With over two decades of experience in the industry, Jane Frankland is a cybersecurity guru. She has advised organizations the United Nations, and governments seek her out when they want to formulate a robust strategy.
We discuss the current landscape of cyber threats, the significant challenges they present—particularly for small businesses—and how you can mitigate your risks and establish strong defenses.
You will learn some of the best practices to keep your business protected, the type of attacks to watch out for and the importance of how everyone in your supply chain needs to be cybersecurity conscious.
As if that wasn’t enough, Jane will also share her journey on how she built Corsaire into a 7-figure global cybersecurity company by the age of 29—all whilst juggling the demands of being a single mother.
From putting in place effective cyber strategies to driving fast revenue growth, this episode has everything you need to scale your business safely and sustainably.
Here is her unfiltered advice below:
- Why would a cyber criminal target a small business?
- Which cyber threats are growing?
- Trust no one—verify every single document and notification
- Basic best practices to keep your business safe from cyber threats
- Cybersecurity isn’t contained to just your organization
- How art and design led to a career in cybersecurity
- Stay on top of cyber threats by building a diverse team
- What happened when the .com boom bubble burst?
- Exiting a business can be very difficult—don’t be scared to ask for help if you need it
- Making women feel seen and heard in the world of business and cyber
- How can we improve gender diversity barriers?
- Pick up on patterns that others might be missing
Why would a cyber criminal target a small business?
Bex Burn-Callander:
I think this topic is going to be super relevant for our listeners because the number of attacks, the diversity of attacks, it just seems to be getting more and more intense and stressful every year for businesses.
Do you want to just tell me a bit about the threat to small businesses? Because a lot of people who are are listening might be thinking, “I’m tiny, why would anyone bother with me?”
Jane Frankland:
We’re becoming more digitalized, so our threat landscape is huge now. We are so interconnected and really the threat is massive.
There’s something that we say in cyber now and it’s not a case of if or when you are attacked, it’s when you discover you’re attacked.
So it’s really important that no matter your size, whether or not you’re a micro business or whether or not you’re a great big multinational, that you really take this seriously and you know what to do.
So right now we know that in the second quarter of this year, cyber-attacks are up 30% year-on-year. And when it comes to cybercrime, which isn’t our only threat actor, it’s actually going to cost the world $23 trillion [CA$31.8 trillion] by 2027.
And that has gone up from $8.4 trillion [CA$11.6 trillion] in 2022. So it’s growing, it’s massive.
The more that we become digitalized, the more that we use technology, but we are being forced to use technology. So it’s a really interesting dynamic and it’s evolving at absolute speed.
And certainly, when it comes to things like AI and Gen AI, it is quite terrifying actually. And I don’t want to frighten anyone, but it is just evolving so quickly and that’s why we’ve got to look at it really seriously and be prepared.
Which cyber threats are growing?
Bex Burn-Callander:
I mean, those numbers are frankly terrifying. But as an average small business, what kind of attacks are most prevalent?
Are we talking about email attacks, trying to get in as a real invoice when you’re a fake invoice? What should business owners know in terms of the likely approaches that could affect their business?
Jane Frankland:
Yeah, well, I mean it is, we’re seeing more threat actors actually logging in to valid accounts rather than actually hacking into accounts.
So we are still seeing things like credential theft as being really a hot vector, a really hot way to get into companies. Things like phishing attacks.
So basically posing as someone else, getting someone to trust you and extracting information or money is another big threat for many businesses.
So it’s being aware, it’s really not trusting anyone rather. So being aware of the situation, what could happen.
If a link is coming through, is it expected? Is it from someone that you trust? Does it look genuine?
And I know it’s really, really hard to actually ascertain what is true and what isn’t because the technology has evolved so quickly since Gen AI. The language is better. We’ve got things like deep fakes.
The actual cost to do cybercrime has come down tremendously.
