Octavia Howell isn’t a fan of ‘impostor syndrome’ — a theory created by psychologists in 1978 to explain why some high-achieving women feel they don’t deserve their jobs.
“I think impostor syndrome is made up by stupid people who want to put other people down,” the CISO of Equifax Canada told the siberX Women in Cybersecurity conference in Richmond Hill, Ont. this week.
“Dumb people who are in power make things difficult for people who are smart so those smart people don’t take their jobs.”
This prompted a round of applause from the audience.
The topic was one of several raised in a panel on the evolving role of a CISO. On the panel were Howell; Maggie Calle, vice-president and CISO of Varicent, a Toronto-based sales performance management provider; and Rhonda Bunn, CISO of the province of Ontario.
The question of impostor syndrome was raised by moderator George Al-Koura, CISO of online dating site Ruby Life, who said some women, visible minorities, and immigrants feel uncomfortable with success.
It’s important to be yourself, Howell said, or, as she put it, “Own your stuff.”
“There are people better at some things than I am. Let them have that.”
“I was youngest corporate VP in my [former] company, about to turn 30,” she recalled. On the phone, no one knew how young she was. But when they met her, suddenly those people didn’t want to deal with her. “I realized you get the fully-grown authentic me,” she said. “And if I don’t like something, I’ll say it doesn’t make sense.”
It’s a full-time job to be yourself, said Bunn, and not be someone else. She recalled her first day as CIO of the city of Kitchener, Ont., when a senior person she respected advised on what she should say at her first staff meeting. She tried following his words — being someone else — but they didn’t feel authentic. “When everything goes awry, be yourself,” she said.
Being yourself, Bunn added, will help gain the trust of staff. No one can feel that, if they don’t act like a person they admire, they’re not good. “Everyone is different,” she said. “You have to find your niche.”
It’s not a good investment to be someone you’re not, added Calle. “It would be exhausting.”
Al-Koura asked panelists to talk about how they worked their way up to be a CISO. Bunn said “part of it was finding a champion who believed in me,” a person who “validated that I deserved a seat at the table.
“Part of the barrier was in my own head,” she admitted. “I was doubting myself.”
“And then it was taking risks, learning from failure, and learning from the roles you did not like.”
Calle recalled having to learn different lessons from working in IT for regulated companies in the banking and insurance sectors — which she said were more project-oriented — and now for an unregulated firm — which she said is more product-focused. “My job now relies on the fact that I have to be an enabler to the business,” which includes meeting with customers.
Howell called herself a “techie at heart” with a computer science degree. [And proud of it. “Those who aren’t nerds don’t earn six figures,” she told her son.]
The IT infrastructure at a firm she once worked for felt like it had to be held together “with tape and Elmer’s Glue,” she recalled. In contrast, at Equifax, security includes not only protecting the IT infrastructure, but also data.
Learning how to build relationships is vital for a CISO, she said, noting she has to deal with everyone from the sales team to product managers.
“Developers are my friends, they’re the best people,” she said at one point. When the moderator teased her, saying “You don’t beat them hard enough,” Howell replied, “You don’t build relationships by cracking down on them. You build relationships by helping them be better developers.”