EPISODE 057 – Dare to Leap: Conquering the Unknown in Cloud Security

Get to know Zinet, her inspiring journey, and the intersection of cybersecurity, career transitions, and personal growth through her conversation on this week’s episode of Agent of Influence!

Show notes:

• 04:51 – Career transition into cybersecurity 
• 07:14 – Overcoming the challenge of the unknown 
• 12:36 – Cloud security vs AppSec and InfoSec 
• 16:36 – Bringing cyber education to wider audiences 
• 25:26 – Keeping children safe online 
• 27:27 – Recruiting diverse talent in cybersecurity 
• 30:57 – Personal branding in career success

What was the decisive factor behind your move to the US, and specifically, how did you navigate the transition in your career to enter the field of cybersecurity? 

Zinet and her family moved to the United States in 2013 from Ethiopia where she had a legal career. Settling in Minnesota, she embarked on an educational path to develop a new career, beginning with an associate degree in computer programming, and progressing to a four-year university. She earned a computer science degree in 2018 before achieving a master’s degree in cybersecurity from Georgia Tech in the following year.  

Despite her nine-year educational journey, which coincided with the birth and upbringing of her four children, Zinet’s dedication to her studies and career transition remained steadfast. From internships in local and state governments to her current role at Best Buy, her professional trajectory has been marked by resilience and determination.

“That means I was in school for the last nine years, when I think about it. But I don’t count it because it feels like it just went by, like maybe a month. That’s how fast it looked like because in between I was having children, taking care of them going to school, starting from associate degree to a master’s degree, while also building a career, which I started from an IT internship at a local government to state government and then to my current role at Best Buy. There’s been a lot that happened in between.” 

As someone who has made multiple career transitions, can you share insights on taking the leap into unfamiliar territory?

Making big changes entails a willingness to take risks and push beyond one’s comfort zone. In Zinet’s experience, embracing change is crucial for personal growth and achieving desired transformations. Despite the uncertainty and numerous excuses that may arise, she believes in the importance of taking a leap of faith to become a better version of yourself.  

This mindset propelled her to step outside her comfort zone, whether it was transitioning from a non-technical background to pursuing a math-intensive degree in cybersecurity or overcoming insecurities about public speaking to eventually speaking at TEDx events.

“If you want to grow and if you want to see the change that we would like to see, and be a better version of yourself, I think it’s always important to take that leap of faith — and it is scary, I’ll tell you I have a million excuses not to at each step. But if we want to be somebody else and contribute something, we should be beyond our comfort zones.”  

What aspects of cloud security ignite your passion and maintain your involvement in the domain? 

Beginning with information security auditing at a local government and transitioning to a role involving AppSec and InfoSec engineering in state government, Zinet found herself drawn toward cloud security amidst the mass migration to cloud platforms during the pandemic.  

Recognizing the significance of cloud expertise in security, she embarked on a self-directed learning journey, starting with Amazon Web Service (AWS). Reflecting on her transition to her current role, Zinet distinguishes cloud security from InfoSec and AppSec by highlighting the shared responsibility model, wherein both cloud service providers and clients play crucial roles in securing data and applications.  

She emphasizes the dynamic and scalable nature of cloud environments, necessitating a different security approach that prioritizes automation and adaptability. Zinet underscores the unique challenges of threat landscape and visibility in cloud computing, attributing her enjoyment in the field to its growth trajectory, the continual learning opportunities, and the stimulating challenges it presents. Driven by her passion, she has pursued certifications such as AWS Cloud Practitioner, CCSK from CSA, and Sans Cloud Security Essentials, with her current focus on obtaining the AWS Security Specialty certification to further enhance her expertise in aligning security services with organizational needs.

“For me, what I enjoy is the fact that it’s something that’s growing, a lot of enterprises are heading that way. We’re seeing a lot of influx of services we’re learning daily. It’s good and bad at the same time, but I think I like the challenging and the learning piece of it.” 

Find, validate, and fix vulnerabilities on your AWS, Azure, Google, and Oracle cloud infrastructures. Learn more about Cloud Penetration Testing.

How did your passion for educating people about cybersecurity, particularly starting with children, first inspire you to teach the broader audience about using the internet safely? 

As a mother of four children, Zinet reflected on incidents where her kids experienced hacking during the peak of the pandemic, prompting her to educate them about cybersecurity. Reflecting on her own upbringing devoid of technology, she realized the inherent dangers children face online due to insufficient protection measures.  

