Rebecca joined Secureworks, a Sophos Company, in 2014, where she developed an immediate passion for cybersecurity. Rebecca quickly expanded her cyber acumen, working across a variety of roles including Business Operations and Incident Command, finally moving into her Threat Intelligence Knowledge Manager role in 2022. Rebecca is focused on the implementation of knowledge management processes and procedures for the Counter Threat Unit, the ingestion and management of Secureworks Threat Intelligence knowledge, and its associated quality, storage and maintenance. She is also a Human Intelligence Researcher spending time on the darkweb and on underground forums, with a focus on data dumps, access brokerage and emerging threats. Rebecca has been acknowledged in industry for her contributions, most recently winning ‘Security Woman of the Year’ at the Computing’ Security Excellence Awards 2024.
Recently, in an exclusive interview with Digital First Magazine, Rebecca shared her professional journey, insights on the role of threat intelligence evolving in the next 5-10 years, personal hobbies and interests, her favorite quote, future plans, words of wisdom, and much more. The following excerpts are taken from the interview.
Hi Rebecca. What inspired you to pursue a career in threat intelligence and cybersecurity?
My journey into threat intelligence and cybersecurity was not via the usual technical or STEM career pathway- Some might argue it was by chance! When I finished at the University of Portsmouth back in 2012 with my English and Creative Writing degree, I wasn’t sure what to do next or where to turn. But the stars aligned, and I was headhunted for a Personal Assistant role at Secureworks – Little did I know the opportunity would entirely change my life.
On joining Secureworks, a Sophos Company, I instantly saw the depth and breadth of opportunity for me in cybersecurity. My initial role was focussed on supporting the EMEA Managing Director, helping him keep on top of his diary, organising travel and meeting rooms. But through this I was exposed to so many areas of the business, so many thought leaders and role varieties, but all held by people from different backgrounds with different skillsets. This inspired me and helped me see that I too could have a role in cybersecurity, but that had to be driven by me and my aspirations – I was my only limitation. So, I begun to study cyber topics that inspired me, explored what really made me tick from a cyber professional perspective, got myself a mentor and held on for the ride!
My career ever since has continued to flourish, consistently driven by an earnest urgency to learn and comprehend the real-world threats and risks we face on both an organisational and individual level. The need to understand cyber threats and become ‘cyber-proficient’ became not just a professional interest, but a personal mission. I wholeheartedly believe I am both accountable and responsible as a subject matter expert and a mother, to promote cyber awareness and education particularly in children and families. We must all be cyber conscious and do all we can to stay safe online. This is a mission I continue to work, and a passion I don’t foresee ever going away.
During my time in industry, I have held roles in Incident Response and coordination – Roles where I have been thrust into the frontlines of security crises. Each experience was a sobering reminder of what is truly at stake: the preservation of human life and of our communities. Whilst the cyber-attacks I saw were vast and varied, they had real world and real-life consequences. Real human impact. Which is where truthfully, I saw that the key to effective defence from cyber threats lay in threat intelligence—understanding not just the ‘what’ of threats, but delving deep into the ‘who’, ‘why’, and ‘how’. The relevance of context in these situations cannot be overstated. These realisations propelled me towards ensuring that critical knowledge is not only accessible but also functional, useful, and standardised for the teams, tools, and communities who need this intelligence and understanding. Which leads me to my main role today as a Threat Intelligence Knowledge Manager.
Now for those ‘eagle-eyed’ readers, you will notice my job title also includes the word Researcher. For just shy of a year now I have been working in Human Intelligence, exploring the darkweb and underground forums with a focus on access brokerage, data dumps and emerging threats. This has been a learning curve, but one that has brought me nothing but joy. My cybersecurity experience to date has focussed on the impact of cyber-attacks and the tactics, techniques and procedures used, but now I am able to understand more of the human behavioural and psychological side. Adding this skillset has allowed me to truly piece a full view of the threat together.
What do you love the most about your current role?
