The IT Security Guru’s Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee’s answers are written in their own words with minor edits made by the editor for readability.

This year, the awards are sponsored by KPMG and Beazley.

Sema Yuce, Director at Truth ISC Technology and Security Consultancy LTD

What does your job role entail?

I am the founder and director of a boutique London-based information security governance, risk, and compliance (GRC) management consulting firm specialising in providing creative, cost-effective, independent management consultancy and security awareness solutions.

How did you get into the cybersecurity industry?

I started in the field of software development and project management. In 2007, I had the chance of a lifetime to lead the project of creating the electronic mobile signature solution including cyber security controls, HSMs, a data centre and a trust centre. During this project, I had to learn digital signatures, public key infrastructure, implement ISMS, get ISO27001 certified and create a secure & compliant turn-key solution. Once the project was successfully completed, there was no going back to software development, I had found my passion: cyber security!

What is one of the biggest challenges you have faced as a woman in the tech/cyber industry and how did you overcome it?

I was the only girl in my university degree programme and I graduated with the highest grade. I am so glad that I was prepared to be the only woman in the room as this was almost always the case at work. My biggest challenge was gaining the trust of technology teams when I was leading security and governance. At first, they didn’t show confidence (most probably because of my gender); however, I overcame this after having several deep conversations about the technologies they were using, their problems and how security could help them solve these and become an enabler.

What are your top three greatest accomplishments you have achieved during your career so far?

1. Management of an electronic/mobile signature project and leading the creation of its certificate authority infrastructure, data centre and trust centre with an amazing multi-company and multinational team.
2. Implementation of ISO27001 to 11 companies from diverse sectors with various scopes in different countries.
3. Establishment of my consultancy company after 19 years of corporate life (last position as a Senior VP and CISO), finding the courage to leave my comfort zone and moving to the UK without knowing where to start. Since then, I have worked with amazing clients and continually supported their information / cyber security programmes.

What are you doing to support other women, and/or to increase diversity, in the tech/cyber industry?

I am a volunteer at the SANS Institute and have translated their monthly security awareness letter for more than five years. I am also a Professional Member at the British Computer Society (BCS), Silver Member at ISACA London Chapter and an ambassador for SheLeadsTech. I am an instructor at Fintech Istanbul for the Cyber Security and Computer Ethics classes. I created the course outline and facilitate these courses.

I mentored 12 female professionals who decided to move their careers into cyber security during my career. I am also an active member and a mentor at Reed – Women in Technology Mentoring Scheme where I help women working in IT, Digital, Data and Transformation and support individual performance in their current role and the achievement of their career goals. I also contribute to industry publications as a voluntary reviewer at the BCS. In 2020, I had the honour of winning the TechWomen2020 Awards for my outstanding contribution to the women in the technology sector.

I try to use every opportunity to increase diversity in the tech/cyber industry and I believe we have a lot of work to do; however, diversity is only the start and we should also focus on inclusion as we need every voice to be heard if we want to make the world a better place. I love numbers and I am a believer in “you cannot improve it if you cannot measure it”. If I may, I kindly suggest that everyone read the “Decrypting Diversity 2020” which is a joint report between the National Cyber Security Centre (NCSC) and KPMG UK to get a clearer picture of the facts.

What is one piece of advice you would give to girls/women looking to enter the cybersecurity industry?

If men can do it, you can do it too. In fact, I think you can do it even better with all the soft skills you have, as the industry needs them desperately!