It will take a paradigm shift to defend our national security moving forward. Women and people of color should be at the forefront of this effort. Demystifying Cybersecurity, a #ShareTheMicInCyber and Ms. magazine monthly series, spotlights women from the #ShareTheMicInCyber movement—highlighting the experiences of Black practitioners, driving a critical conversation on race in the cybersecurity industry, and shining a light on Black experts in their fields.
Zinet Kemal, an immigrant from Ethiopia, is an award-winning cybersecurity professional, speaker and children’s book author. She currently resides in Minnesota, where she works for a Fortune 500 company as an associate cloud security engineer—in her own words, “I make sure the data that customers entrust with our business does not fall into the wrong hands.”
Kemal has been married for 13 years and is the mother of four children. They served as Kemal’s inspiration to start writing children’s books, after she saw a need to encourage young girls with hijabs to be proud of their culture, to embrace their identity, and to recognize their beauty and uniqueness. The result: Proud in Her Hijab, a best seller and winner of the 2021 Distinguished Authors Guild and 2022 Literary Titans book award.
Kemal’s kids also inspired her second book, Oh, No… Hacked Again! During the pandemic, Kemal’s children were spending more time online, either gaming or attending online school. Two of their gaming accounts were hacked on more than one occasion. The book teaches children about online safety: “It’s never too early to equip our children with the right security mindset early on,” she said.
Kemal made her way to cybersecurity after changing careers from from the legal field. She earned a bachelor’s of science degree in computer science and a bachelor of law, and is currently pursuing her master’s degree in cybersecurity from Georgia Tech University.
A Black immigrant woman who transitioned into cyber, Zinet is aware of the glaring lack of diversity within the cybersecurity industry—women make up just 24 percent of cybersecurity workers. Through her work, she hopes to spark interest in young readers, especially girls, to consider cybersecurity as an exciting and meaningful career option when they grow up.
In the conversation below, Kemal shares a glimpse into the life of a full-time mom and full-time cybersecurity professional, and how she manages to takes care of herself and others.
Lauren Zabierek and Camille Stewart: What do you do? What does a normal day look like for you?
Zinet Kemal: I am an associate cloud security engineer at Best Buy. A normal day for me involves advising the business what ‘secure’ looks like in the cloud or in the cloud migration journey. I am often recommending secure ways of utilizing cloud-native services or other solutions to enable the business to operate securely, while protecting the confidentiality, integrity and availability of customers’ data.
Zabierek and Stewart: We are blown away by everything you do for others—as a mom, a cybersecurity professional, a student and an author. How do you make it all work?
Kemal: Honestly, I try to spend my time intentionally and efficiently. I don’t like putting off work for tomorrow if I am able to do it today somehow. Sometimes that may cause burnout, but my rationale is that I am a mom of four young kids and things might get unpredictable anytime and quickly. I try to do what I can, while I can, instead of saying I will do it later.
I also came from a place where I have very limited opportunities, so I don’t take for granted anything that may be helpful to my growth professionally, academically or personally. But I always try to prioritize my kids and the needs of my family.
I also have a very supportive husband who believes in my potential. I always consult with him whenever I have those crazy ideas I want to venture on and he always says, “Why not? You know you can do it!” Having his support means so much and I also learned so much about sharing the parenting responsibilities. There were a lot of things I would assume as a mother, I should be the only one doing, or that I have to be everywhere where the kids go. I don’t do that to myself anymore! It is so important to have mutual understanding, a support system, and to support one another and each other’s dreams.
That, plus finding balance, consistency and perseverance, are the keys that help me maintain all the things I am doing. To some extent I try to multitask with some things, such as attending a lecture while braiding my girls hair or catching up on my favorite show while cooking, etc.
I also remain motivated thinking about why I am doing what I am doing, which is rebuilding a career for myself while caring for my family and inspiring others who might be on a similar journey as me—as an immigrant mother, and career changer, or a Black Muslim hijabi woman in cybersecurity. I want to become a role model for my kids, especially my girls. I want to show them that they can do anything or be what they aspire to be in life, if they choose to do so.
I am also learning how to tell myself it’s okay to not do anything, take a break well and take care of myself mentally and physically without feeling the mom guilt or self imposing so much that i have to achieve more.
I remain motivated thinking about why I am doing what I am doing, which is rebuilding a career for myself while caring for my family and inspiring others who might be on a similar journey as me—as an immigrant mother, and career changer, or a Black Muslim hijabi woman in cybersecurity.Zinet Kemal
Zabierek and Stewart: How does your work keep people safe?
Kemal: My work makes sure that the business’s customer data is protected by ensuring that exposure of sensitive data doesn’t happen or the risk of exposure is minimized as a result of misconfiguration of cloud services.
One way I do that is advising the cloud engineers on the most secure configuration of cloud services so that customer’s sensitive data such as credit cards, address etc aren’t exposed or don’t get stolen by cyber criminals.
Another way my work keeps people safe is ensuring that the business’s websites and systems remain functional and available for customers—this way, people know they can trust our websites and aren’t confused by criminals’ attempts to spoof them. In other words, I make sure that the data that customers entrust with our business does not fall into the wrong hands, while also protecting the reputation and credibility of the business from being tarnished as a result of a cyber attack or a data leak.