That’s a great question! What excites me most about my job is the profound sense of purpose and fulfilment I get from knowing that I’m making a tangible difference in protecting people from cyber threats. Cybersecurity is about protecting, detecting and responding to the threat, deterring and stopping cyberattacks and cybercrime which, when left can have the power to disrupt, damage or destroy businesses, communities and lives. Being part of that protective shield is immensely rewarding.
Moreover, I absolutely love the constant challenges my position brings. Whether it’s staying vigilant against evolving threats or designing effective strategies to counter them, each day is an opportunity to learn and grow. Crafting accessible content that demystifies complex cybersecurity concepts for a broader audience is both challenging and gratifying.
Additionally, getting into the nitty-gritty of knowledge management allows me to streamline the flow of information, ensuring that my team and I are always equipped to tackle new challenges with precision and confidence. The dynamic nature of my work keeps me engaged and continually pushes me to expand my skill set. Overall, it’s the perfect blend of making a difference and being intellectually stimulated every day
How do you see the role of threat intelligence evolving in the next 5-10 years, and what skills and qualities will be essential for success in this field?
I have quite a few predictions as I think in many ways, the power of threat intelligence is underestimated right now. So here goes for evolved roles of TI
I see the importance of tailoring threat intelligence to specific needs will grow exponentially. Cyber attackers are continually evolving, targeting specific industries, verticals, and victim types with ever-more sophisticated tactics. As a result, organizations will need to refine their threat intelligence strategies to protect their unique infrastructures more effectively, and threat intelligence will need to be built to do that. On the other side of the coin, industry and Government will need to home in on tailored threat intelligence for individuals and to aid the building of a truly cyber conscious and cyber safe society. This will include threat intelligence signposting, escalation pathways and alerting.
Currently underutilized by some organizations, I believe threat intelligence will become a normalized and accessible type of information and board room conversation! The importance of threat intelligence is bubbling at the C-Suite level, but as more organizations fall victim to cyber-attacks including ransomware, I believe executives will be more invested in the need for TI. This shift will prompt businesses to allocate more budget, time, and effort toward developing threat intelligence capabilities and fostering a deeper understanding of its importance and relevance to their organizational successes and protections.
As cyber threats become more complex and global, threat intelligence will continue to play a critical role in the takedown of cybercriminals, actor tracking, and enhanced surveillance. By leveraging threat intelligence on a global scale, organizations and governments will continue to work collaboratively to mitigate threats and make a significant impact on worldwide cybersecurity efforts. We have seen the sensational collaborations particularly across 2024, the LockBit takedown being a fantastic example – I 100% believe we will be seeing more of this!
If I consider threat intelligence as a technique and practice, there will of course be new threat actors, vectors, and capabilities. The integration of artificial intelligence (AI) in threat detection, protection, and response measures will become increasingly apparent. However, it is essential to recognize that cybercriminals will also utilize AI to enhance their malicious activities. This technological arms race will necessitate innovative approaches to threat intelligence.
Despite these advancements, the fundamental skills and qualities required for a role in threat intelligence will largely remain consistent. Professionals will need to articulate and communicate threats clearly, with storytelling and writing capabilities remaining vital in making threat data comprehensible and actionable. I have said it many times in my career, but thought leadership and diversity of thought will be critical in facing the threat head on, more so than technical qualifications or skillsets. Expertise in understanding the threat landscape, tactics, techniques, and procedures (TTPs), combined with an understanding of geopolitical dynamics, will remain invaluable. I do think there will be the need for specialisms in sourcing threat intelligence in relation to emerging or enhanced technologies like artificial intelligence or new IoT devices. These skills will ensure that threat intelligence is both accessible and impactful, equipping organizations with the full range of insights needed to remain cyber safe.
What are some common misconceptions or myths about cybersecurity and threat intelligence that you’d like to debunk?
There are many I could focus on here, but I am going to highlight these three–
Threat Intelligence is only for large corporations: A common misconception is that only large organizations with vast resources benefit from cyber and threat intelligence. In reality, businesses of all sizes can and should leverage threat intelligence. Threat intelligence can help businesses of any size and experience to understand potential threats, prioritize risks, and implement more effective security measures.