So it’s cheap for cyber criminals to actually come and attackers to gain access to our systems, to spy on us, and so on.
So things like ransomware, ransomware has grown tremendously. I think I was reading a stat the other day which said that 59% of organizations have actually experienced a ransomware attack this year.
So the threat is growing and it’s really, really difficult for companies of all sizes.
Bex Burn-Callander:
And just for any listeners who don’t know what ransomware is, that’s where a threat actor gets access to your systems and holds them hostage unless you pay them a sum of money.
And we don’t even really know, I think that’s true Jane, how often this happens. Because people often just pay up and they don’t even report it. So this is a massive, massive issue.
Jane Frankland:
And also, what we’re seeing with ransomware is some of the criminals are asking for the ransomware to be paid and because the cost to do this has come down so much, we’re seeing more frequency of this.
And also we’re seeing bigger asks when it comes to some of the larger organizations. So there are, I think, what was it, something like $1 billion [CA$1.3 billion]? I think it’s actually costing companies, they paid $1 billion [CA$1.3 billion] in ransoms.
I don’t know if that’s in the last year or all together, but we’re just seeing so much, so much more. It’s increasing significantly.
And the attackers can be asking for the ransom. They can be threatening to exfiltrate sensitive information. They can be threatening to release it unless it’s paid.
And also they can be threatening to inform the regulator as well. So they’re modifying how they are coming at us, which is really interesting to see.
Trust no one—verify every single document and notification
Bex Burn-Callander:
I think you made a really good point about the sophistication as well. Because I’ve been covering cyber security in the small business space for about two decades and in the early days it was almost laughable.
The English was so bad, you were still seeing those emails saying, “I’m a Nigerian prince and I’m trying to get hold of my rightful inheritance.” A lot of it was really easy to spot.
Whereas now, you’re going to get an email from an accredited supplier saying, “I’ve changed my bank details.” And it seems so innocent.
Jane Frankland:
Absolutely, and I think it’s also worth mentioning that we need to have this attitude of trust no one. Verify every single time.
And I was thinking about how everyone can get caught out, but I was thinking about a notification I got the other day from HMRC.
And it was a letter that came through, but even though it was a letter with a link to go and pay, I still check with my accountants. I needed to verify, is that genuine?
Am I being issued a penalty notice for paying my tax late, which actually I haven’t done. So all is good, but it’s just being aware of every single medium that you’re contacted by, whether it is digitally, whether it’s on a text, or in an email, or even if it’s printed.
So it’s coming through as a letter still with a URL attached to it. Just don’t trust. Verify all of the time.
Bex Burn-Callander:
So trust no one. That’s a great catch-all.
Basic best practices to keep your business safe from cyber threats
Bex Burn-Callander:
But in terms of other best practice, what do small business owners need to be doing? Do they all need password bolts? Do they all need to make sure that they’re on the most recent browser with their antivirus? Is that even a thing now? What can they do in terms of best practice?
Jane Frankland:
I mean all of those things. Certainly, the governments offer some really good advice, depending on where you’re located. But I would say definitely start there. I would also recommend working with a competent practitioner.
So that could be a cybersecurity expert and that could be someone that we would call a virtual chief information security officer, a VEC. So that’s a really good start.
And you can hire practitioners like that actually for a reasonable amount of money. They can come and work for you as a fractional worker, per hour or per day. Or they can do other set amounts of time and work with you in that way.
But I would always start there. I would work with someone from the industry of cybersecurity to help you understand your cyber risk.
And also looking at your technical risk and also your human risk, simply because all of that is really important for what we do. And I would really get them to devise a strategy for you.
And then I would advise outsourcing as much as you can, for example, to a managed security service provider. Because that way, what’s going to happen is you’re going to gain access to advanced security technologies and expertise that may be out of your reach for in-house teams.
So it’s going to lower your costs and it’s going to help you to become better protected.
