Sergey Nivens - Stock.Adobe.com
The Security Interviews: Rebecca Taylor, SecureWorks Counter Threat Unit
In October 2023, Rebecca Taylor of the SecureWorks Counter Threat Unit was recognised at the annual Security Serious Unsung Heroes Awards for her work. Computer Weekly caught up with her to talk mentoring, cyber career development and diversity
If she was ever to write a book about her life in cyber security – which as an English and creative writing graduate, she may yet do – SecureWorks Counter Threat Unit (CTU) threat intelligence knowledge manager Rebecca Taylor would write that the most important part of the job, and the bit she has enjoyed the most, was being there when people needed help.
“If I think back to the incidents that I was part of, or from a threat intelligence perspective now, I am there to equip and help people when they are sometimes at their lowest and scariest moment. That, for me, is the standout because that’s all I’ve ever wanted to do is just to help,” she says.
Taylor’s pathway into cyber security began in the mid-2010s shortly after leaving university. As part of the millennial generation growing up with computers in general use and mobile phones as a fact of life, she was already aware of the general idea of cyber security, and when a position came up at SecureWorks, her interest was piqued.
However, she didn’t take a security job at first. “I actually started as an executive assistant, a personal assistant making teas and coffees, organising meeting rooms, all those kinds of things,” she says. “And it was very quickly [after] I came into the industry, and started seeing those people around me and who I was working with, that I knew there was a space for me, and that there was an opportunity if I wanted to seize it.”
The power of mentors
Taylor credits her interviewer at SecureWorks all those years ago with seeing a potential in her, and recalls how during her interview much was made of how there were plentiful opportunities to progress and develop within the organisation.
“Hearing that in an interview sowed a seed that maybe I could get my foot in the door, that I could be something,” she says.
Once inside the business, Taylor set about taking advantage of a clearly forward-thinking culture within SecureWorks. “I started doing lots of studying and learning in the background, and through mentorship and exposure around the business, really focused on progressing my career,” she says.
Mentoring especially has been a effective tool along the way, helping to guide her, connect her with different people around SecureWorks, and obtain on-the-job, hands-on training and learning.
Even now, three or four roles down the line, she continues to take advantage of the opportunities, and generally has three or four mentors, internal and external, on the go at once. “I like the difference in opinion, and I like the network and the support,” she says.
Taylor recommends taking advantage of mentorship opportunities to anybody, at any stage of their working life, and has even hinted to her own manager that they should get one.
“Mentors aren’t there when you’re starting out, they’re there for you through all points of your career,” she says. “They’re a sounding board, they can help you tackle challenges, [and] I think we all, throughout our entire career, have moments where we need that sounding board and we need that perspective.”
Taylor’s mentors and colleagues quickly started to help her to see where she could diversify into different roles. Her next step was into resource coordination, where she had her first encounters with customers experiencing an active cyber incident. From there, she moved into incident command, where she helped design and manage the intelligence customers receive to support them through a cyber attack.
Most recently, she became threat intelligence knowledge manager at the CTU – the part of SecureWorks with responsibility for analysing the vast amounts of threat data received from its customers and monitoring the wider threat landscape for new nasties. It is probably the most publicly facing part of SecureWorks; its analysts routinely share their findings with tech and cyber security media.
“That role is about making sure that we’re collecting indicators, that we are using them in the right kinds of ways, that they’re attributable, that they make sense. And with that comes accessibility and searchability, which is where I really started to follow my passion around diversity and inclusion,” she says.
Diversity champion
And passionate she has been. In October 2023, Taylor was recognised at the UK’s annual Security Serious Unsung Heroes Awards as Diversity Champion – and when we catch up a few weeks later, she is still buzzing.
“I still am in a state of shock slash confusion about how it possibly happened,” she says, “just because I wouldn’t say that I feel like a hero – it just feels like the right thing to do.
“Off the back of it, I’ve had lots of different individuals reaching out asking if I can support them, if I’d be open to a conversation. They typically tend to be women around my age and younger, so university students, which is really lovely.
“I think it’s just opened up even more of a conversation about what more can we do both at SecureWorks and beyond. How can we actually give more back to other communities and be part of the conversation and the change?” she says.
Neurodiversity: a lightbulb moment
Much has been written about how neurodiverse people – from those with autism, ADHD and other conditions such as dyslexia, dyscalculia and dyspraxia – are drawn to cyber security, in contexts both positive and negative.
