Confidence Staveley: ‘To embrace cybersecurity opportunities, women need to be open-minded’

Confidence Staveley is a Cyber security professional, inclusion advocate and a cyber talent developer with over a decade experience in technology. She is the founder and Executive Director of CyberSafe Foundation, a leading non-Governmental organisation dedicated to improving inclusive and safe digital access in Africa. Through her foundation, Staveley is helping to protect the most vulnerable people and businesses in our communities. She graduated with a first class degree from the University of Middlesex where she studied IT and Business Information Systems, and also graduated with distinction from the University of Bradford where she studied IT Management. Among her numerous professional certifications and industry recognitions, Staveley was recently named a 2021 African Obama Leader and is an awardee of the U.S State Department’s International Visitors Leadership Programme (IVLP) Impact Awards.
In this interview with IJEOMA THOMAS-ODIA, Staveley, an avid global speaker who has spoken at countless global and continental cybersecurity events, including EC Council Masterclass Webinar Series, World CyberSecurity Summit and Africa Cyber Defense Forum, shares her experiences in the cybersecurity space, and her effort to encourage more girls to embrace the field.

Share with us your growing up experience and how it informed your passion for cybersecurity?
My father was a public servant and my mum a petty trader, so I usually describe my family as wealthy. I say wealthy, because my parents were not materially rich, educated or affluent, but they raised me in a home full of love and hope. Hope in this context wasn’t wishful thinking; it was recognition of my strong potential for exploits, an open mind to venturing into the unknown and willingness to sacrifice everything for me to access good education.

To be honest, I never set out initially be a cybersecurity professional; I started out buying into my parent’s dream of me becoming a medical doctor. So, when I sat for JAMB, I chose Medicine. As God would have it, while I waited for the admission to come from my preferred school, my parents sought to keep me busy and ensure I don’t get distracted like the other girls in my neighborhood who were getting pregnant as teenagers. I was enrolled into what we used to call Computer School. It was in that place I found that my real passion wasn’t medicine but it was in tech. In no time, I had learnt how to code in Jawa, C# and other programming languages.

Although I couldn’t afford a computer at that time, my eyes lit up every time I got the opportunity to code and build something with my computer. So, when my admission finally came, I knew I had to convince my parents to let me turn down my admission to study Medicine and pursue a career in Technology. So, I bought cardboards and made a presentation using what I had written on them, to pitch to my parents that a career in Technology was better for me.

My parents were brave enough to accept my proposition, because although they could not fully understand the path I chose, they could tell I was really passionate about it and will do well. My parents worked really hard and were able to see me through my time, studying software development. I completed that Diploma in software engineering and was blessed to get a scholarship from the Cross-River State government under the leadership of the then governor, Liyel Imoke. So, I studied IT and business information systems at the University of Middlesex and graduated with a first class.

I returned to Nigeria, applied for another scholarship to study IT Management from the University of Bradford. I got this scholarship yet again, went to England to study and graduated with a distinction. However, It was during my MSc study that my interest in cybersecurity was pique; starting off with an elective I chose, which was cryptography. With the guidance of my mentor, I was able to do a lot of self-learning and secure work within and outside Nigeria.

So, what informed your interest in Cryptography and heightened your interest in cybersecurity?
I ventured into cybersecurity during my Masters at University of Middlesex. I had gone in to study management at the University of Bradford and I was asked to pick electives and as I looked at the lectures, a lot of them were very familiar due to the fact that I had just finished it in BSc in ITM Business Information Systems. So, I didn’t want a repetition of the modules I had picked as electives in my undergraduate studies. I looked around for the most unfamiliar elective and just to ensure I am constantly challenging myself. So, I picked cryptography, because it offered me something new, even when I didn’t know it was a part of cybersecurity and it was going to be exciting.

I started attending the classes and picked more interest by self-studying. My lecturer also mentored me at the time; I also got some of my first opportunities as well from him and it’s just been a growth trajectory from there. That was how I got into cyber security by mistake or accidentally like I would call it and from then on, it’s been just growing and enjoying myself in the field, because cybersecurity is one field where you constantly have to continue learning and constantly having to build one skill set. That continuous learning is what I find most exciting, apart from the very vibrant community that cybersecurity has.

Cybersecurity is not a female dominated field and you have been helping women and girls start a career in the field, how are you achieving this?
Some surveys tell us that globally, women hold 20-25 per cent of the jobs in cybersecurity. This is by far an abysmal percentage for an industry that has millions of unfilled job positions that could be filled by women if we got more intentional about breaking down the multiple challenges women face with starting and keeping a career in tech (and specifically cyber security). While this is a global problem, I can assure you that the hurdles the average woman or girl in Africa crosses to be able to start a career in cybersecurity, is even more.