As with anything, it’s always a case of doing the basics really well. So that’s things like, and you mentioned some of these, that’s things like using strong passwords, multi-factor authentication, and ensuring you are patching your software when you’ve got an update when you need to.
Because all of these things provide essential layers of protection.
And then like I said a few minutes ago, remember about the human factor. And this is why you really need to invest in cybersecurity training for your employees because that way what you are doing is you’re not treating your employees as a threat, as a weakness.
You’re actually using them as ambassadors and as a shield so that you can become better protected. By educating your staff, they’re going to be able to spot things.
So all you’re doing is just actually bolstering your defense.
So those things can help, and the last thing that I want to mention is always, always, always ensure that you have an incident response plan in place.
Because when you’re prepared for the inevitable for something to happen, then it’s just going to minimize your risk. It’s going to minimize the expense. And you’re going to feel more confident when something like this happens.
So having an incident response plan, knowing exactly what to do, and making sure that people are trained in that. It’s not just a case of, “Here’s a document.” And we’ve got our paperwork in place. It’s actually practicing that, doing those role plays, and making sure that that training is in place so that people know what to do.
Cybersecurity isn’t contained to just your organization
Bex Burn-Callander:
It’s so hard, isn’t it, because you are only as strong as your weakest link. And anyone in your organization can give away the keys to the castle.
But if you are a small company with a handful of staff, it can feel like you’re not there yet and it’s a massive distraction from building, and running the business, to think about this stuff.
But I guess you just have to think about the consequences, and they can be, I mean, it could be the end of the business, right?
Jane Frankland:
Yeah, it absolutely could be the end completely. It’s certainly going to hurt you financially. So that’s why for me, obviously I’m in the industry so I’m aware of it, but it just makes sense knowing what to do if that happens so that you don’t get caught out.
I mean it is resilience. That’s what we call it now, cyber resilience. And it’s about ensuring that your business can continue. So it is just massively important.
And not treating it as being just something that is contained to your organization. It’s actually making sure that your suppliers are practicing good cyber resilience as well, so that it is not transferred to you.
Because when it comes to our threat actors, they’re using every single way possible in order to steal or to cause damage, or to do whatever they want, to lie in wait even, as cheaply and as effectively as they can.
So it’s making sure that all your suppliers are as conscious of security as they can be, so that you don’t get caught out by them. Because it’s a great way to get into your organization and steal, manipulate, or alter your systems, or the information that you have.
How art and design led to a career in cybersecurity
Bex Burn-Callander:
And Jane, you’re so knowledgeable about this industry, but I’d love to know how you ended up working in cyber, where your entry point was? Because you’re also a big activist and you really try and get more women involved.
So what was your journey into this industry, can you take us back to the beginning?
Jane Frankland:
Yeah, well, I came into it in a really unique way. I’ve never met anyone who’s joined cyber in the way that I did.
So my background was art and design. So I trained as a designer and I was a nominated young British designer. And then after I graduated, I fell pregnant with my first son. So I’ve got 3 kids.
And what happened was I was working successfully as a designer, selling my designs all over the world, but I couldn’t actually pay my bills.
So what happened was I needed to change my career and change what I was doing so that I could build a future for myself and my son, because I was a single parent too.
And so what I did was I ended up retraining and that led me to do some work and then to find a new boyfriend. And it was this boyfriend that really got me into tech.
And what we did was we started a company. And because I didn’t know anything about technology and this was a technology company, I really wanted to lead with security because I thought it was interesting.
For me, I thought it sounded, I cringe when I say this, but I thought it sounded a little bit like James Bond and I’m a big James Bond fan. And so that’s why I started my company with a business partner and we focused on security.
So that’s how I got into the industry, how I came to be doing what I’m doing now, from going straight into building a tech consultancy and wanting to help and deliver this brilliant service and make a real difference in the world.
Stay on top of cyber threats by building a diverse team
Bex Burn-Callander:
And you were building this cyber security company at a real pivotal point in terms of the evolution of the cyber threat.
