Blog

Meet Megan West, Honoree of the 2021 (ISC)² CEO Global Achievement Award

Oct 09, 2021

Megan West Headshot_ISC2 Megan “Meg” West, CISSP, is an Incident Response Consultant for IBM’s X-Force Incident Response Team. Prior to joining IBM, she worked as the Global Cybersecurity Incident Response Manager for another F100 company. She currently holds the CISSP and Security+ certifications as well as a Master of Science degree in cybersecurity.

She has spoken at several international cybersecurity conferences including (ISC)² Security Congress and SAP Sapphire Now. Megan spends her free time mentoring college students as they enter the cybersecurity field. She also enjoys creating free cybersecurity content on various social media platforms such as YouTube and Twitter. Register now to hear Megan speak at Security Congress.

 

What does receiving the (ISC)² CEO Award mean to you?

Achieving this (ISC)² CEO Global Achievement Award means more to me than I could eloquently explain in a reasonable number of words. I’m thrilled that the initiative I am undertaking – to empower people from all backgrounds and walks of life to pursue careers in cybersecurity – is gaining some traction. I love how supportive and progressive (ISC)² is, and how helpful the organization has been to me in working on this goal. Clar Rosso is an outstanding human, and I’m thankful that I’ve gotten to work closely with her on goals such as this. 

When I first entered the cybersecurity field (about 4 years ago), I was a shy 21-year-old who was often too intimidated to speak up about her thoughts and ideas. Here we are just a few years later, and I’m now speaking at international cybersecurity conferences, creating videos that thousands of people watch, and working for a world-renowned cybersecurity consulting firm. I just want to help others see that they can achieve the same success in their own cybersecurity journey, and I’m so thankful that (ISC)² works so hard to do so, too.

What prompted your initial interest in cybersecurity? 

My interest in cybersecurity sparked from the desire to work in a challenging, yet meaningful and rewarding field. I always loved technology, and my curiosity for the field piqued when I realized I could just continue to be a massive security nerd and get paid to do so.

How do you ensure your skills continue to grow? 

By not forcing myself to read or watch any and every article or video about cybersecurity that is thrown into my path. I feel that cybersecurity professionals often become overwhelmed with the feeling of needing to keep up to date on everything that is ongoing within the cyber world. I selectively choose which content is most relevant and poignant for my interests and knowledge advancement, and I invest myself into that content. I enjoy interacting with like-minded cybersecurity professionals on Twitter, watching Twitch streamers or YouTubers, and browsing Reddit in my free time. I also work hard to make lasting networking connections with others in the field so that – just by organic nature – I incorporate cybersecurity conversation into my everyday discussions with friends.

What ambitions do you have for your career ahead? 

I think most of my ambitions – as of right now – are more about my own personal growth in the field and assisting others to grow in their own cybersecurity careers. I’m currently pursuing my CCSP (Certified Cloud Security Professional), and plan to attempt the GCFA (GIAC Certified Forensics Analyst) in the coming months. In terms of the Cybersecurity Meg brand, my constant goal is to proliferate easily accessible and digestible content that anyone and everyone can relate to and utilize to empower themselves to launch their own successful cybersecurity career. I would love to eventually open a non-profit organization that is geared towards helping educate young minorities in STEM topics, or specifically to work with college graduates in guiding them into entry-level cybersecurity positions.

In your opinion, why is cybersecurity important or valuable? 

Cybersecurity is both important and valuable because at the end of the day, if an organization goes under due to poor cybersecurity posture, employees are likely to lose their jobs. Plummeting stock prices unfortunately tends to translate into lay-offs, or even closures of companies. Cybersecurity protects not just an organization’s data, but the jobs of the people who work there. 

What is it about your job that you love? 

What I love about my job is that what I do has an impact – I help companies prepare for cybersecurity incidents, and I also help them respond to them once they occur. I’m there to help you prepare for what is likely one of the worst days for your organization, and I’m also there to help you recover when you need that assistance. I love the fast-paced nature of Incident Response; how quickly things change, how much attention to detail it requires, how suddenly everyone within an organization who used to have an individual role now comes together to collaborate on achieving a single mission: Get through the incident.

What do you think the biggest challenge is for cybersecurity right now and what solutions do you think could address this?

Easy question. The biggest challenge for cybersecurity right now is the terrible hiring process that a vast majority of companies have in place when it comes to hiring cybersecurity professionals. If we don’t have a paradigm shift soon, we’re going to see some of the world’s largest companies and government organizations ending up in the evening news due to cyber attacks.

We need to take more chances on the people who have the passion and drive to work in cybersecurity – those who are curious and want to put in the time and effort to make an impact in the field. So many organizations are focused on years of experience, certifications, education, etc. – and whereas all of these things are certainly important in their own regard, I’d rather work with someone who has a hunger to protect the organization and the drive to constantly improve themself, yet no formal education, than someone who only got their bachelor’s degree so they could get into a high-paying job. 

We need to encourage more diversity within cybersecurity. We need to have hiring managers and recruiters communicate more clearly on what ideal candidates for cybersecurity roles actually look like. We need to present cybersecurity as a less intimidating field that welcomes people of all backgrounds. We need to start paying cybersecurity professionals accordingly with the years of experience and skill sets we’re asking for. We need to foster more STEM-centric programs to minorities starting from a much younger age. There are so many things we need to do that will improve the world’s cybersecurity posture against the bad guys. I hope more organizations start stepping up and implementing these changes.

 

The (ISC)² Global Achievement Awards celebrate individuals whose excellence, leadership and volunteer efforts have significantly advanced the cybersecurity industry and contributed to our vision of inspiring a safe and secure cyber world. All honorees will be recognized during (ISC)² Security Congress