Melissa Miller

As a Managing Security Consultant at NetSPI, Melissa's current role consists of instructing NetSPI University students (a training program for those new to penetration testing) and overseeing the performance of web application pentests. In addition to web application testing, she dabbles in social engineering, cloud, and network testing. She has her BSc in Computer Science from the University of Minnesota as well as OSCP and CEH certifications. One of her passion projects is involvement in the DE&I committee, which includes representing NetSPI in various public-facing speaking events, panels, and interviews.
More by Melissa Miller
WP_Query Object
(
    [query] => Array
        (
            [post_type] => Array
                (
                    [0] => post
                    [1] => webinars
                )

            [posts_per_page] => -1
            [post_status] => publish
            [meta_query] => Array
                (
                    [relation] => OR
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "130"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "130"
                            [compare] => LIKE
                        )

                )

        )

    [query_vars] => Array
        (
            [post_type] => Array
                (
                    [0] => post
                    [1] => webinars
                )

            [posts_per_page] => -1
            [post_status] => publish
            [meta_query] => Array
                (
                    [relation] => OR
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "130"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "130"
                            [compare] => LIKE
                        )

                )

            [error] => 
            [m] => 
            [p] => 0
            [post_parent] => 
            [subpost] => 
            [subpost_id] => 
            [attachment] => 
            [attachment_id] => 0
            [name] => 
            [pagename] => 
            [page_id] => 0
            [second] => 
            [minute] => 
            [hour] => 
            [day] => 0
            [monthnum] => 0
            [year] => 0
            [w] => 0
            [category_name] => 
            [tag] => 
            [cat] => 
            [tag_id] => 
            [author] => 
            [author_name] => 
            [feed] => 
            [tb] => 
            [paged] => 0
            [meta_key] => 
            [meta_value] => 
            [preview] => 
            [s] => 
            [sentence] => 
            [title] => 
            [fields] => 
            [menu_order] => 
            [embed] => 
            [category__in] => Array
                (
                )

            [category__not_in] => Array
                (
                )

            [category__and] => Array
                (
                )

            [post__in] => Array
                (
                )

            [post__not_in] => Array
                (
                )

            [post_name__in] => Array
                (
                )

            [tag__in] => Array
                (
                )

            [tag__not_in] => Array
                (
                )

            [tag__and] => Array
                (
                )

            [tag_slug__in] => Array
                (
                )

            [tag_slug__and] => Array
                (
                )

            [post_parent__in] => Array
                (
                )

            [post_parent__not_in] => Array
                (
                )

            [author__in] => Array
                (
                )

            [author__not_in] => Array
                (
                )

            [ignore_sticky_posts] => 
            [suppress_filters] => 
            [cache_results] => 1
            [update_post_term_cache] => 1
            [update_menu_item_cache] => 
            [lazy_load_term_meta] => 1
            [update_post_meta_cache] => 1
            [nopaging] => 1
            [comments_per_page] => 50
            [no_found_rows] => 
            [order] => DESC
        )

    [tax_query] => WP_Tax_Query Object
        (
            [queries] => Array
                (
                )

            [relation] => AND
            [table_aliases:protected] => Array
                (
                )

            [queried_terms] => Array
                (
                )

            [primary_table] => wp_posts
            [primary_id_column] => ID
        )

    [meta_query] => WP_Meta_Query Object
        (
            [queries] => Array
                (
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "130"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "130"
                            [compare] => LIKE
                        )

                    [relation] => OR
                )

            [relation] => OR
            [meta_table] => wp_postmeta
            [meta_id_column] => post_id
            [primary_table] => wp_posts
            [primary_id_column] => ID
            [table_aliases:protected] => Array
                (
                    [0] => wp_postmeta
                )

            [clauses:protected] => Array
                (
                    [wp_postmeta] => Array
                        (
                            [key] => new_authors
                            [value] => "130"
                            [compare] => LIKE
                            [compare_key] => =
                            [alias] => wp_postmeta
                            [cast] => CHAR
                        )