I mean, it just seemed to come of age at the same time that you were building this business.
And you were there, I think for 13 years. So tell me a bit about how you kept pace with that evolution, because that must have been a really crazy wild west of a time?
Jane Frankland:
Yeah. And I would still say it really is now. In some ways, I would say it was a lot easier than what it is now because the internet was emerging. Mobile phones were new, email was new.
So we had, in lots of respects, a lot less technology. And certainly back in the day what we focused on was research.
So we enabled our consultants to use 25% of their time, and that was dedicated to going out and researching what was happening, what were the latest threat actors and their techniques, and things like that.
And we enabled them to go to conferences and to mix with others out there.
So it was a smaller group and a smaller community, as opposed to how it is now, because it’s bigger. And what I see now is a lot of people, whilst the internet is huge and you can go to YouTube, which wasn’t around back in the early days when I had my security consultancy, they can do that now.
But we came together as a group and met in forums and exchanged information. And so it was smaller and it was kind of easier.
So that’s really how I would say that we stayed on top of what was going on in terms of threat actors and the threat.
And the other thing that we did was, we inadvertently built a team that was really diverse. And I would say it was more ethnically and culturally diverse than gender diverse.
That also helped us to think in new and in different ways, more creative ways, more innovative ways, and to come to better solutions.
So it was very much a combination of the way that we built our team, the fact that we were really innovative and allowed our consultants to have 25% of their time dedicated to research, and the fact that we were collaborating and going out and speaking to other consultants in the industry and sharing information.
What happened when the .com boom bubble burst?
Bex Burn-Callander:
And can you tell me about the most challenging time at Corsaire? Is there a moment or a period of time that stands out in your mind as really testing your mettle?
Jane Frankland:
Yes, absolutely. I mean, it was really tough. Growing a business is tough. And for me, it really was probably around 2001, I would say.
And what had happened, we’d had the .com boom bubble burst, and there was a ripple effect with that. So what happened was it took out some of our clients. Some of our clients’ funding was pulled literally overnight. And my business partner and I really learned the lesson that cash is king.
We had a really good pipeline. We were absolute leaders in the world when it came to ethical hacking and penetration testing, which is what our business specialised in.
We were working with some of the biggest brands in the world and really at the top of our game. But when that came along, it really, really hit us hard.
And what we had to do was, because we were caught out, we had a cash issue, we had to go into something which is similar to a Chapter XI, it’s called a CBA. And we had to work our way through that.
And thankfully, we worked, we got the buy-in of our existing clients, we reshaped our business and we learned far more about our business.
And we managed to turn our business around and come through that without having to sell or be acquired, or borrow money, or anything like that.
And we did that really not by cutting staff, but by looking at our business and improving how we were operating and also the products or services that we were selling.
So it was really hard. I just had my third child and working, being a new mum, having a toddler, having my oldest son who was going into secondary schools, and sitting exams and things like that was really, really hard.
I was physically tired. I was emotionally tired. I was so stressed because I didn’t know what was going to happen. I didn’t know.
My house was on the line. I didn’t know if we were going to lose our house, how we were going to pay staff from 1 week or 1 month to another. And I had to keep everything going at home so it was really, really hard. It was a really hard 2 years.
And I think most of the time what happens is you’ve got the face on and everything looks cool as a leader and you are settling your staff and letting them know that everything’s going to be okay and there’s nothing to worry about. You’ve got things under control.
And in reality, what’s happening is you are like this, I think probably you look like this swan.
Bex Burn-Callander:
Gliding.
Jane Frankland:
Gliding on the water. Or maybe a duck, whatever your preference is. But the reality is your legs are going, “Oh my God, how are we going to do this? How are we going to pull it off?”
So that I think was the hardest time. And we did come through it. We built a really strong, successful business and worked way through that.