For this reason and more, we have created a programme called Cyber Girls, a one-year fellowship that equips girls with globally sought-after cyber security skills, helping them to seize work opportunities within Africa and across the world. This initiative contributes to achieving Sustainable Development Goals (SDGs) 1 – No Poverty, 4- Education, 10 – Reduced inequalities.

With Cyber Girls, what we have done is provided girls and women aged 18-28, living in underserved communities in Africa, with free cybersecurity training/mentorship and possible placement opportunities for the girls and women who come through this programme. We are currently running this programme in seven African countries of Nigeria, Ghana, Egypt, Rwanda, Zambia, South Africa and Kenya. It’s training 300 girls in our current cohorts in these seven countries and we’re providing them best in class cybersecurity training for free. This programme is important, because some of the issues with having abysmal female representation in the industry, have a lot to do with barriers such as ability to afford quality training, lack of access to computers, myths and stereotypes. So, what we have been able to do is work towards bridging these gaps and showing women that it’s possible for girls and women to also take up space and provide value in the cyber security space.

We started off this programme offering this free cybersecurity training across Nigeria, so in our first cohort, we trained 100+ girls in Kaduna, Ibadan, Adamawa, Kogi, Enugu and Cross River. Our alumni have gone on to secure entry level jobs and internships with leading cybersecurity consulting companies in Nigeria, within the African continent and beyond.

You are also passionate about protecting the most vulnerable and businesses in communities, tell us about some of your activities towards this cause?
I am particularly very passionate about vulnerable people and businesses in our communities and by vulnerable, I mean they are more likely to be victims of cyber crime than other demography’s or other categories or groups. So, one of those demographics or one of those groups that we call vulnerable children are increasingly having access to devices to learn to be entertained, but a lot of parents do not know how to keep their children safe online. So, we look at children also as a vulnerable demographic and we have a programme for them, we use storytelling to help them become informed and empowered as digital citizens to take the right decisions and protect themselves online.

I also recently became an awardee of the U.S State Department’s International Visitors Leadership Programme (IVLP) Impact Awards. The grant awarded will be used to create storified cybersecurity awareness videos tailor-made to help protect senior citizens in Nigeria, from becoming victims of cybercrime. I am looking forward to all the work that will go into producing this body of work and the reverberating impact it will have in our communities.

Another vulnerable group of people in Nigeria is young people. They’re not an obvious vulnerable group, but because of their number. The sheer size of the number of young people that we have lived in technology that may not necessarily also know how scammers can go about deceiving them to defraud them. We also have an initiative called NoGoFallMaga; we’re using entertainment to teach around cyber security awareness. During the COVID-19 pandemic, we were able to partner with the UK Government and they funded mass cybersecurity awareness campaign, which included launching a HipPop Afrobeat song that teaches cybersecurity hygiene; that song was played on radio on many media channels across Nigeria. This was able to reach 10 million people through that particular campaign that period.

Still on vulnerable groups, we also consider SMEs as a vulnerable group and for this reason; we worked again with the UK government during the heat of COVID-19 to train over 9000 employees or smaller medium scale enterprises in Nigeria. What we did with that was to train tech people using technical resources and we took the non-technical employees of these SMEs as well and obscured the terms to ensure they understand cybersecurity hygiene best practices.

We also launched a toolkit, which are bundled free and vetted cybersecurity tools to help bolster the cybercrime defences of SMEs in Nigeria. These free tools and resources will help SME’s improve their cyber security posture. We worked closely with stakeholders like the Office of the National Security Advisor, SMEDAN, NITDA and more, to ensure this toolkit was great for Nigeria.

You have worked and collaborated with international bodies, how would you say Nigeria is faring in cybersecurity?
I’ll say Nigeria is still a far cry from where we should be in terms of cybersecurity awareness. We desperately need a very strong and consistent multi stakeholder approach to solving cyber security issues within Nigeria. We have just short stints of interventions; we don’t have very strong communications around cyber issues. If we were to treat cyber security like we treated any of the pandemics or indicative pandemics, we would have been in a better place.

Let’s take for instance, our radical approach to Ebola, if we could take the same very coordinated multi sector approach to fighting cybercrime, I believe that we will be better of. So, this is something I’ve been advocating for, collaboration with international bodies within the private sector, civil society, public sector, including the media, as well come together and really help with fighting cybercrime.