                    [wp_postmeta-1] => Array
                        (
                            [key] => new_presenters
                            [value] => "130"
                            [compare] => LIKE
                            [compare_key] => =
                            [alias] => wp_postmeta
                            [cast] => CHAR
                        )

                )

            [has_or_relation:protected] => 1
        )

    [date_query] => 
    [request] => 
			SELECT   wp_posts.*
			FROM wp_posts  INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
			WHERE 1=1  AND ( 
  ( wp_postmeta.meta_key = 'new_authors' AND wp_postmeta.meta_value LIKE '{1bc981601df990ad662f2fac59423b30791ae737cd80120209be31c155cab92a}\"130\"{1bc981601df990ad662f2fac59423b30791ae737cd80120209be31c155cab92a}' ) 
  OR 
  ( wp_postmeta.meta_key = 'new_presenters' AND wp_postmeta.meta_value LIKE '{1bc981601df990ad662f2fac59423b30791ae737cd80120209be31c155cab92a}\"130\"{1bc981601df990ad662f2fac59423b30791ae737cd80120209be31c155cab92a}' )
) AND wp_posts.post_type IN ('post', 'webinars') AND ((wp_posts.post_status = 'publish'))
			GROUP BY wp_posts.ID
			ORDER BY wp_posts.post_date DESC
			
		
    [posts] => Array
        (
            [0] => WP_Post Object
                (
                    [ID] => 28636
                    [post_author] => 130
                    [post_date] => 2022-10-18 09:00:00
                    [post_date_gmt] => 2022-10-18 14:00:00
                    [post_content] => 

Recent data indicates the cybersecurity industry continues to grapple with talent and skills gaps and the lack of diversity across its workforce. In fact, a recent survey from Boston Consulting Group revealed that 75% of cybersecurity workers are men, and in a recent survey from Heidrick & Struggles, only 14% of U.S. cyber leaders identified as women and/or people of color. Beyond this, for women, people of color, and entry-level or remote workers—imposter syndrome or feeling an inherent sense of otherness is not uncommon.  

As we amplify this year’s Cybersecurity Awareness Month theme “See Yourself in Cyber”, focusing on the people that make up the cybersecurity industry— it’s important to recognize what the industry can do to empower more people to see themselves in a cyber career. Here are a few steps we can take collectively to combat the issues surrounding imposture syndrome and diversity, and further progress as an industry. 

Overcoming Imposter Syndrome 

In order to “see yourself” you also must believe that you belong in cyber. When I first started my career in cybersecurity, I experienced a feeling that many of my other female peers have also experienced - that I needed to change to be “one of the guys.” 

Over time, I learned that my opinions and insights are just as valuable as those of my male peers. As such, I always make it a point to create safe spaces for employees to be themselves and feel empowered to advocate for themselves. Overcoming imposter syndrome requires reshaping your view of yourself and what makes you unique in a more positive light. Here are some techniques I’ve practiced to help me become more confident:  

  • Remember time is your biggest helper. As your confidence and knowledge grows in your position, things will get better. Remembering this can be helpful in and of itself. 
  • Take a step back. When you catch yourself playing the comparison game and losing, ask yourself, "am I really comparing apples to apples here?" Most of the time your answer will be "no." Once you've gotten that more realistic perspective, it's a lot easier to pull yourself out of a negative spiral and prevent the seeds of imposter syndrome from taking root. 
  • Know your own strengths and weaknesses. Having a more accurate self-image can help combat moments of imposter syndrome and can make it easier to set yourself up for success. If you have an over-inflated sense of some of your skills, you can be setting yourself up for failure. In the other direction, if you're undervaluing your skills, that could cause you to pass on opportunities where you would've shined.  

