Head of Consulting Australia, BAE Systems Digital Intelligence
5 Apr 2022
How did someone who hated computers and knew nothing about cyber security when she left school end up as a senior leader at BAE Systems Digital Intelligence? Annette Costello explains…
Right, first up, let’s get one thing straight. Cyber security is so much more than hacking and breaking stuff! It’s actually about analysing information and engaging stakeholders, asking questions and managing risks – and much else besides.
At no point did I ever decide I wanted to work in cyber security. Other than a little bit of dabbling – I have never really ‘cut code’. I still don’t know how to ‘hack’, and, my education – while relevant to the industry I work in – never prepared me for cyber security per se.
But where I started from and where I am now are worlds apart. Back then, I was a junior civil servant, writing the business case for Australia’s then largest data warehouse. Today, I head up consulting in Australia for the international government business of BAE Systems Digital Intelligence.
In between there have been a variety of roles largely shaped by governance, risk and compliance and a number of lessons learned along the way. Here are just a few of them.
One – you will make mistakes.
Philosophical people will tell you this is how we learn. I’ll share some advice I was once given: Making mistakes is par for the course, but it’s what you do next that counts. By this I mean – admit you were wrong; ask others for help; don’t every try and sweep things under the carpet. Trust me, I have made, and still make, plenty of mistakes. However, I always own up to them and I try hard never to make the same mistake twice
Two – be curious.
When you’re young, those around you expect it – and if you aren’t – the people you work with will not only be frustrated working with you but they will also be worried you’re not learning. When you’re older, be curious – ask questions. Those around you will see you as interested in them and interested in continuing to learn, and they’ll appreciate your curiosity.
Curiosity can also be about learning, studying and learning some more. This doesn’t have to be formal education – and more frequently than not, it isn’t. Don’t wait for someone to pay for you to do a course – you have the ability to learn at your fingertips. It can be micro credentials, YouTube videos, or a book that has been recommended to you. Be hungry for information – information is what will help you gain confidence and propel your career.
Three – be brave and say yes to opportunities.
Sometimes it will feel weird, and sometimes you will feel completely unprepared and under-equipped to do the job. Sometimes you’ll feel out of your depth. But, what’s the worst that can happen? You might make a mistake but you’ll gain some experience, most likely work with some incredible people, and you’ll learn something. You just might set your career on an unexpected journey.
Four – confront imposter syndrome.
Throughout my career I’ve been consumed by ‘imposter syndrome’. If I’m honest, sometimes I still am. It’s a conversation I had with my own mentor only a couple of weeks ago – and you know what? She could relate. My mentor, this amazing woman who is the CISO for a global company, this hugely qualified woman who, like magic, seems to have it all figured out, admits that sometimes she also feels like an imposter.
Five – get a mentor.
This is something I only recently did in a formal capacity, and I truly wish I had done so much earlier. I would have saved myself some internal torture from the imposter monster, I would have been exposed to different ways of thinking, and I would have been more connected and visible.
My mentor has encouraged me to connect with diverse professionals from all over the world via the likes of LinkedIn and conferences, as well as networking events and industry bodies. I have discovered many security professionals have come from non-technical backgrounds – they too are proof you can have a successful career in cyber security without having a tech speciality.
Believe in yourself
I really believe you are the only one who will place limits on yourself. Most skills are actually transferable – or useable – in cyber security. You may need to take on an entry level role if your skills are a little out of date, or you are still relatively new to the workforce. From where I sit, often the hardest part is finding people with the right attitude – a willingness to give things a go. We can teach you how to do the job.
So start building a foundational knowledge by reading, watching videos or studying and then reach out to the cyber community that is full of fascinating people who are willing to help share their knowledge to help you find your way.
I look forward to working with you.
This year’s WeAreTechWomen One Tech World Conference was an opportunity to spotlight the disruptions and innovations impacting the tech industry
Take a read of the perspectives from BAE Systems Digital Intelligence speakers at the event
From Boot Camp to BAE Systems. Jen Openshaw is not your average software engineer. She tells Victoria Knight about switching careers, the benefits of a coding boot camp and leading the charge for more women in the tech sector
Nick James, Day in the Life. In the first of a new series, Nick James, Executive Engineer, Space, tells us about his typical day at work
A Day in the Life of Isabel van Dooren. Continuing our series spotlighting the roles and lives of our employees, Isabel van Dooren, a development manager for our NetReveal® Platform, tells us about her working day and explains why she is so passionate about scaling solutions
Delivering diversity in tech. Theresa Palmer is on a mission to help more women into the tech industry. She explains what we need to do to create a gender balanced workforce