What do you consider a major challenge in your drive to achieving cyber consciousness in our communities?
There are many myths and stereotypes that stands in the way of cybersecurity consciousness, because the average person would tell you, ‘who knows me now, how much do I even have that somebody is going to target me?’ But increasingly, we’re seeing that that’s not true, so people are generally in denial of cyber issues and we are approaching from the angle of ‘God forbid’ like something that’s going to happen to somebody else that not happen to them, or they’re not big enough or attractive enough to cyber criminals.

So, all of these myths, even around the costs of implementing cybersecurity controls and cybersecurity best practices, is also standing in the way of cyber consciousness. People would tell you, ‘I never see food chop, why would I be bothered about cyber security?’ It’s one of those problems that we don’t prioritise as a problem until it eats us so hard; then we begin to see that we have many problems. But this is top on the list of problems that people only get to acknowledge as a problem after they’ve been hit by cyber attack or someone in their scope influence are hit. So, people generally do not have a proactive mindset or preventive measures to cybersecurity and they just get to react to the issues when they’ve already been hit.

How can more women embrace opportunities in cyber security?
I would say there’s been no better time to be a woman and interested in tech than now. There are so many opportunities and there are so many programmes focused on gender and considering costs, both for within and outside Nigeria. So, what I would say for any woman looking to embrace cyber security or the opportunities therein is that you should open up your mind first and foremost. Acknowledge the fact that your gender can never be in the way of anything you want to achieve and you can achieve whatever you want to achieve, as long as you put your mind in, because the same mind a man has is the same mind you have. I dare say to a large extent, even better, because certain capabilities come to women naturally; like your instincts, your ability to multitask is desperately needed in cybersecurity. You know your attention to detailed list of things that come to you naturally as a woman that may not necessarily go to a man, so these things are required to excel in this domain.

What advice do you have for women and girls on being their best and living their dreams?
Don’t be afraid to go after your dreams. Sometimes, it may require courage to pursue what you want, but the minute you determine in your heart that you want something and you put in the work, you will achieve it. You have all it takes to live your best life, whatever ‘living your dreams’ means to you.

Among your many caps, you are also an avid speaker, wife and mum. How are you able to juggle between roles and be at your best?
This is quite an interesting question and I’m not someone who’s trying to be a superwoman or trying to be everything to everyone at the same time. I strongly believe that the life of a woman is in seasons and these different seasons will have different demands and the intensity of these demands will vary across facets of your life.

Sometimes, your work life may demand more in a season and in the next, your family facet makes more demands on your time. I personally always stay conscious of what season I am in and prioritise accordingly. I also create structure around how I manage my time and my calendar helps me stay organised. I schedule as little as picking up my son from school, even though that happens once a week. I delegate everywhere possible and I rely on the structures I have built.

I’ve also surrounded myself with a community of people at work and home that I trust and who love me. My family is incredibly supportive (nuclear and extended family), I’m also married to the most supportive man in the world. So, I believe that community and that help around me has been very essential to my growth.

How do you get inspiration and stay motivated?
I’m quite a big picture thinker and I stay motivated by constantly reminding myself of what this is all about; why did I start this, where am I looking to head to at the end of the day. To be very honest, I get those little pumps of energy that comes from success. I mean, when I see a girl with trade for example going to get a job and goes from earnings say $20 a month to earning $800 a month, it changes everything and gives me fresh energy as well to keep pursuing my goals around getting more women into cyber security. So, those little pumps also help me along the way, but generally speaking, that big picture of seeing me wanting to see that when I walk into any establishment it be increasingly harder not to find a woman qualified enough to take a cybersecurity role than we currently have. That big picture is there, constantly reminding me that I keep pushing on. I have to keep driving the ecosystem and driving partnerships across board locally and internationally to ensure that goal is achieved.

I am also frequently inspired by the problems in my community. I look at these problems and they provoke me to think about solutions for them. For example, there is currently a skills shortage problem in the tech industry, yet in one of the world’s most populous country, there is a surging unemployment and underemployment rate (with women being the most disadvantaged), and a huge youth population seeking employment.

I am also inspired by the growth and progress of the people who come through our doors as beneficiaries of our human capacity development programmes. For example, while we were having this interview, I saw a tweet of a CyberGirl, which read, “Thanks to Cybersafe Foundation, I can perform memory forensic analysis with volatility. Working on my pace and skills but at least I am getting more knowledge day by day #cybersecurity can’t wait to be refined cybersecurity expert. The dream is aligning.” Reading these types of feedbacks, really inspires and motivates me.

What is your life’s mantra?
Good, better, best. I will never rest until my good is better and my better best!