Bex Burn-Callander:
Sometimes these moments, as painful as they are, you learn so much about what really makes your business work, don’t you? And what you need to focus on, what was maybe a distraction, what was maybe not generating the profit that you need to be successful. And it really hones the mind, doesn’t it?
Jane Frankland:
It really does. All the data that you’re tracking, all the meetings that you’re having, it’s just like, “No, that’s not a good time investment. That doesn’t produce a return.”
So yeah, you become so agile and you pivot. You need to pivot really quickly. You become so creative. And so just as you said, there were some great learning lessons from that.
Exiting a business can be very difficult—don’t be scared to ask for help if you need it
Bex Burn-Callander:
And then you built this business almost like your fourth child really, and then 13 years later you have to part ways.
Can you tell us a bit about that exit, the circumstances, how you got through it, and again, I guess what you learned, what the valuable lessons were for you to go on and build your next business?
Jane Frankland:
Yeah. I mean it was literally, it was almost as if we’d just comes through that, the issue that I’d just spoken about when the .com boom bubble burst and then all is good.
And then my relationship with, for want of a better word, my husband is over, yet it’s still business as usual. I mean, it wasn’t going well.
He woke me up and said he was leaving, but it was going to be business as usual, “And by the way, here are a load of legals that you need to sign.”
So again, it was similar to that moment I took you to when the .com boom bubble burst. Your face is like, “Yeah, everything’s good.” But the reality is like, “Oh my God.” You’re crumbling.
And even though it wasn’t going right, so I was quite happy that there was an intervention as such. And it needed to change and it was over, it couldn’t be salvaged.
It was still really, really hard just going into the office every single day, knowing what was going on behind the scenes in terms of that relationship, and having to put a face on and just pretend that everything was okay.
And to do that with my children as well. I mean, literally, I used to drop them off at school and cry all the way to the office. Mop up my tears, go into the office, put the face on, do business, go to meetings with my business partner, again like everything’s fine.
But actually leaving the office with tears again. So it was really, really hard.
And then there were discrepancies. We had to sort out who was leaving the business because it couldn’t continue in the way that it was.
And he decided it was going to be him, then he decided it was going to be me. Then it got really, really ugly. And then lawyers got involved and it was really, really messy.
And all the time, business has to continue. The children have got their own needs. They’re going through it.
So it was really, really difficult. And for me, you asked me how did I get through that and what did I learn about myself? I would say so much, so much.
I think the first is I’m really strong. I know I have a really strong mind. If I set my mind to do something, then I get on and do it. And I’m a high achiever, so I’m very used to achieving.
But what I really learned was just the fragility of your mind.
I mean, the issue that I had with my ex-partner, it wasn’t a case of, “Well, that went on for a few years.” It actually went on for 14 years. So it was really difficult.
And everything that I’ve become and done, a lot of difficulty was going on behind the scenes because it just didn’t stop.
But what I learned was that you need to get help. If you’re really, really struggling and having a hard time and really questioning, “Where’s my value? Should I be here?”
Because that’s what was happening to me. I felt I’d been rejected not just by him, but I’d left the business.
I’d gone and tried a couple of other jobs, and it hadn’t gone well. I wasn’t prepared. It was part them, part me.
And I was really questioning myself, “Should I really be here in this world? What’s my value? I’m worth nothing. I’m of no good to anyone.” And so on.
So I really learned to ask for help, don’t let it get to be as bad as it certainly was for me. And go and get help. If you feel that you’re really struggling, go and get help.
And for me, I went and got CBT, cognitive behavioural therapy. And I also got healing. So really the two differences there, one is more science-based and regular practitioner and treatment. The other is more spiritual.
So I went and got help and that really, really helped. And then I got some and domestic abuse counselling on the emotional side of things, which really, really helped.
So I learned more about myself. I had to trust myself again because I felt that I couldn’t trust myself after everything that had happened.
And I also needed to build myself up from being crushed because I was on my knees after so much turmoil and so much rejection because of what I’d gone through.