Cultivating a Safe and Inclusive Culture 

Creating a culture where employees feel safe and empowered to do their best work is also essential in our industry. As an employer, it can help to ask the following questions:  

  • Do we encourage open feedback?  
    • Employees must feel empowered to let their teams/organization know what is and is not working for them. This will have a positive impact on work culture and overall productivity.  
  • Is self-care and mental health built into our culture?  
    • While employees must ultimately ensure they are creating a work-life balance for themselves, it’s difficult to do so without the support of a workplace that builds the concept of prioritizing mental health and self-care into their culture.  
  • Does our company culture inspire collectiveness?  
    • Creating spaces for human interaction can help everyone feel more connected, especially in a hybrid environment. At NetSPI, we have Slack channels dedicated to nearly every hobby and interest under the sun, and a “Kudos” channel for employees to call out their coworkers for a job well done. It's a positive place for the entire organization to find community and celebrate together. This also reiterates that everything we do is a part of an ecosystem. 
  • Are we striving towards more diversity?  
    • Companies should have specific goals/initiatives to seek out diverse new hires. Consider implementing a Diversity, Equity, and Inclusion (DE&I) committee to both retain current diverse employees and reach out into the community. 
    • Every company should revisit their job descriptions and requirements, especially in the technical fields, to ensure they are inclusive of people that come from varying backgrounds. Focusing on hiring based on skillset allows us to open opportunities to those that will excel in the position that may have been prevented in the more traditional experienced-focused mindset. Ultimately, we must ask ourselves, “How do we make cybersecurity jobs more accessible to more people?” 

Championing More Diversity in Cybersecurity 

In order to achieve better growth and diversity in the cybersecurity workforce, more emphasis needs to be placed on the concept of variety in race, ethnicity, gender identity, and diversity of thought. This means developing a deeper understanding of the differences and experiences that shape people’s perspectives, and intentionally incorporating them into creative problem solving.  

When diversity is championed, it drives better culture, productivity, retention rates, and overall business success. Additionally, we can effectively reduce the “boys club” stigma commonly associated with the industry. Ultimately, this encourages more people to pursue cybersecurity-related education, leading to more diversity in the workforce.  

Furthermore, organizations must work together to provide more equitable learning, coaching and mentoring opportunities for talent new to the industry. At NetSPI, we are addressing this issue through NetSPI University, an extensive entry-level training program where candidates gain a baseline skill set to execute web application penetration testing and external network penetration testing, led by NetSPI’s expert pentesters.  

We have also started to partner with organizations such as WiCyS (Women in Cybersecurity) and Girls Hack Village whose purpose is to create a safe space for attendees to learn about cybersecurity and the challenges that women in the industry face.  

Most importantly, organizations must hold themselves accountable to take tangible steps towards more diversity. Beyond basic “check the box” hiring exercises, the question is: “How can cybersecurity leaders hold space and give credibility to varied voices and ideas?” As we take this month to reflect on ways in which we can move the cybersecurity industry forward, it’s imperative to remember that change starts with nurturing our people. 

[post_title] => Tackling Diversity and Imposter Syndrome During Cybersecurity Awareness Month [post_excerpt] => Here are a few steps we can take collectively to combat the issues surrounding imposture syndrome and diversity, and further progress as an industry. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => diversity-and-imposture-syndrome [to_ping] => [pinged] => [post_modified] => 2022-10-17 16:25:22 [post_modified_gmt] => 2022-10-17 21:25:22 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=28636 [menu_order] => 9 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 28666 [post_author] => 130 [post_date] => 2022-10-14 08:00:00 [post_date_gmt] => 2022-10-14 13:00:00 [post_content] =>

On October 14, NetSPI Managing Consultant Melissa Miller was featured in the Security Systems News article called Inkhouse Virtual Media Panel on Diversity in Cybersecurity Touches on Key Insights. Read the preview below or view it online.

+++

YARMOUTH, Maine – The tech industry and cybersecurity field remains for the moment an old boys club, however a group of leading women in security and human resources came together this week to discuss strengthening the industry through diversity.

The “Bridging the Security Talent Gap Through Diverse Viewpoints” virtual panel was hosted by Inkhouse, a Massachusetts based public relations firm. Guest speakers were joined by moderator Jessica Bettencourt to find an answer for the disparity in the security industry. According to Bettencourt, recent studies by (ISC)² show that women only make up 24% of the cybersecurity field, and more, that racial and ethnic minorities are more likely to face pay discrepancies and hold non-managerial roles at their companies.