Cyber Threats Are Solely Technology Issues: There’s a tendency to view cyber threats as purely technical challenges, suggesting that they can be addressed by technology alone. This myth overlooks the human dimension of cybersecurity. Cyber threats often exploit human vulnerabilities, such as social engineering attacks, phishing, and poor security practices. Intelligence strategies must therefore include training employees, developing a culture of security awareness, and understanding the motivations and tactics of threat actors.
The darkweb isn’t always ‘dark’ – Now this one specifically relates to my role in Human Intelligence, and it was something I was misinformed on until much later in my career! While underground forums and dark web sites often evoke an image of shadowy dealings and malicious intent, it’s important to remember that they are frequented by individuals who, like anyone else, seek community and connection. Amid discussions of access brokerage, selling compromised data, and malware offerings, there exists a parallel narrative where participants talk about job hunting, mentorship, personal challenges, gaming, and a myriad of everyday topics. These spaces, though cloaked in anonymity, are not solely defined by their illicit activities.
Can you elaborate on your experience as a TEDx speaker and award-winning leader in cybersecurity, and how you use these platforms to advocate for diversity, equity, and inclusion in the industry?
Diversity, equity, and inclusion are more than just buzzwords; they are crucial parts of thriving organisational culture. Embracing diversity broadens the range of idea and thought leadership, which enhances problem-solving, innovation, and decision-making, while also fostering cultural understanding. It’s essential for all organisations to actively advocate for and build an inclusive environment welcoming to people from all walks of life. By understanding and embracing diversity, we can significantly enhance our capability to protect, detect and respond, ultimately benefiting our teams, communities, and nation. I am proud to be someone, along with many other influential individuals, who are screaming that message from the hilltops!
My recent TEDx talk, “Digital Shadows – The Perils of Imperfect Footprints in a Digital Age,” as well as the industry recognition I received in 2024, put me in a position of privilege and power – One which I use for good. It wasn’t that long ago, that I looked around the cyber industry and saw no one that looked or felt like me – I don’t want anyone to ever feel like that again, which is why DE&I matters. I am more inspired than ever before to bring more women and underrepresented groups into the cybersecurity field – It is a necessity.
I push for DE&I in a variety of ways, whether simply advocating on the topic, being a mentor or sponsor for members of underrepresented groups or promoting equity in the workplace. From a threat intelligence perspective, I build inclusive practices into the way I work and share intel – Whether that being making sure content is structured in differing formats to support different ways of learning, that I use accessible colours, or that I consistently ask about reasonable adjustments and accommodations to suit the diverse team and community I’m within. Something as simple as helping a fellow female with their resume, or to make a connection with someone in your network – Small acts go a long way when it comes to diversity, equity and inclusion, but it is something we should all be proactively doing.
Who has been a significant influence or mentor in your career, and how have they helped shape your professional journey?
There are so many people I could list here!
One of the biggest influences in my life has been my best friend and superwoman in cyber Emma Jones. Emma worked in Secureworks in Incident Response and was the first person to really make me feel brave enough to advocate for DE&I change. She would give anyone the time and space to talk, she challenged the status quo, she was a subject matter expert in Incident Response, she was making waves in industry to advocate for all underrepresented groups to have voices and platforms. She now works for CrowdStrike in their Cyber Incident Response and Readiness team and my goodness are they lucky! She is just fabulous in every possible way.
Another significantly influential figure has been the absolute superstar Amelia Hewitt. I met Amelia as part of a course called Empowering Women to Lead Cybersecurity, and she has entirely changed my life. She hears me, sees me, and appreciates me for exactly who I am. She makes me feel brave and like I can do anything I put my mind too. I absolutely love the bones of her.
It would be entirely wrong of me to write this piece if I didn’t call out Wendy Thomas. Wendy is a gamechanger and gives me hope. Wendy has worked incredibly hard to get to where she is, has had lots of experiences across the industry, and has done all this as a Mother and a Wife. She is also very normal (which might seem like an unusual thing to say), but she is always open to a catch up, cares about our families and has on several occasions advocated for me (which has also blown my mind!). I see myself in her, and I see that if I keep trying my best I can be a successful women in cyber too. The day she became Secureworks CEO I cried, because it meant change had happened and that she was not only a positive role model for me, but for women everywhere.
