- Digital twins are optimizing supply chains and more. Here's why enterprises should care
- Getting Out in Front of Post-Quantum Threats with Crypto Agility
- Join Sam's Club for $15 - the lowest price we've seen. Here's how
- Meta's new $299 Quest 3S is the VR headset most people should buy this holiday season
- Get Microsoft Office 2019 for Windows or Mac for $25
Paving the way: Inspiring Women in Payments – A Q&A featuring Jen Stone
She was a single mom with three kids in daycare, no child support, and a job as an executive assistant that didn’t pay enough to cover the bills. With absolutely no experience, Jen Stone took a chance on a helpdesk position, which changed her life. In this edition of our blog, Jen explains how she found success by taking ownership of her own career.
How long have you been at SecurityMetrics and what is your role?
Jen Stone: I’m a Principal Security Analyst at SecurityMetrics, where I have been a QSA for over five years, and every day is different. Prior to 2020, I traveled around the world almost every week to perform onsite security assessments or speak about cybersecurity at conferences. Most of that has been virtual over the past year, but I look forward to working with people in person again. I’m also the host of the SecurityMetrics podcast.
How did you get started in the technology/payments industry? What led you to that career choice?
Jen Stone: I started in tech in the 1990’s when I was a single mom with three kids in daycare, no child support, and a job as an executive assistant that didn’t pay enough to cover the bills. When a helpdesk job came open at the company where I was working, I asked the CEO for it because it paid twice what I was making, and he took a chance on me.
I knew nothing. Every helpdesk call that came in required me to gather information and seek out answers. It was a steep learning curve, especially since the guys in IT had no interest in helping me learn things. They were not happy that someone without experience was given the job, and I couldn’t blame them. I made their jobs harder for several months before I was useful in the role.
I’ll be honest – I didn’t enjoy it; not at first. But I didn’t let that stop me, because I had kids to feed, so I fought my way to competence through hard work and discipline. Within a year I was managing the helpdesk, and my IT career advanced steadily from there, taking me from IT operations to devops and eventually to cybersecurity.
What is your proudest accomplishment in your career to date?
Jen Stone: This year a friend who owns her own hair styling business asked me to help her get into tech. She didn’t have a technology background, so she took online classes and started a podcast with me to talk to other people in tech who could help her find her own path. A few months later she accepted a job as a technical project manager. We meet regularly so I can help her fill in the gaps in her knowledge and successfully grasp the work. I’m extremely proud of being a part of her success and getting to see her grit and determination in action.
Do you notice a lack of women in technology? If so, why do you think that is the case?
Jen Stone: Yes, although that is changing rapidly. In cybersecurity, we’re seeing a slower rise in numbers. I think there are a lot of cultural and historical reasons why fewer women have sought jobs in tech, which has had an oversized impact on the number of women in cybersecurity positions.
It’s a pipelining problem. Couple the historically low number of women in technology with the need for broad experience in order to grasp cybersecurity and you end up with dismal numbers of women in the field. We’re catching up, though. It’s just a matter of time and interest.
In your experience, does being a woman in your profession come with confidence challenges that you have to overcome, for instance doubting your own ability? How do you overcome it?
Jen Stone: I don’t feel that being female makes me more prone to a lack of self-confidence than the men on my team.
I have found that Imposter Syndrome is common among QSAs, and with good reason. We’re expected to accurately judge the efficacy of security controls over a broad range of security domains, in environments unfamiliar to us, being enforced by tools we may never have used ourselves, in conversation with teams of people who might feel under attack because they’re being evaluated by someone from outside their organization. That can be intimidating for anyone.
On top of that, new vulnerabilities are being discovered at breakneck speed, and we have to understand threat modeling well enough to align risks with the PCI requirements intended to mitigate them.
I have felt self-doubt on occasion, but I don’t let myself entertain it. I believe the information I need to be successful is out there; it just takes time and commitment to learn new things.
Many women in the tech industry have felt their gender has affected the way that they are perceived or treated. Have you ever been in a situation like that? How did you handle it?
Jen Stone: When I was younger, I was often told by well-meaning people that gender was an issue in tech, and I needed to be on the lookout for it. The problem with this is that we see what we believe we will see. I saw it everywhere.
One day I read an awesome book, Man’s Search for Meaning by Viktor Frankl. It struck me that although I may have no control over what other people think and say and do, I have every control over how I respond. I started the practice of responding to every perceived gender-freighted challenge as if gender had no bearing on anyone’s words or actions.
Astoundingly, when I stopped believing my gender was a factor, it no longer was. I’m not saying that suddenly nobody I encountered in my career decided things based on gender, but the times it actually had any bearing on outcomes became vanishingly small.
Here’s the real brain twister on that – if my gender isn’t a factor and I’m still not succeeding, what is holding me back? Myself. And that’s a hard idea to take on board, because now I’m responsible for my career outcomes.
What do you see – or hope to see – as the future for women in technology roles/payments industry?
Jen Stone: Gender should have no bearing whatsoever on careers in the payments industry. I look forward to a future when asking the question seems absurd.
Were you given any advice during your career that has stuck with you? As a result, do you have a personal mantra or a famous quote that you live by?
Jen Stone: I’m drawn to the leadership practices of Jocko Willink:
“Getting better isn’t a hack or a trick or one change you need to make. Getting better is a campaign. It’s a campaign; daily, weekly. It’s an hourly fight. It’s an incessant fight that doesn’t stop. A fight against weakness, against temptation and against laziness. It’s a campaign of discipline. It’s a campaign of hard work and dedication. It’s waking up early and going to bed late and grinding out every second in between. Every. Single. Day.”
What advice would you impart to other women about how to succeed in the payment industry or in a technology-based field in general? Is there anything you wish you had known?
Jen Stone: Have clear goals and put meaningful work toward achieving them. When you fail, don’t seek to assign blame. If you ascribe career challenges to something you can’t change, like gender or height or age, then basically you’re saying the outcome is out of your hands. This robs you of the chance to make a change and move forward. Take ownership of your career.