Bex Burn-Callander:
And I’ve seen you’ve written that if you knew then what you know now, you would never have walked away. You’d never given up that easy.
It must be hard to look back and think, “Just because I’d been torn down, I’d been taken apart piece by piece and that’s the only reason why I didn’t fight harder for what was mine.”
Jane Frankland:
Yeah. I mean, I also trusted my ex-business partner, so I’d left my business in his hands for him to continue building it and for us to both do well.
And it’s not my biggest mistake at all, but I trusted him to be good to his word and it didn’t work out like that. And of course, there are always two sides to a story.
But for me, I listen to a lot of women who have gone through this. I have listened to other women’s stories, whether they are very well known from big famous brands or whether they’re not, but similar stories to mine.
And maybe if I could go back, would I have done it differently? I might have done. But then also, I’ve learned so much in the process. So much good has come from it.
And certainly, out of adversity comes good things. So yeah, it’s really hard to think, would I have done it differently? Would I if I could go back?
Making women feel seen and heard in the world of business and cyber
Bex Burn-Callander:
And you mentioned that you found yourself questioning, “What’s my value?”
And it’s really interesting because this seems to be a recurrent theme around issues like imposter syndrome, which is very prevalent in tech and cyber security particularly.
So can you tell me a bit about how you went from being a very successful woman in cyber, through this period of self-doubt to then wanting to help other women feel more valued and seen in the industry and also encourage more women to give it a shot?
Jane Frankland:
I mean, the reason I wrote my book, Insecurity, the reason I’ve become a voice for the voiceless and an activist or an advocate, whichever way you like to think about it, really was, one, yes, because I am a woman.
I identify as a woman. I’ve been in this male-dominated industry for over two decades.
But it’s also because I finally believe that a failure to attract and retain women in cyber is causing us as citizens of the world, as business owners, and so on, to be less safe. So it is a combination of those things.
And certainly, when I started looking more into it, I found that women do see things in a different way than men.
And when I say things, I mean risk. There have been countless studies when you look at all of that, and they score highly when it comes to emotional intelligence and they’re very good at spotting anomalies, things that don’t look right.
So for me, it was a way of helping the world to become safer, helping our planet to do better. And then all of the work that I’ve done since has just evolved from that.
So by looking at the data, I know that women need to be seen more. They need to amplify their voices. It’s not a case of losing their power or finding their voice at all because we have a voice and we’re human beings, we’re spiritual beings.
We’re a life force. We have so much power. It just might be that we are not using it or we don’t know how to.
So it’s tackling some of those biases differently for women and for everyone else who wants to help with the mission.
And so that’s really why I do the work that I do, and still do that work, and am a champion for women in the field and also to change the situation and improve it so that we can do better.
Bex Burn-Callander:
And are things changing across your career? Do you feel like women are more attracted to careers in cyber, more welcome, that the barriers are coming down?
Jane Frankland:
It’s really difficult. So what I see is that we as an industry are doing better in terms of the awareness for what our industry is like. Because it’s really diverse.
When I came into the industry, when it was being formed, it was far more of a technical discipline than it is now. So we need lots of different types of thinkers in our field, and it’s really exciting because of that.
In terms of the percentages of women in the industry. When I wrote my book, Insecurity, we had 11% of women in the field.
And it was hovering at that, maybe dropping to 10%, maybe bouncing up, but it wasn’t doing any better. They’ve changed the way that they’re measuring now so it looks as if we’re doing better, but actually, we’re not.
So looking at more recent data on how many women are in the field and how many women leaders we have in the field, we’re doing worse than ever.
So awareness is growing, but we’re not increasing the number of women that we have, and we’re not keeping the women that we have.
So everything that I wrote in my book is still going on. And that to me is really disheartening and frustrating.
And at times I get quite angry about it because companies are just not interested in that. And the leaders within those companies, whether they’re hiring practitioners, so cyber security leaders, or whether or not it’s HR, they don’t care enough about it.
