Sophia McCall is a rising force in cybersecurity and a leading cyber security speaker. She is a cyber security professional who co-founded Security Queens, a platform created to break down barriers in a sector that has struggled with representation. Her work focuses on improving capability, access and visibility for underrepresented groups while helping organisations strengthen their approach to security.
Sophia has built a reputation for combining technical skill with a commitment to inclusion. She challenges outdated perceptions of the industry and shows companies how diverse teams contribute to better decision making and stronger defences. Her advocacy for mentorship has also helped many new entrants navigate a field that can often feel inaccessible. In this exclusive interview with the Cyber Security Speakers Agency, Sophia McCall discusses diversity, mentorship, hidden cyber threats and the cultural changes businesses need to make security truly effective.
Q: In practical terms, how does diversity strengthen a company’s security posture?
Sophia McCall: “So I think diversity brings a perspective of thought to your security teams. I think the more varied thought that you have within your defence teams, you’re less likely to fall into something like group think.
“And the more backgrounds you can bring in, the more different angles and perspectives you can bring in from different people, the better you’re able to kind of try to solve that problem.”
Q: What do you see as the main reasons the cyber security sector still struggles with diversity?
Sophia McCall: “So I think we have quite a big stereotype problem in cyber security, particularly with the news media portraying a hacker as a sweaty teenage boy hiding in a basement in a hoodie.
“We still have this image issue that persists within the industry. I’ve had to previously tell people that I’m not the diversity pick. You know, I’m here because I know what I’m doing. I’m very skilled at what I’m doing.
“But that kind of gatekeeping is quite exhausting, and even though we’re a little bit better, we still have a little bit further to go.
“So that’s why I co-founded Security Queens, a platform where we can welcome diversity and anyone can have that content to be accessible as much as they can.
“And it’s not just about that, but it’s about improving capability, access, and representation within the industry and trying to break down those barriers and toxic norms.”
Q: You speak often about mentorship. Why is it such a crucial part of building a stronger cyber workforce?
Sophia McCall: “So I’m a really big believer in mentorship. I really think it bridges the gap between potential and opportunity. Growing up, it was really nice to have female role models in the cyber security industry.
“Just seeing someone succeed and do well. I think having that form of mentorship is really good for someone that perhaps is a bit nervous or has quite a lot of self-doubt.
“Especially for something like cyber, which everyone thinks, “Oh, it’s really technical, it’s not for me.” There are loads of different career routes that you can go down that don’t mean you have to be a techie as such. And it’s all about passing that knowledge and actually building a community in cyber as well.”
Q: What cyber threats are business owners facing today that often go completely unnoticed?
Sophia McCall: “So I think one of the biggest risks that a lot of companies face is third-party risk. You can make your internal systems as secure as possible, but unfortunately if your suppliers or your supply chain is exposed, that’s definitely a way in for adversaries.
“Another thing that we’ve seen rise in recent years, especially with hybrid working, is things like bring-your-own-device or people working from home. So again, that adds another layer of exposure for companies.
“But also, something that’s particularly forgotten sometimes is insider risk as well. Not necessarily a malicious insider, but perhaps people that are less informed with security practice and clicking on phishing links, falling for scams, that kind of thing, which again leaves organisations exposed.”
Q: From your perspective, what remains the single biggest vulnerability inside most businesses?
Sophia McCall: “So there’s a saying that goes humans are the weakest link, and unfortunately, I think I am a little bit inclined to believe in that. You can invest millions in your firewalls and your defence technologies, but if you do not train your employees and your staff to spot a phishing email or how to spot a scam or a bit of fraud, it’s unfortunately all for nothing.
“So human error is still quite a big cause of major breaches and I’m always a big believer that security training is more of a culture that needs to be embedded in an organisation rather than a chore. So that’s something we can definitely work on, and particularly larger businesses that have those kinds of threats.”
Q: What common employee mistakes continue to put organisations at risk?
Sophia McCall: “So a lot of people think, “Oh, security is not my problem, that’s the IT department or the security team.” And I think one of the biggest things we need to make sure people know is that security is everyone’s responsibility.
“As I previously mentioned, phishing is a really big cause of breaches in many organisations and that’s something that we definitely need to address, but it’s all about empowering your employees with the right knowledge and making sure they are trained and have that awareness.
“And so, things like simulated phishing campaigns, things like that, help bring up that security barrier for them.”
Q: When you speak publicly, what do you most hope audiences carry forward?
Sophia McCall: “So I’m a really big believer in learning and not gatekeeping knowledge. Whenever I deliver a talk, I really want people to feel empowered and curious and wanting to learn more in a way.
“So cyber security isn’t just for the elite technical folks in the room. It is for everyone. Whether I’m speaking at a bank or a school, my goal is to demystify the subject so it can be accessible for everyone, quite exciting almost and actually quite impactful.
“I hope people don’t see diversity as a buzzword but actually as a strength to their team, and that mentorship and inclusion can help that journey and process as well.”
In 2025, Sophia McCall was named amongst the Top 20 Most Inspiring Women in Cyber.
