of cyber events in the foreseeable future. This is when attackers get access to a system and sit and watch – their goal is to try to spread access and gain a footing. Once this happens, it opens the doors for a lot of malicious activity – data exfiltration, data manipulation, eavesdropping, or a host of other fun things.
13. What’s your best advice for organizations looking to improve their cybersecurity?
My best advice would be, if you haven’t started paying attention to your cybersecurity resources and policies, now is the time. If you have started, keep going. Stay informed and work towards having dedicated cybersecurity resources who actually care about security. Make cybersecurity part of your business culture – often the biggest hurdle to modernizing security is that it is inconvenient, but if you make it part of the work culture, it becomes much easier. Plan with the mindset “not if, but when.”