As for more advice for job seekers looking to break into the market, Bettencourt asked panelists what some of the soft skills they most looked for in candidates.

“I have two here, the first as much as we may not like it is public speaking.” Melissa Miller, Managing Security Consultant at NetSPI stressed. Preparation and clarity are important in the role, and she said public speaking exhibits that perfectly. The second to her is passion for the field.

You can read the full article at Security Systems News!

[post_title] => Security Systems News: Inkhouse Virtual Media Panel on Diversity in Cybersecurity Touches on Key Insights [post_excerpt] => NetSPI's Melissa Miller gives career advice in Security System New's article, Inkhouse Virtual Media Panel on Diversity in Cybersecurity. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => security-systems-news-diversity-in-cybersecurity [to_ping] => [pinged] => [post_modified] => 2022-10-19 22:03:15 [post_modified_gmt] => 2022-10-20 03:03:15 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=28666 [menu_order] => 11 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) ) [post_count] => 2 [current_post] => -1 [in_the_loop] => [post] => WP_Post Object ( [ID] => 28636 [post_author] => 130 [post_date] => 2022-10-18 09:00:00 [post_date_gmt] => 2022-10-18 14:00:00 [post_content] =>

Recent data indicates the cybersecurity industry continues to grapple with talent and skills gaps and the lack of diversity across its workforce. In fact, a recent survey from Boston Consulting Group revealed that 75% of cybersecurity workers are men, and in a recent survey from Heidrick & Struggles, only 14% of U.S. cyber leaders identified as women and/or people of color. Beyond this, for women, people of color, and entry-level or remote workers—imposter syndrome or feeling an inherent sense of otherness is not uncommon.  

As we amplify this year’s Cybersecurity Awareness Month theme “See Yourself in Cyber”, focusing on the people that make up the cybersecurity industry— it’s important to recognize what the industry can do to empower more people to see themselves in a cyber career. Here are a few steps we can take collectively to combat the issues surrounding imposture syndrome and diversity, and further progress as an industry. 

Overcoming Imposter Syndrome 

In order to “see yourself” you also must believe that you belong in cyber. When I first started my career in cybersecurity, I experienced a feeling that many of my other female peers have also experienced - that I needed to change to be “one of the guys.” 

Over time, I learned that my opinions and insights are just as valuable as those of my male peers. As such, I always make it a point to create safe spaces for employees to be themselves and feel empowered to advocate for themselves. Overcoming imposter syndrome requires reshaping your view of yourself and what makes you unique in a more positive light. Here are some techniques I’ve practiced to help me become more confident:  

  • Remember time is your biggest helper. As your confidence and knowledge grows in your position, things will get better. Remembering this can be helpful in and of itself. 
  • Take a step back. When you catch yourself playing the comparison game and losing, ask yourself, "am I really comparing apples to apples here?" Most of the time your answer will be "no." Once you've gotten that more realistic perspective, it's a lot easier to pull yourself out of a negative spiral and prevent the seeds of imposter syndrome from taking root. 
  • Know your own strengths and weaknesses. Having a more accurate self-image can help combat moments of imposter syndrome and can make it easier to set yourself up for success. If you have an over-inflated sense of some of your skills, you can be setting yourself up for failure. In the other direction, if you're undervaluing your skills, that could cause you to pass on opportunities where you would've shined.  

Cultivating a Safe and Inclusive Culture 

Creating a culture where employees feel safe and empowered to do their best work is also essential in our industry. As an employer, it can help to ask the following questions:  

