Security Awareness Training

    Mimecast Voices: Gugu Tshangela

    by Renatta Siewert

    Editor's note: This is the third in a series of profiles featuring Mimecasters sharing their personal experiences with, and perspectives on prejudice and marginalization, and what actions people can take to better support their colleagues in this era of change and help drive a culture of inclusion in and beyond the workplace.

    August is an important time in South Africa, representing Women’s Day and celebrating the strength and resilience of women’s contribution to society and country. August 9 is a public holiday meant to commemorate the 1956 march of 20,000 women in Pretoria in protest of apartheid pass laws, and today, the day seeks to draw attention to the important issues women still face.

    At Mimecast, we celebrated by sharing the stories of the Mimecasters in the region, and interviewed one of our messaging security analysts, Gugu Tshangela.


    RS: What’s your role at Mimecast?

    GT: I’m part of MSOC (Mimecast Security Operations Centre) Operations Team, so we interface directly with customers and prospects. The MSOC team consists of Anti-Abuse, MSOC Operations, Signature team, the Research team and Threat Intelligence team. At this point, I have been in the IT industry for so many years. I have learned a lot about the threat landscape and customer success. I enjoy this industry and the challenges that come along with it. 

    RS: What does a typical day in the life of a SOC team member look like?

    GT: Our roles are very diverse. As part of MSOC Operations we deal with false positives and false negatives reported by customers; we also review customers’ security policies and recommend best practise guidelines for those specific policies. We also work with Service Delivery, Customer Success and Presales escalations. Most importantly, I’d say, we monitor spam, phishing, and virus submissions, add updates to Mimecast's global reputation systems, raise cases with the Signature team to create new anti-malware signatures, and update existing signatures. Last, but not least, I also assist with Advanced Threat Defence - Email Security Certifications where we are measured by the efficacy and accuracy of detections.

    RS: What led you to a career in cybersecurity? What’s been your career journey to date?

    GT: The way I came into IT and cybersecurity is a similar story to how many of us did, I think. My mother bought a computer for our house, since we didn’t have a computer lab at school. It was a Pentium 2 – to go to any program you had to run scripts, and I was fascinated by how it worked. And, not a lot of people in my neighbourhood had a computer, so it wasn’t a common career choice. But the more I researched and spent time on this computer, the more I realized it was an entire career.

    I went to the university’s career week, found the programming area, and I became interested in development. When I finished school, I went and studied to be a developer, but I was really more interested in fixing computers than building new software. With that career path in mind, I found a job in desktop support on the technical side, but it was not without challenges – I was the only woman in desktop support, and was even asked why I wanted to fix things, being a woman.

    While I was at that job, I opened my personal email account one day to find that I’d been hacked. The entire event was a major surprise, and the email support system was so unhelpful. In those days in IT, security was viewed as just another technology stack. But I started to see cyberattacks occurring more frequently and with greater sophistication. That’s when I found myself developing an interest in this space. When I first joined Mimecast as a customer support engineer, I started chatting with the Messaging Security Team to find out more about their roles and what they do on a daily basis. I applied for an opening that was advertised for Messaging Security Analyst Role based in SA, and the rest, as they say, is history.

    RS: What did you study?

    GT: I received my diploma in Microsoft Developer, a certificate in Microsoft Exchange Server and ITIL certificate.

    RS: Who inspires you? Do you put that inspiration into action, in your daily life?

    GT: No question - Thuli Madonsela inspires me. She is a phenomenal woman; she was an advocate who helped write South Africa’s final constitutional. When she was appointed by then-President Zuma to be the Public Protector of South Africa, it was discovered that the president was wasting states’ money, so she investigated him and then developed a report recommending an oversight committee. Not many people would do this. I try to be fearless in certain things, like her, to fight for what I believe, both in my personal life and professional life.

    RS: What advice would you give to other women interested in pursuing cybersecurity as a career?

    GT: Cybersecurity is an amazing industry to build your career on. I’d advise women who want to enter the field to take advantage of all the resources available and maintain the mindset of lifelong learning, because there are so many possible roles to explore that you’re sure to find one that fits your strengths.

    Once you’re in the industry, I find that there is a lot of trial and error, especially when it comes to MSOC. The different attack types can be difficult to gauge at first, but luckily, with that mindset of learning, there are so many resources both online and among colleagues to help you gain the knowledge to succeed, and to help you get the confidence to escalate an issue to engineering. For example, when attachments were first used to download malicious files, it was difficult to tell and escalate. Over time, you learn and get better at it, and I try to act as a mentor to new members of MSOC, and to be a resource for people.

    RS: Where to next? Do you plan to progress in your current role / department?

    GT: I would like to move to the Threat Intelligence team to work with threat hunting and analysis. I want to deal with threat hunting, to be proactive and not wait for the threats to come in. I want to stop them before our customers receive those malicious emails, and overall stop the bad actors.

    Subscribe to Cyber Resilience Insights for more articles like these

    Get all the latest news and cybersecurity industry analysis delivered right to your inbox

    Sign up successful

    Thank you for signing up to receive updates from our blog

    We will be in touch!

    Back to Top