They might care a bit, but they don’t care enough to actually do something about it. And it’s so important. Everything improves. It feels better as well when we’ve got more diversity, certainly in terms of gender.
How can we improve gender diversity barriers?
Bex Burn-Callander:
So what would you recommend? Would you have on the more extreme end, hiring quotas? How do you fix this problem?
It feels like even if there’s a willingness, there’s barriers on both sides. If you’re saying, “Yes, come and work here. We want more women.”
But the women are feeling disenfranchised. So how can we fix it?
Jane Frankland:
Well, the first thing is definitely by improving the awareness.
So as an industry, we’ve got to go into more schools and we’ve got to be the ambassadors, the evangelists, and let others know just what a great career is available for them, what the earning potentials are.
Because there’s a good earning potential for anyone who comes into the industry. So really by explaining what it is, what skills are needed, that it’s not just a technical discipline anymore is going to help.
And then I think it’s, say from a government perspective, it would be things like improving the curriculum so that it’s more in line with the jobs that we do.
Because right now it’s quite boring and it’s quite old-fashioned. So I think there needs to be a shake-up in terms of the curriculum that is being taught.
We need to have more visible role models. That’s going to help because, say women or young women or girls can then see that there’s a place for them. They’re not going to be alienated.
We really need a shake-up when it comes to our HR practices. And this is going to be good for everyone. I mean, all of the things that I’m talking about are good for everyone.
What’s good for women is good for men.
But certainly, we do need a shake-up of our HR practices. What’s happening right now is not helpful at all so we need to remove the bias.
Blind auditions are really quite helpful. So you strip away any kind of markers that will identify you by your gender, by your age, and so on. Because again, that’s good for all people.
We need to be incorporating more work samples so that we’re asking better questions in terms of what we’re looking for. We need to be aware of the differences when it comes to women and men, just being quite binary about the genders, and I’ll give you an example there.
There was a company recently that wanted to get more of a balance in terms of their gender, and they held a test online. And what they found was that men did better than women.
And when they looked into it, what they realized was when the men were taking the test with the questions that were asked, the men were checking on their phones, and they were checking online for the answers. They didn’t know the answers to those questions.
But women weren’t. They looked at those questions, and if they didn’t know the answers, they thought, “Well, I can’t answer this because if I did look on my phone or if I did go onto the internet, that would be cheating.”
So women tend to be more compliant with the rules. And certainly, in that case, that’s what was happening.
So it wasn’t necessarily a case that men were better than women for that company. It was that the rules weren’t understood and they were being practiced in a different way.
So if the company had said, “You can use your phones. If you don’t know the answers, that’s okay. Get resourceful.” they would’ve got a better result. It still may have been the same, who knows.
But at least that wouldn’t have happened.
So another example is in a company, and I wrote about this in my book, where 4 graduates, well, they were not graduates, but they weren’t far from graduates.
But they were employed, and it was 3 guys and 1 woman. And the woman was a stronger candidate, she had more skills, and she had more natural ability.
And those aren’t my words, they were the words of the hiring practitioner. But what happened in that organization was the woman was failing. She was doing really, really badly, and she was at risk of being sacked.
She then had a new hiring manager, and he looked at her skills and he couldn’t understand why she was failing so badly. She was questioning the whole thing, “Should I be here?” And so on.
And what happened was he broke down her job, the task that she was being asked to do, and built her confidence. And so she started to perform and she started to realise, “Yeah, actually I do have what it takes. I am good here. I have the capabilities. I can do this.”
And slowly, he built her belief in herself and got her to do the task at hand.
Now, what he discovered was that the guys were all struggling, but because they grouped together and scratched their heads together and went, “I haven’t got a clue as to how to do this.”
And they were all kind of going, “No, nor do I.” They figured it out together. Because she wasn’t included in their group, she was on her own, and that’s why she failed. So we have instances like that.