This realization led her to write her second children’s book, “Oh, No… Hacked Again!” addressing cybersecurity in a relatable manner for young readers. Zinet emphasized the importance of establishing open communication between parents and children to address online threats effectively, particularly concerning online predators. Her intention with her books is not only to promote online safety but also to inspire children to consider careers in cybersecurity, aiming to address the industry’s workforce shortage. 

“We often assume that they’re safe because they’re home — physically they seem safe. But we give them that window to the world through the internet. It made me realize that we’re not mindful and we don’t put that much effort into protecting them.”  

What is the one essential action that parents, educators, or policymakers can prioritize as a foundational step in ensuring children’s safety online? 

In her TEDx talk, Zinet emphasizes the importance of routine communication between parents and children as paramount for online safety. Both parents and educators need to be knowledgeable about the risks children face online, including cyberbullying, exposure to inappropriate content, and interactions with online predators. Integration of online safety education into school curricula is crucial, empowering children to recognize and respond to online threats.  

Policymakers play a significant role in safeguarding the online environment for children by enacting laws and regulations that prioritize children’s online privacy and safety. While there has been legislative activity in this area, the speaker notes a need for ongoing adaptation to keep pace with technological advancements.

“Children should feel comfortable discussing their online experiences with adults, like their parents or caregivers, whether it’s something they enjoyed or something that made them uncomfortable, so building that bridge is very important.” 

Do you have any ideas on how we can address the skills shortage in cybersecurity and promote diversity and inclusion to attract more talent, particularly women? 

Building an inclusive culture is crucial in addressing the challenges of talent recruitment and retention in cybersecurity. Creating a welcoming environment not only attracts diverse candidates but also fosters an atmosphere where current talent feels valued and engaged. 

Introducing cybersecurity topics in educational institutions, from schools to colleges, is instrumental in guiding students towards the field and fostering early interest. Initiatives like Zinet’s recent book, “See Yourself in Cybersecurity” aim to break down barriers by showcasing a diverse range of individuals succeeding in the industry, thereby inspiring confidence among aspiring professionals. 

Diversifying recruitment channels beyond traditional avenues is crucial. Individuals from diverse backgrounds – including law, psychology, and liberal arts – can offer unique perspectives and skills beneficial to cybersecurity. Additionally, investing in training and upskilling programs for those transitioning to cybersecurity from other fields can expedite filling talent gaps.

“We talk about how to bring in new folks, but we also need to talk about how to retain the talent that we already have. If we’re not engaging the people that we have, then I think it’s going to be difficult to retain what we even have. A welcoming environment attracts a wide range of candidates and helps retain talent.” 

Being able to personally brand yourself is important as part of your career growth. How do you feel personal branding has played a role in shaping your career? 

Zinet underscores the significance of being known for one’s expertise and experiences. Despite acknowledging the importance of networking and personal branding for aspiring professionals, she noted a lack of guidance on how to effectively build a personal brand. 

Motivated by this gap, Zinet created a LinkedIn Learning course on the importance of personal branding in cybersecurity and practical strategies for its development. She shared personal anecdotes of how her online presence led to opportunities such as becoming a TEDx speaker and securing her current position. Encouraging individuals at all career stages, including students, to begin building their personal brand, Zinet recommends LinkedIn as an ideal platform for this endeavor.

“I shared recently on LinkedIn that 70% of jobs are never published publicly, and 85% of jobs are filled through networking. That means they’re never posted, but they’re created for specific people. So that should highlight the importance of networking and building a personal brand. Being known for something and sharing your perspectives on a topic of interest — it could be a learning journey, or the challenges that you have faced — having that online presence is very important.” 

Zinet Kemal is an associate cloud security engineer at Best Buy where she’s responsible for designing and implementing security measures to protect their cloud-based infrastructure and data. Over her nine-year educational pursuit, she earned a master’s degree in Cybersecurity from Georgia Tech University. Over the years, Zinet has achieved notable milestones, including delivering a TEDx talk, being honored in the 40 Under 40 list, and becoming a five-time best-selling author of children’s books. Recently, she has expanded her expertise by becoming an instructor on LinkedIn Learning, further solidifying her reputation as a multifaceted cybersecurity professional.