6 minute read
Tshering Wangmo
TSHERING WANGMO
Tshering Wangmo was born and grew up in Bhutan. She has lived in Perth since 2016 where she is studying for a master’s in cybersecurity at Edith Cowan University’s Joondalup Campus. She has completed the third semester of her final year and is looking for internship opportunities to enable her to meet course requirements.
Master in Cybersecurity Student at Edith Cowan University
Suppose you met an old friend from your last year at school who, knowing nothing about cybersecurity or what you do, asks you what you are doing. How do you answer them to ‘sell’ them on the idea of a career in cybersecurity?
Whenever I get asked by my friends and other people around me about what I am studying I respond with: “I am studying for a master’s in cybersecurity.” The comment I most often get is, “Wow! That sounds heavy, but you must be good at information technology (IT).” I often tell them “Firstly, I am not that tech savvy and, yes, it is tough and challenging, but it is doable, if you are interested to learn it.”
Often, I get asked how a non-IT person can learn cybersecurity because you need to know how to hack a computer. My usual response is that cybersecurity is not only about hacking, in fact hacking is the reason why there is the need to learn cybersecurity, and it all begins with yourself. If you are using your phone, computer, WiFi at home for yourself, or for children to play online games, you will need to know the basics of being safe online.
It is not difficult to make people understand why it is important to be safe online. In my personal experience with my own family, if I explain about the need to have strong passwords and update software regularly, they do not take me seriously.
I notice there are others who do not bother about being safe online. To make them understand why they need to bother, I explain that, just as we would secure our house to protect our family from thieves or intruders, we build walls or fences to protect ourselves in the online world. Further, we use strong doors with locks and keys which are analogous to strong passwords in the online world. And, just as people’s houses can be made safer with digital smart products, we can make ourselves safer online with technologies like multifactor authentication.
The bottom line is: people need to be cautious and maintain privacy online, just as they do in real life. People who understand the logic of this and see the recent news on data breaches become interested and ask me more about my course.
How does the reality of cybersecurity as you experience it today fit with your understanding when you first thought about studying it?
I applied for the course because there was no requirement to have an IT background. I obtained a bachelor’s degree in computer applications a long time ago, but my work experience for the past six years has been in projects and administration. I enrolled in my course knowing it would be challenging.
The course started well but became increasingly challenging with each semester, because there were so many aspects of cybersecurity to learn, from networks to communication skills, coding to data science, project management to ethical hacking. By the time I was in my third semester I felt somewhat lost having many career options in cybersecurity and not knowing where my skills could take me.
What cybersecurity role would most like to be hired into when you graduate, and why?
When I graduate, I would most like to be hired as a red team ethical hacker, because in 2020 when the pandemic started, I knew I needed to get into a career where I could leverage my current skills. After two semesters I was on pregnancy leave, during which I realised how important our time is and how we as woman always have to make compromises between personal life and career. This realisation gave me the opportunity to take the leap into a career where I
could balance family life by working from home, or from anywhere in the world.
What do you see as having been the most memorable and/or significant event in your cybersecurity journey to date, and why?
The most significant event on my career journey was learning about information warfare. We had a group presentation and each person got only two minutes to present. My presentation was about offensive security, and I had only two slides, one for an introduction and one on a funny meme that made everyone in the room laugh. All I did was stage a live demonstration on Twitter showing how information can be rapidly amplified, whether it is true or false. Our group got the best mark and, to my surprise, I earned an extra mark for that presentation.
In addition to your studies, what employment experience do you have in cybersecurity?
I worked for six months in an IT company as a project support coordinator and was fortunate to be working with project managers developing and standardising all IT operations manuals and assisting in cybersecurity policy drafting.
Is there any aspect of your studies you find particularly difficult or challenging, if so what, and why?
To be honest, this course is difficult and challenging. There are no easy units. In particular, the cybersecurity unit in the first semester was difficult for me as a mid-career student, new education learning system, juggling work and family, while also being totally new to cybersecurity.
Is there any aspect of cybersecurity that you think should be given greater focus in your course, or any aspect you think should be given less focus?
I think there should have been more on building presentation and communication skills.
Are you involved in the wider cybersecurity community, eg AWSN, if so how and what has been your experience?
I have been an associate of the Australian Computer Society as a student ambassador and a member of the Australian Information Security Association (ASIA), which is free for students. I attended the first Student of Cyber event in Perth in 2021 where it was great to see so many new faces, learn about other people’s aspirations and what local cybersecurity businesses are coming up with. I attended the CyberCX annual event in 2020 where it was great to meet prospective employers in cybersecurity. I participated in the ECCouncil’s online Mega Cyber Challenge 2020 where I won a $200 voucher towards any online EC-Council course. I participated in CyberCx’s annual AppSec hackathon in 2020 and received a certificate and one-month free subscription to Pentester Lab. I have volunteered in Coder Dojo assisting awesome kids.
What is your favourite source of general information about cybersecurity?
I have subscribed to the Australian Cyber Security Centre (ACSC) for data breach updates and mitigation strategies. I get the latest news on information security and much information from ASIA events and from the ACS. Its website has an online learning portal that is helpful. While driving I listen to podcasts like Darknet Diaries . I follow the Hackers Academy and other cybersecurity service providers on LinkedIn.
What measures do you have in place for your personal cybersecurity?
During my first semester I changed the passwords for our WiFi network, my son’s iPad, email services and started cleaning up my social media profiles by taking out all personal information, deleting lots of unknown people on my friends list and I stopped uploading details of every moment in my life.
www.linkedin.com/in/tsheringwangmo