So when companies better understand better hiring practices, sometimes how they can use better technologies in order to get more diversity, not just gender, but age and ethnicity and diversity of thinking and so on, then we can do better.
And when companies and leaders look at their practices, do our people understand what’s expected of them? Can we help them more? Can we get them mentoring? Can we get them sponsorship?
Are we progressing them fairly or are we being biased with the way that we’re progressing our employees? Are we looking at the confidence vs competence scenario where we’re expecting women to do more than certainly their male peers? So all of those things can help.
And then women can also do some work as well. Because we need to meet, I think, in the middle. Women need to up their game. Companies need to up their game. And certainly, as an industry, we need to up our game.
Bex Burn-Callander:
Those examples are fascinating. I’d love to know how they figured out that the guys were cheating. Do you go back and ask the question? And if you were likely to cheat on a test, are you likely to be honest? It’s interesting.
Jane Frankland:
Isn’t it? It’s really interesting. And I was so glad that they discovered that. And then for me, certainly as an advocate, bringing that awareness to light.
So yeah, I mean, there’s so much that can be done. And it really is, I think, about being open to that and not making anyone wrong. No blame, no shame, just better business.
And that’s really important because as we evolve, it is becoming more difficult. There’s more sensitivity. We’re becoming more divided instead of unified.
And so that’s why I think it’s important to make sure that people don’t feel afraid. And I say people, human beings. Because that way we’re going to do better rather than being more divisive.
Recognizing the unique abilities, talents, and differences as a positive thing, but becoming unified in the way that we’re approaching things.
Pick up on patterns that others might be missing
Bex Burn-Callander:
And you mentioned earlier, Jane, the importance of role models, and I guess this is why being a visible role model, I mean you in particular, because your background is in art and design, you did not have, as you say, a traditional route into cyber, which means you’re a very relatable, interesting figure.
But I’m curious whether your background, whether being an artist and designer has ever been useful in cyber security. Are there any crossover skills and can you tell us about that?
Jane Frankland:
Well, I mean, I was a textile designer. And I’ll be completely frank with you here. For years, I didn’t mention that.
And even now, I still have a bit of sensitivity about that because of the way that women are judged. We’re judged differently to men.
So for me, I created patterns. And what I say is, I see patterns. And whether that’s because I might be neurodiverse in the way that I think, it could well be. But that helps me because my perspective is very different from a lot of others.
And because I am a challenger by nature, I have this different perspective, and I have this desire to unify and to not make people wrong and to be inquisitive, so I think that helps.
It helps with being an innovator, producing products and services and wanting to do well by those that you’re serving, whether it’s the industry or whether it’s customers and clients.
The way that I see things is a real positive, and that also helps with businesses as well. So being able to spot the patterns for me transfers into trends.
It’s just like, “What are you seeing? What patterns are you seeing that other people might be missing? Have you thought of it in a different way?”
So that helps as a business owner, and it certainly helps in terms of the threats.
So joining dots that might not otherwise have been joined if I’d come from say more of a traditional background, a STEM background, so science, technology, engineering, and maths as opposed to STEAM, science, technology, engineering, arts, and maths.
So I think that really helps. It helps with the way that I see things and being able to see things in different ways and join dots that might not otherwise have been joined.
Inspired by this business story?
Wherever you’re listening or watching, subscribe to Sound Advice on Apple iTunes here.
We are also on Spotify and anywhere else you get your podcasts.
Join our community to share your insights and stories on X @Sage_Canada using the hashtag #SoundAdvicePodcast, on Instagram @SageOfficial or in the comments below!
Want to know more about Jane and KnewStart?
You can find out more about Jane here or on her LinkedIn.
You can find out more about the KnewStart here.
Subscribe to the Sage Advice Newsletter
Get a roundup of our best business advice in your inbox every month.
Ask the author a question or share your advice