It was reflecting on the experiences of the neurodiverse people she worked with that first influenced Taylor’s thinking around the wider issues of diversity in cyber.
“There is a high neurodiversity rate within cyber security,” says Taylor. “[And] the beautiful thing about neurodiversity is that it isn’t necessarily a negative. An individual with ADHD for example, has potentially more energy, is able to hyper focus and is hyper attentive, which is actually incredibly useful during an incident when you really need someone to focus and dig down and dig deep to get through to the other side of that incident. There are positives to being neurodivergent, 100%.”
But Taylor quickly found that during cyber incidents, organisations always use very similar, neurotypical-friendly playbooks, materials and communications methods regardless of the people doing the actual work. This situation arose not out of an active lack of consideration for neurodiverse people, but because working an active cyber security incident is a very structured process.
“I wanted to start being more creative and think about how could we better communicate and support and distil knowledge to all and build those materials to suit that different neurodiversity that we see in cyber security,” says Taylor.
“There is a high neurodiversity rate within cyber security. [And] the beautiful thing about neurodiversity is that it isn’t necessarily a negative”
Rebecca Taylor, SecureWorks Counter Threat Unit
Taylor now tries to encourage user security teams to be open and transparent about more than just cyber when they sit down for conversations with SecureWorks. In this way, she can make reasonable adjustments to meet various needs – some people may prefer in-person conversation to written reports, others are uncomfortable using the phone and prefer written communications.
In one instance, she recalls how a customer mentioned that they had a colourblind person on their team. This was something she had never even considered as a problem before, but clearly a lot of visual cyber security reporting relies on the colours red and green – red for stop or danger, green for go or safe. A simple edit on SecureWorks’ side to the presentation went a long way to helping the customers’ team member feel included and seen, and reinforced the wider relationship.
“The customer felt that they could trust us and were comfortable that they could share that level of detail. We were able to edit our presentation and the way we worked with them just from having a chat,” she says.
“These don’t have to be big changes. It’s actually just having that open conversation and showing that we are open to your adjustments and will keep them confidential. We will make those tweaks so you can participate and be part of that incident in the way you want to be.”
Taylor has brought this philosophy to bear within SecureWorks too. She now runs events such as informal lunch-n-learn sessions, at which all are welcome, to spark candid conversations about diversity within the business.
“By starting at that point, it shows that the organisation is open and aware, and that we will have a chat about it if you want to talk about it. That’s the first stepping stone, that normalisation of diversity as a topic,” she says.
Of course, such events will always require support and buy-in from senior leadership, and Taylor acknowledges she has been fortunate to have been able to build “genuinely fantastic relationships” within SecureWorks.
“I wholeheartedly know, because of the way my leader is, because of his kindness and his openness, that if I need something I can ask and it will be treated in a fair and respectful way. And that is something that I have experienced my entire career at SecureWorks, always,” she says.
Retention the next big challenge
With a female CEO in charge at SecureWorks, to whom Taylor has a direct line, the company is clearly out in front of the pack when it comes to improving diversity in security. The next challenge that Taylor sees is the issue of retaining diverse talent after having expended so much to find it.
“I’m very conscious of this because there’s a lot of focus on getting more diverse groups and underrepresented groups into tech, but there isn’t in my opinion as much focus on retention,” she says.
She suggests that keeping the focus on openness and transparency us the way forward here. “If I focus on women, having those conversations about what they need to be successful in comparison to men is what’s going to keep them here,” she says.
“For example, flexible working – flexible working is incredibly important. I read somewhere that 12% of women dropped out of tech to fulfil care commitments, but if organisations had conversations about adjustments and requirements, would those women have felt the need to leave?
“Retention is about listening to what people want, because if you don’t do that people don’t feel heard, they don’t feel seen, and therefore they’ll find someone else who will,” adds Taylor.
Come and try security
As we close out our conversation, Taylor concludes by highlighting the growing number of opportunities for people from underrepresented groups to get into technology, and cyber security in particular, whether they’re setting out to establish if cyber is the right track for them or want to elevate their careers.
“There are fantastic courses such as that run by Empowering You or Tech She Can that can help you identify if it’s the right pathway for you, but also help you from a networking and mentoring perspective. They are both organisations I’ve worked with that I have personally used to help me feel comfortable and to own my platform,” she says.
Read more from the Security Interviews series
- Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming passwordless future.
- SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come.
- Organisations are racing to keep their security up to date against the latest threats. CrowdStrike’s Zeki Turedi explains how to protect against novel and innovative cyber attacks.