Women in Cyber: Equipping SMEs with the tools to defend themselves

By Sean Nolan

Cecily Rawlinson, Director at Western Australia AustCyber Innovation Hub, shares how local governments can help small businesses to develop cyber protections.

Give a man a fish, and he'll eat for a day. Teach a man to fish, and he'll eat for a lifetime. Governments can improve the cybersecurity of small and medium-sized enterprises (SMEs) by sharing their expertise and best practices. Although creating an effective cyber defence can be a challenging process, the alternative is being left exposed to hackers, who can disrupt a business' time, money and productivity.

Cecily Rawlinson, Director at Western Australia AustCyber Innovation Hub, shares how local governments can help SMEs to start their cybersecurity journey right. She also shares how the AustCyber network are encouraging more young people to join the cyber industry and how the sector needs more diversity.

Tell us more about your role. How do you protect the digital realm and improve citizens’ lives?

I am the Director of the Western Australian AustCyber Innovation Hub (WAACIH). WAACIH is part of the AustCyber National Network of Cyber Security Innovation nodes, a series of bilateral partnerships between AustCyber and Australia’s State and Territory governments, which fosters and accelerates cyber capability development, innovation, and commercialisation across Australia.

The WAACIH focuses principally on our state’s capability development and challenges; on creating jobs, with a commitment to national priorities as defined by AustCyber’s strategy. A strong component of the Hub’s objectives is to foster innovation through public and private collaboration. The Hub engages across multiple sectors in WA including mining, oil and gas, agriculture, freight and logistics, defence and technology transfer opportunities with digitally focused small and medium-sized enterprises. The three themes of the Hub are Critical Infrastructure, Cybercrime and Big Data.

We help protect the digital realm by providing support to small-medium enterprises who may not have the funds or the ability to address their cyber risks. We also engage with a lot of high school and university students to help inspire them to explore cyber roles, and to communicate for the breadth and diversity of roles in the cyber industry. By supporting cyber start-ups, human capital and partners that the WA cyber industry needs – we are building a cyber resilient future for our state and our citizens.

What sparked your interest in cybersecurity?

My interest in cybersecurity began when I was working for an international NGO in Johannesburg, South Africa – CIVICUS. CIVICUS is a global alliance of civil society organisations and activists dedicated to strengthening citizen action and civil society throughout the world. Through engaging with activities, non-profit actors and social entrepreneurs in different contexts, one of the most common needs we heard from our alliance was the need for training on digital security and cyber security.  This gap in cyber literacy really inspired me to think critically about how best to design awareness and education programs, and how cybersecurity is of crucial importance to all individuals – from active citizens to social entrepreneurs.

What has been the most impactful project of your career?

The most impactful project that I have been involved in previously was being a founding facilitator of the Innovation of Change network. We were able to take an idea and some funds from two donors and co-create 7 regional innovation hubs that support civil society and activists around the globe. This network has launched some amazing products and services co-designed with the communities that need them, and affirmed my belief and passion for Design Thinking as a methodology.

In my current role, the most impactful project that WAACIH runs at the moment is called CyberCheck.Me. CyberCheck.Me has been developed by the ECU Security Research Institute (ECUSRI) in partnership with WAACIH and local government entities to provide SME's and the community with the basic precautions they can take to protect themselves against the loss of time, money, private information and reputational damage as a result of cyber-attack. CyberCheck.Me is run in partnership with local government councils, and the human resources comes from tertiary cybersecurity students. This means cyber students gain real-world experience and upskill before entering the job market and are able to earn an income to support them during their studies. It also provides affordable cybersecurity advice for small business who may otherwise be unable to access or unaware of their cyber risks.

What challenges would you like to take on in the next year?

Cybersecurity and cybercrime are becoming increasingly more complex challenges globally. I would like to see WAACIH use a Design Thinking framework to see how best we can support the local ecosystem, and tailor our work to support our start-ups, students and small businesses. I would like to focus on Critical Infrastructure Supply Chains and on increasing WAACIH’s profile as a neutral, trusted thought leader in the cyber ecosystem in Perth and build relationships with new partners.

Who or what inspired you this year, and why?

My Industry Advisory Board Chair Pia Turcinov has inspired me this year. Since starting my new role in July 2021, Pia has been a strong support in helping me hit the ground running. Pia is an excellent advocate for women in STEM careers and was previous the Chair of the organisation Women In Technology in WA. With her purple hair, thoughtful insights and her amazing network – Pia inspires me daily.

What advice would you give to women looking to start a career in cybersecurity?

I would tell them not to be afraid of exploring and studying spaces that are currently male dominated. Joining local organisations and communities that support women in STEM and cyber are a great way to gain a sense of solidarity and to find other female mentors in the space. I truly believe that a good mentor is an incredible asset to any woman on their career journey. Be brave, contact people you admire on LinkedIn and invite them to connect with you. Be honest about why they inspire you and prepare interesting questions. Most people in the cybersecurity space are very open and generous with their time, but if you don’t ask – you’ll never know.

It is also important to recognise that the cybersecurity sector in Australia struggles with a lack of diversity, so better pathways into careers for women from different backgrounds need to be established. Cybersecurity has the capacity to be inclusive for people of color, those with disabilities or from marginalised backgrounds. We need to design and shape the industry as an inclusive space.

If you could sum up your life motto in one sentence, what would it be?

Be kind to yourself, be kind to others, and be brave.