What are some of your passions outside of work? What do you like to do in your time off?
When I’m not working, my spare time is a delightful juggling act that sees me wearing various hats! I’m a proud Board Advisor for a fantastic not-for-profit called Cybaid, where we provide pro-bono cybersecurity services to small businesses and charities. Giving back with the skills I’ve acquired is the dream and something which brings me a lot of joy!
Of course, that’s only when I’m not busy being Mum! Motherhood is an all-consuming role that requires boundless energy, unending patience, and an impressive ability to name every Transformer and Sonic character, while knowing every word to the Wicked soundtrack. My children are my life and my absolute everything – I do everything I do, to give them the best lives and experiences possible.
On top of that, I’m also the Secretary for my children’s Parent-Teacher Association (PTA), where we arrange lots of social gatherings, fetes, parent-led events and the occasional meeting that involves more tea and biscuits than actual minutes. In just two years, our PTA has raised nearly £50,000 which we have used to redevelop the school playground and to build two libraries with added quiet spaces for children with additional needs. I am delighted to be able to support in this way, and directly improve the education and wellbeing of so many children.
What is your favorite quote?
‘The strongest actions for a woman is to love herself, be herself and shine amongst those who never believe she could’ – Unknown
What are your long-term career aspirations, and how do you see yourself evolving as a leader over the next five years?
In the long term, I am committed to enhancing my research skills and producing threat intelligence that is both useful and accessible. This journey involves becoming a stronger technical writer and delving deeper into specialisations such as dark web and underground forum presence and persona development, as well as harnessing my skills around data dumps, access brokerage, and emerging threats.
As I consider my path toward leadership, I find myself undecided about pursuing a traditional people management role. My concern lies in ensuring that I don’t let people down, as I truly care about the impact I have on others. However, the more I work in the field of threat intelligence and cybersecurity, the more I feel the desire to give back. By stepping into a managerial role, I see the potential to influence diversity, equity, and inclusion in hiring—an aspect of leadership that excites me. I am inspired by the idea of building a legacy of superstar cyber professionals who can contribute to the field in meaningful ways. Even if I choose not to become a Manager, I am determined to be a leader and an active participant in the ‘cyber conversation’. I believe that by continuing on my current path, I will keep growing from strength to strength.
From a long-term career perspective, one of my goals is to contribute more to societal well-being, particularly in helping families stay cyber safe. While I love supporting organisations, I believe there is so much more to be done to protect children and families online and to encourage cyber-conscious decisions. I would love to play an active role in making threat intelligence understandable, accessible and relatable to these critical demographics.
What advice would you give to individuals looking to break into the cybersecurity field?
Embarking on a career in cybersecurity is like navigating a vast landscape where paths can lead in numerous exciting directions. One essential piece of advice for anyone entering this field is that there’s no need to rush into identifying your ideal cyber niche or career path. Allow yourself the time and space to explore and find what truly resonates with you.
Start by seeking mentorship opportunities. Connecting with experienced professionals can provide invaluable insights into various cybersecurity roles and help you understand the intricacies of each specialty, from penetration testing and incident response to security architecture or governance. Mentors can guide you, share their journey, and help you see the possibilities that you might not have considered.
Additionally, embrace learning on the job. Cybersecurity is ever evolving, and so real-world experience is vital. Look for roles or internships where you can get hands-on experience and understand different aspects of the field. These experiences can significantly shape your understanding and highlight areas you might find particularly rewarding. Volunteering is another excellent way to gain exposure and build your skills. Many organisations are grateful for cybersecurity assistance and will offer you a chance to work on meaningful projects that can broaden your understanding while also benefiting a good cause.
Remember, the journey is as important as the destination. Your career in cybersecurity doesn’t need to be fully formed from day one. Focus on what makes you happy. Explore diverse opportunities, absorb knowledge, and let your interests guide you. Over time, you’ll carve out a pathway that not only suits your skills and aspirations but also fulfils you personally and professionally. Enjoy the process, and your passionate pursuit will naturally lead you to the right place.