Regine Bonneau – Founder and CEO of RB Advisory LLC
Regine Bonneau is a leading expert on cyber security, risk management, and compliance. Her career spans 20 years with a focus on technology and processes in the healthcare, financial, and energy sectors. Ms. Bonneau is the Founder and CEO of RB Advisory LLC, which provides cyber risk management, security assessments, compliance services, forensic audits, and privacy consultations for private sector and government clients. She is a sought-after speaker and holds leadership roles in several technology industry associations. Ms. Bonneau has been featured in the Orlando Sentinel, the Orlando Business Journal, and other prominent publications. She is a New America Cybersecurity Fellow, and a member of the International Consortium of Minority Cybersecurity Professionals (ICMCP).
Ms. Bonneau holds a Master’s in Business Administration and Finance from Keller Graduate School of Management, a JSM from Thomas Jefferson School of Law, and a Bachelor’s in Business Administration & Finance from Strayer University.
[OnlineEducation.com] You came out of school with a master’s in business administration and finance, and moved from there into cybersecurity. What was that process like?
[Ms. Bonneau] I was looking to transition into an industry to build a lasting career where I can be an instrumental part in igniting change and new ways of thinking, motivating young women and minorities, and creating a pathway that will eliminate any barriers of entry, and cybersecurity was my choice. I am always looking to be part of the solution. I spent a lot of time researching and reading about cybersecurity, and I started going to events that would educate me further, and help me incorporate my education, experience, and skills. At those events, I would ask the organizers questions, tell them about myself, and what I was looking to accomplish, and that would lead me to speak with someone else. I would go and introduce myself to that person and start the whole process again. If they could not help me, I would ask about someone in their network who could help and guide me. I joined ISSA and was invited to a chapter meeting in Tampa. This is where I found a mentor, and here I am. I was curious, passionate, determined and open to listening and being guided.
[OnlineEducation.com] When you began your career, was it your impression that cybersecurity was an unusual career choice for women? You’re involved with the International Consortium of Minority Cybersecurity Professionals, so I would also be curious to hear about your impressions of the overall attitudes and the culture you encountered in the cybersecurity community.
[Ms. Bonneau] When I started my career, it was very explicit that cybersecurity was an unusual career choice for women. Remember, those events I went to, not only could I count how many women were there, I could also count how many of these women looked like me: 0 to 1. At some events, I was the only woman there. One time, a gentleman thought that I was lost and tried his best to help me. Once he decided to accept the fact that I was registered for the correct workshop, I was allowed in. I was introduced to ICMCP, loved their vision and mission and I was eager to get involved.
A little history: when I graduated from high school, I went to a technical college to study electrical engineering. I was the fixer at home. I started the program with two other women and, by the third semester, I was the only one left. We were put through a lot by our male classmates. The other two women that left told me that they could not take the sly remarks and went into another field. I am from Haiti, with Caribbean mother and quitting is never in the vocabulary. I was determined to show them I could not be bullied. My professor enjoyed when people would pass by the class and see me. They would come back to make sure that they were seeing correct: I was the only woman in the class and I was sitting in the front row.
Fast forward to the cybersecurity field: I was familiar in being in an environment dominated by men. My attitude was and still is: “The worst you can do is say no, which is an opportunity for me to ask another question.” However, the sad part of my early entrance into cybersecurity is that I was welcomed by more men than women. I could not understand this because my thought was: we should come together and make an impact. This all changed when I attended an event organized by the ISSA Tampa Bay Chapter. I met my first mentor and other women who were actually eager to work with and guide me.
Next was my introduction to ICMCP. Finally, through ICMCP, I was able to submit my application for fellowship with New America. ICMCP started the conversation and a lot of things came about, especially when I started hearing about other women in cybersecurity, and seeing their diverse educational and professional backgrounds.
Women who are already in the field should be pioneers and provide a path for new women entering the field. Remember, there were pioneers before us that allowed us to be where we are today. We have more work to do, so let’s be part of the solution. We are stronger in numbers.
