Skip to Main Content Skip to Footer Content
Close Search

Women in Payments: Breaking into Payments and Cybersecurity

Breaking into Payments and Cybersecurity

On a virtual panel during the Women in Payments Symposium Canada, Donna Teevens, director of global information security, ACI Worldwide, joined a number of women from payments organizations including Interac, PayPal, RBC and Dentons to discuss, “The Key to Cybersecurity in a Crisis and Beyond.”

I took a moment to chat with Donna about the discussion and her thoughts on women in payments.

Nidhi Alberti: Cybersecurity during the pandemic is a hot topic right now. What were the key takeaways from the discussion?

Donna Teevens: It was certainly a lively discussion as the pandemic has given us all a real-world crisis to deal with. It has jolted us and reminded us that our disaster recovery, business continuity and cybersecurity incident response plans do not exist merely to check off a compliance box. Security-conscious companies will take the pandemic and ensure that proper investment and attention has been made to those programs.

Most companies have never tested the ability to transition an entire workforce to a work from home model. What I found interesting is that all the panelists indicated that each of their companies had an almost seamless transition to work from home. Once employees had securely established their connectivity from home and did not experience network bandwidth issues, the security risk was the employees themselves as they became more susceptible to COVID-19 phishing campaigns. 

One panelist shared how recent court rulings suggest that companies can and will be held liable for the acts of their employees, in some cases even when the employee is clearly rogue. Continued security awareness training is key to helping mitigate some of these risks. Being vigilant and creating an environment and culture where employees understand that continuing to practice good security hygiene, no matter where they physically work, is essential to keeping a business operational.

One of my favorite quotes during the height of quarantine was the following:

“Don’t you feel like Mother Nature has sent us all to our rooms to think about what we’ve done?”

When it comes to cybersecurity, I think that quote goes like this, “Don’t you feel like Mother Nature has sent us to our rooms to think about what we haven’t done to prepare for this?” This pandemic was a good warning for us.

NA: Where do you see cybersecurity in the payments industry going in the next five years?

DT: A mature security program can be a key differentiator for prospects, and for retaining existing customers, most of whom are becoming cybersecurity savvy.

In the next five years, there will be an increase in the security assurances expected from all businesses. A few areas that will change how we think about cybersecurity in the payments industry include the use of cloud computing and new regulations. The cloud has emerged as an essential tool to allow companies to remain agile and provide responsive products to customers, and this is very true for the payments industry. In addition, I think there will be a shift in payment organizations sharing more cyber threat intelligence. The war on cybercriminals will be more effective working together.

NA: What advice would you have for women looking to break into the payments or the cybersecurity industry?

DT: Women represent about 20-25 percent of the workforce in the cybersecurity field. There is an enormous shortage of people to fill roles in this profession, particularly women. My advice is this: Don’t’ wait too long to realize how capable you are. Engage in organizations where you can see successful women in this profession. The Women in Payments organization is one great example of this. Colleges and Universities are now beginning to offer degrees in this field and there are many certification programs available, both technical and managerial. It’s a great time to be a woman in cybersecurity. The doors are opening, and more women should be walking in.

NA: What has helped you get to where you are in the industry?

DT: To be honest, this was not a completely intentional career path for me. I was working primarily on a process reengineering initiative and was helping to oversee and track a few security functions. I eventually ended up as a full-time member of ACI’s Global Information Security team. It was what I would have called a lucky mistake until I attended the Woman in Payments conference where they held a session on imposter syndrome. Impostor syndrome is the idea that you’ve only succeeded due to luck, and not because of your talent or qualifications. This was first identified in 1978 by psychologists Pauline Rose Clance and Suzanne Imes. In their paper, they theorized that women were uniquely affected by impostor syndrome. Now I know I didn’t get lucky, I worked hard to grow and change with ACI’s needs. It is oddly hard for woman to take credit for their hard work. Women are typically natural sharers and group participants, socially conditioned to maintain the “we” over the “I” mentality, but there are ways women can take credit for their work without coming off like they’re boasting or calling attention to themselves. What I think helped me to succeed in this field was not the depth of technical expertise, but the execution of soft skills, communication, teamwork and problem solving that are so crucial for companies to embrace in any industry. Careers in cybersecurity can feel daunting. You have to embrace that technologies and methods being used by hackers constantly change.

NA: What resources would you recommend women take advantage of to get a leg up in the industry?

DT: The pandemic has created an opportunity for people to attend virtual conferences more easily, and many of the webinars offered by vendors and other groups are free. These help to provide an understanding of what is available for positions and what timely topics are being discussed in both the cybersecurity and payments fields. Once the world normalizes and people can begin to travel, I strongly encourage attending conferences and joining external industry organizations. There are many for both payments and cybersecurity. The networking that comes from participation is often more valuable than the content itself. Reach out to women you know in the field. Take advantage that many are happy to share their experiences, their career path, and the challenges they’ve had. We need to learn from one another. This helps to build confidence, and that I believe is a big key to success.