Zabierek and Stewart: How did you get into cybersecurity?
Kemal: While doing undergraduate study for a computer science degree program, I had the opportunity to participate in a Collegiate Cyber Defense Competition (CCDC), which initially sparked my interest in cybersecurity. The self-learning to prepare for the competition, the collaboration to defend the team’s network, communication and other essential skills needed all gave me a sneak peek at some aspects of the security world. From then on I continued my learning through certifications, academic studies and a series of real world experiences.
I moved to the United States nine years ago—which was a challenge in itself—but aside from that, the biggest challenge for me was starting from scratch in tech, after I switched from the legal field. I learned everything from zero without having the background needed. I had to face all the math classes I had previously avoided because I thought I was bad at math, and had to learn computer science and all the programming languages without any background in tech or computing. At the end of my undergrad program, I discovered cybersecurity; I realized I didn’t necessarily need to code, and may not even need a computer science degree for a cybersecurity career. But I have learned so much, and all of the paths I took have contributed positively to my learning, and have led me to where I am today in my career.
The other challenge for me was just being able to balance rebuilding my career in a new continent, learning a new field, breaking into a new industry while also raising my young children. I had my youngest three while going to school, navigating childcare struggles in a whole new system without enough support, and keeping up with part-time internships. It all took being consistent—but if I can do it, anyone can.
I want folks who are interested in entering the cybersecurity field to know that all are welcome and your perspectives are needed.Zinet Kemal
Zabierek and Stewart: You are an inspiration! What do you wish people knew about working in cybersecurity?
Kemal: That it is a broad industry with a lot of domains and opportunities—it isn’t always, and definitely not only, hacking and pen testing. It may not always be glamorous work all the time.
Without proper balance, it may cause burnout, as it can be demanding. One needs to keep up with the evolving nature of the field, where there is always some new technology or new security trend, as well as deal with being on standby to work after hours or on weekends depending on the role—like if you work in a security operations center.
I also really want people to know that you don’t necessarily have to be someone who knows how to code a computer program.
It’s also not too early to teach kids about being safe online at a young age. It’s never too early to equip our children with the right security mindset early on, as they are exposed to technology from a young age and are vulnerable to be targeted by online predators or by cyber criminals stealing and misusing their sensitive personal information. It’s vital that we have open communication with our kids or students about how to protect their passwords, not falling for phishing links, when to tell a trusted adult if they feel uncomfortable online, how to be kind to others online, or how the internet isn’t private. Whatever you put out there is there to stay forever, so kids should be mindful of what they post online. Those are also among the main lessons learned from the story in my second children’s book, ‘Oh, No …Hacked Again!’
I also want to emphasize that while this industry is not as diverse as it should be, I do want folks who are interested in entering the field to know that all are welcome and your perspectives are needed.
Zabierek and Stewart: Why is cybersecurity important for women?
Kemal: Women make up more than half of the population and the industry needs women’s expertise and their diverse perspectives to solve the many challenges we face, such as increasingly-sophisticated cyber attacks and breaches. Cybersecurity is so important, whether for individuals, small businesses, or even huge organizations as people are operating in digital spaces more than ever. We use the internet for banking, school, entertainment, and more, and we all play a part in keeping our sensitive data from falling into the wrong hands and being used for malicious purposes.
Zabierek and Stewart: What do you wish you knew when you were trying to get into cybersecurity?
Kemal: I just wish I knew about the field sooner. I didn’t know about it until late 2017, but once I became interested in the field, I didn’t waste any time making the most of everything and growing to get to where I am today and continue to do so.
Zabierek and Stewart: Self-care is so important in the security world–what do you do to unwind or relax?
Kemal: I transition to doing housework while watching some shows that I like, or caring for the kids, braiding my girls hair that keeps me away from the screen and thinking. But really stealing some time to sleep, or to be just alone and in quiet mode before bedtime or after kids go to school helps me to unwind. I advocate for getting enough sleep daily, but I just can’t say that I do that with four young kids myself! I am working on improving daily.
Zabierek and Stewart: What advice would you give a young person reading this with interest in the field? How can they break into it?
Kemal: If you have the passion and interest to be in this industry, you are never late and you do belong. You have to be willing to do the work, to be a continuous learner to stay current and keep up with the trends. The industry needs you, so research which area or domain of cybersecurity speaks to you the most and make the transition happen. You can carve out your path beginning today!
Get the percentage of women in cyber to at least 60 percent and make the industry more diverse, getting that number to at least 50 percent … Diversifying the industry brings different ways of thinking, skills and perspectives to the table.Zinet Kemal
Zabierek and Stewart: If you could wave a magic wand to change anything about the cybersecurity industry, the law, or technology ecosystem, what would you change and how would you do it?
Kemal: Get the percentage of women in cyber to at least 60 percent and make the industry more diverse, getting that number to at least 50 percent.
How do I do it? Wave a magic wand. Just kidding—make sure that leaders intentionally tap into talent from diverse populations and to also retain and grow the talents already in the industry by positioning them to grow within, compensating them well, encouraging employees to prioritize well-being through a healthy work life balance.
Diversifying the industry brings different ways of thinking, skills and perspectives to the table—hence helping the business as security’s main aim is enabling the business.