Faces of Security

Faces of Security: Noureen Njoroge from Nike

Noureen Njoroge, Director of Global Cyber Threat Intelligence at Nike, has dedicated her life to solving problems, leading teams, and mentoring others, especially women entering the cybersecurity field.

As a global keynote speaker and winner of several industry awards, Njoroge has vast knowledge of business management, threat mitigation, and data privacy. Before joining Nike, she worked at Cisco, Leidos, Bose, and Monster. Njoroge earned a bachelor’s degree in Information Technology from the University of Massachusetts and is a graduate of the Cybersecurity program at MIT.

Njoroge currently plays a major role in the Women in Cybersecurity (WiCyS) organization, serving as President and Co-Founder of its North Carolina affiliate and as a member of the national board of directors. So devoted to the cause is Njoroge that she’s even learned sign language to “help deaf girls who are very good at coding and passionate about cybersecurity despite their hearing impairment.”

To learn more about Njoroge, please check out her responses for Total Security Advisor’s latest “Faces of Security” profile below:

How did you get your start in the security field?

Curiosity led me to a cybersecurity career. I was that one student who always had questions to ask. Upon obtaining my bachelor’s degree in Information Technology, I landed a Systems Admin role. Those late-night shifts at the datacenter were the core foundation of my career, as I learned a lot. While at this role, I attended a lunch-and-learn session that was hosted by the Infosec team. They shared information on the latest malware trends, tactics, techniques, and procedures used by the threat actors. I was so fascinated by the knowledge shared, and I asked so many questions to the point where they offered me the opportunity to shadow the team to learn more. It was this opportunity that deepened my interest in security. Later, I was offered an opportunity to join the MIT Cybersecurity program. From the knowledge I had already attained, I knew that cybersecurity would be the future, and I wanted to be a part of it.

Who is/was your biggest influence in the industry?

I would like to quote Isaac Newton and say, “If I have seen further, it is by standing on the shoulders of Giants.” So many of my coaches and mentors have played a big role in influencing me in the industry.

What’s your favorite part about working in the industry?

It’s an ever-changing industry landscape, which keeps me motivated to keep on learning and sharing with others. In addition, I get to make many wonderful connections as I interact with my fellow peers in the industry.

What changes would you like to see?

As a mentor of many, I would like to see more people, especially those that have been in the industry for a while now, lend a hand to those trying to break into the cybersecurity industry. Just like MLK stated, “Life’s most persistent and urgent question is, ‘What are you doing for others?'”

As a leader in the WiCyS organization, do you think the cybersecurity industry has become more inclusive over the years?

Interesting question indeed. I would say we are making progress and hope to continue with that upward trend. Much can be said about what work can be done; however, I will list just a few actions here:

  • Keep advocating for others as they enter and grow in the cybersecurity industry.
  • Practice suitable hiring practices that attract the right candidates, and embrace the authenticity everyone brings to the table.
  • Hire and retain the ideal candidates, as people do not just want to belong; they want to contribute too.

How can company leaders make cybersecurity a value within their organization?

Three suggestions that come to mind are:

  • Incorporating cybersecurity best practices within their business strategies that focus on fostering a security culture mindset, reduce risks, and allow scalability and innovation, while enabling the business to deliver their outcomes securely.
  • Investing in their people as they are the greatest asset that add value to growth and profitability of the organization.
  • Future forecasting: Leaders can use cybersecurity data metrics and threat trends to advise the business on what areas of security the business needs to focus and invest in the future to steer away from being the victim of targeted attacks, which could lead to huge financial impacts.

Where do you see the cybersecurity industry heading in five years?

It’s all about digital transformation in various ways. I love this industry because it’s ever changing, and we ought to learn to adapt, with some notable trends such as:

  • Automation
  • Cloud migration
  • Zero trust
  • More focus on IoT as lots of interconnected devices continue to increase
  • Increase use of AI and ML while analyzing data
  • Metaverse and crypto

What are you most proud of?

I could write a book on this but will list my top 3:

  1. Board membership contributions: I serve on several corporate boards, and one that I am very proud of is the Women in Cybersecurity (WiCyS). It’s a global community of women, allies, and advocates. We are dedicated to bringing talented women together to celebrate and foster their passion and drive for cybersecurity. We unite local communities of aspiring and thriving women cybersecurity professionals across the world to collaborate, share their knowledge, network, and mentor. We create opportunities through professional development programs, conferences, career fairs, and more.
  2. My mentees: Walking the journey with them and seeing them thrive brings me great joy and makes me very proud.
  3. My achievements: It’s been an uphill journey, but the view from the top is superb.

Do you have any advice for people entering the cybersecurity profession?

  • Be patient with yourself, as it takes time to grasp the vast domains of cybersecurity.
  • Embrace change, as this industry is constantly evolving, and you have to constantly learn to adapt.
  • Get a mentor ASAP to help answer your discrete career questions and provide you with tailored career advice.
  • Do not rush into certifications, as they can be costly. Instead, gain some experience, and then consider which specific domain certificate you’d like to pursue, if necessary.
  • Network with others in the industry by attending local meetups, chapters, and social media platform group gatherings.
  • Lastly, don’t be too hard on yourself. Cybersecurity is indeed a journey, not a destination.

Anything else you’d like to add?

Yes, I believe we rise by lifting others, and my contribution to this statement is an ongoing effort of mentoring others in cybersecurity. I host a global mentoring session every third Saturday of the month, where mentees and mentors get to connect as we learn from each other about matters relating to cybersecurity. More information is available at cybersecmentorship.org.

Are you or a colleague interested in being profiled for the new “Faces of Security” series? Please contact Editor Joe Bebon at JBebon@BLR.com