  • Do we encourage open feedback?  
    • Employees must feel empowered to let their teams/organization know what is and is not working for them. This will have a positive impact on work culture and overall productivity.  
  • Is self-care and mental health built into our culture?  
    • While employees must ultimately ensure they are creating a work-life balance for themselves, it’s difficult to do so without the support of a workplace that builds the concept of prioritizing mental health and self-care into their culture.  
  • Does our company culture inspire collectiveness?  
    • Creating spaces for human interaction can help everyone feel more connected, especially in a hybrid environment. At NetSPI, we have Slack channels dedicated to nearly every hobby and interest under the sun, and a “Kudos” channel for employees to call out their coworkers for a job well done. It's a positive place for the entire organization to find community and celebrate together. This also reiterates that everything we do is a part of an ecosystem. 
  • Are we striving towards more diversity?  
    • Companies should have specific goals/initiatives to seek out diverse new hires. Consider implementing a Diversity, Equity, and Inclusion (DE&I) committee to both retain current diverse employees and reach out into the community. 
    • Every company should revisit their job descriptions and requirements, especially in the technical fields, to ensure they are inclusive of people that come from varying backgrounds. Focusing on hiring based on skillset allows us to open opportunities to those that will excel in the position that may have been prevented in the more traditional experienced-focused mindset. Ultimately, we must ask ourselves, “How do we make cybersecurity jobs more accessible to more people?” 

Championing More Diversity in Cybersecurity 

In order to achieve better growth and diversity in the cybersecurity workforce, more emphasis needs to be placed on the concept of variety in race, ethnicity, gender identity, and diversity of thought. This means developing a deeper understanding of the differences and experiences that shape people’s perspectives, and intentionally incorporating them into creative problem solving.  

When diversity is championed, it drives better culture, productivity, retention rates, and overall business success. Additionally, we can effectively reduce the “boys club” stigma commonly associated with the industry. Ultimately, this encourages more people to pursue cybersecurity-related education, leading to more diversity in the workforce.  

Furthermore, organizations must work together to provide more equitable learning, coaching and mentoring opportunities for talent new to the industry. At NetSPI, we are addressing this issue through NetSPI University, an extensive entry-level training program where candidates gain a baseline skill set to execute web application penetration testing and external network penetration testing, led by NetSPI’s expert pentesters.  

We have also started to partner with organizations such as WiCyS (Women in Cybersecurity) and Girls Hack Village whose purpose is to create a safe space for attendees to learn about cybersecurity and the challenges that women in the industry face.  

Most importantly, organizations must hold themselves accountable to take tangible steps towards more diversity. Beyond basic “check the box” hiring exercises, the question is: “How can cybersecurity leaders hold space and give credibility to varied voices and ideas?” As we take this month to reflect on ways in which we can move the cybersecurity industry forward, it’s imperative to remember that change starts with nurturing our people. 

[post_title] => Tackling Diversity and Imposter Syndrome During Cybersecurity Awareness Month [post_excerpt] => Here are a few steps we can take collectively to combat the issues surrounding imposture syndrome and diversity, and further progress as an industry. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => diversity-and-imposture-syndrome [to_ping] => [pinged] => [post_modified] => 2022-10-17 16:25:22 [post_modified_gmt] => 2022-10-17 21:25:22 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=28636 [menu_order] => 9 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [comment_count] => 0 [current_comment] => -1 [found_posts] => 2 [max_num_pages] => 0 [max_num_comment_pages] => 0 [is_single] => [is_preview] => [is_page] => [is_archive] => [is_date] => [is_year] => [is_month] => [is_day] => [is_time] => [is_author] => [is_category] => [is_tag] => [is_tax] => [is_search] => [is_feed] => [is_comment_feed] => [is_trackback] => [is_home] => 1 [is_privacy_policy] => [is_404] => [is_embed] => [is_paged] => [is_admin] => [is_attachment] => [is_singular] => [is_robots] => [is_favicon] => [is_posts_page] => [is_post_type_archive] => [query_vars_hash:WP_Query:private] => 40a2f81d41b4ce2f9f9a6a426d8a420f [query_vars_changed:WP_Query:private] => [thumbnails_cached] => [allow_query_attachment_by_filename:protected] => [stopwords:WP_Query:private] => [compat_fields:WP_Query:private] => Array ( [0] => query_vars_hash [1] => query_vars_changed ) [compat_methods:WP_Query:private] => Array ( [0] => init_query_flags [1] => parse_tax_query ) )