[OnlineEducation.com] My sense is that you do indeed feel there should be more women in cybersecurity professions? Do you think that there are particular barriers that have discouraged women from entering the field?
[Ms. Bonneau] From my perspective, women are underrepresented in the field of cybersecurity. I believe the barriers for entry for women are:
- Not being promoted to senior level positions
- Different forms of discrimination
- Family obligations
- Working hours
- Education and training
- Attracting young women at an early age
We are actually seeing a lot of new programs and initiatives aimed at attracting more women in the field. Yes, we are still at 11% in the actual workforce; however, I expect to see a change in the percentage in the next five years due to these programs actively promoting women figures in the industry, offering scholarships to women, and implementing training programs in collaboration with corporate partners and academic institutions. We also need more women helping other women. There needs to be a shift to women mentoring and sponsoring other women in preparation to take over as the next set of leaders.
[OnlineEducation.com] What advice would you give to young women considering career in cybersecurity, or to women who may be thinking about switching their career track to a particular area within cybersecurity?
[Ms. Bonneau] The advice that I would give someone who is considering or preparing for a career in cybersecurity is:
- This field is not about getting a paycheck, you have to love the idea of being part of the solution
- Be curious
- Have passion
- Be coachable
- Be genuine
- Have a thirst for learning
- Do a lot of research in each field
- Know which field complements your skills, education, and knowledge
- Know what you love to do and what will make you happy
- Be ready to ask for help
- Rejection is a part of life, take the good part and turn it positive
- People are more receptive when you already have a plan – it shows that you take initiative and all they need to do is help you modify and guide you in the right direction
[OnlineEducation.com] Are there areas or specializations within cybersecurity that appear to be more accommodating to women? Or, are there areas within the field in which women simply appear to be making greater headway?
[Ms. Bonneau] To answer both questions, I have found the following areas of specialization within cybersecurity to be accommodating to women, and these are areas where women can make great headway.
- Risk Management
These fields complement many women’s innate ability to multitask, to be open to suggestions, to be able to formulate different outcomes for the same issue, and to be adaptable.
[OnlineEducation.com] While it feels a little presumptuous to assume that so-called “work/life” or “work/family” balance is only a consideration for women in any field, it is a topic that does come up in relation to cybersecurity. What is your perspective on this issue?
[Ms. Bonneau] It is not presumptuous to assume the so-called “work/life” or “work/family” balance is only a consideration for women in any field. It is a hot topic that comes up in relation to cybersecurity. Cybersecurity requires a lot of reading, thinking, and traveling. It takes a lot of time away from family and friends. However, the reward is great.
I am the proud mom, best friend, of an intelligent and energetic 4 year-old boy. Need I say more. I place great value in work/life/family balance. Traveling is a must for me and I greatly appreciate Facetime. It makes it a little easier and I always have to plan my travel properly and have discussions with my son prior to leaving. When I return, I always make sure that I spend a day with him.
My perspective on this issue is that cybersecurity is just another industry. Your career goals determine which path you will take and the sacrifices necessary to achieve that goal. You need to have a supportive family, children, spouse, or significant other who understands and support your plan. Yes, cybersecurity can be harsh, especially if you are part of an incident response or disaster recovery team, where you can spend between 72 hours or more away from home.
[OnlineEducation.com] Is there anything else you’d like to add that you feel would be helpful to women who are considering a career in cybersecurity?
[Ms. Bonneau] In everything that you do in life, you must research and plan. You must know what you want. Be prepared when you are going somewhere, because it shows initiative and care. Invest in yourself. If you have to go back to school, get a certification, do an internship, start at the bottom, that’s okay. Keep your eyes on the prize. Cybersecurity is a great industry to be in because it is fairly new and your skills are needed no matter what you see in job descriptions. Don’t stop knocking on the doors and asking for help. The door will open. Make and keep connections. Be ready to give before you start receiving. Get involved in organizations like ICMCP, ISSA, ISACA, IAPP, ASIS, etc… ICMCP has been an instrumental part in the start and success of my career in cybersecurity.