Kicking off Cybersecurity Month, we had an inspiring and informative fireside chat with Ann Johnson, Vice President of Security, Compliance, & Identity at Microsoft—who happens to be a former community college student herself! Read on for a recap of the conversation. 

Opened by ​​WiCyS executive director Lynn Dohm and moderated by Crischell Rayvon Brown, a WiCyS member and recipient of the Microsoft Philanthropies Community College Scholarship, this conversation with Ann flows with stories about journeys to and opportunities around a career in cybersecurity via the community college pathway. 

Unpacking the journey from community college student to VP at a major tech company

Attending school full-time presents financial barriers for most students and statistically more so for students in community college. Things like essential household, utilities, groceries, and career-related certifications, fees, and programs threaten to derail a student on his or her path to a career in cybersecurity. As a 17-year-old from an economically unstable family in rural Utah, Ann shared that she relied on academic scholarships and loans to pay for school, and why a big university didn’t feel like an option to her.

“My parents could never have afforded college. But I was fortunate because I had a scholarship in speech and debate because I was a high school champion in speech and debate. I also was able to have another funding source because my uncle was actually an executive at Chubb Insurance and they had family scholarships available. […] And I had a student loan.” 

Ann chose community college as the first step in her career path for a couple of reasons. 

  1. Affordability. Going to community college is a more cost-effective way to get general credits as a transitional step toward a four-year school.
  2. With a graduating class of 50 in the middle of nowhere, she didn’t think she could handle a big university. 

Ann did eventually transfer with her associate’s degree, and has this to say about Microsoft’s and WiCys’s commitment to community college today:

“It’s a path for people that are either returning to work, or people coming out of the military, or people coming from a background like I did (economic insecurity). It gives people an option than maybe a larger college that’s more expensive doesn’t.”

How do you know if cybersecurity is for you?

On an episode of Ann’s podcast, Afternoon Cyber Tea With Ann Johnson, Ann discusses things like the critical cybersecurity talent shortage. While some people seek out a career in cybersecurity from the get-go, others, like Ann, come into it with little to no background. 

“I’ve been in tech for 30-some-odd years and cyber for 22 years. When I went to join RSA Security in the year 2000, I had no background. I was in a storage business and I did networking before that, and I did not have a technical degree.” 

Moderator Chrischell didn’t know if she had the chops for IT, even though she knew she loved it. 

“I’ve always been intrigued by technology and the way it works. I feel like I’m a part of a generation that has seen technology grow in such an amazing way. There are many different information technology routes I could have gone through. However, nothing caught my attention the way cybersecurity did,” Chrischell said. “It was something that was super confusing for me to understand, but at the same time, I continuously wanted to learn so much more about it. There is nothing in this world that excites me more than cybersecurity. But at the same time, it irritates me because of how frustrating it could be. It allows my brain to stretch out into different parts that I never knew that it could.” 

For many, a journey into cybersecurity feels scary or overwhelming, as Chrischell attests: 

“It’s been very confusing. Because I didn’t have anyone in my life, or just anyone in general, who I could look up to in the industry as a support system. When I started my cybersecurity journey at Houston Community College back in 2019, I had very little knowledge of even the basics. But I’m very proud of myself that I was able to navigate through it on my own, and able to just be grounded within myself. I’m extremely proud of myself for doing that and never giving up because there have been so many times when I wanted to just throw in the towel and just give up. I know a lot of people listening, they’re probably on the very thin line of just saying ‘Okay, I just want to give up on it.’ But don’t give up, guys. We can definitely make it through.” 

The unique role of community colleges in the cybersecurity pipeline

Ann notes that she isn’t a digital native and knew almost nothing about computers when her foray into the world of them began, citing the fact that microwaves didn’t even exist until she was a child. There was no formal cybersecurity curriculum when she attended college, yet Ann is one of the best examples of the kind of cybersecurity talent that community colleges produce. 

Here’s how she sees the role of community colleges in contributing to the cybersecurity talent pipeline today: 

“Community college […] impacts a different population than we’re going to see in other places. When Microsoft made this concerted decision to actually fund the philanthropy programs in community colleges, and to educate professors and to educate students—the reason we did it is we knew we had to improve the demographics in cybersecurity.” 

And what of the three million job openings in cybersecurity globally today? Ann discusses that they won’t be filled if the only people companies hire are those with a STEM degree and five-to-seven years of experience right out of a major university. Supporting community college students will fill cybersecurity’s real need to bring on people who are diverse over a wide variety of spectrums—including their educational background. 

“You have young people starting college, like I did. You have career-returners, career-changers. You have a very different population of people that you can actually influence an impact and drive into a cybersecurity career. It’s imperative that we do that, by the way. We’ve actually expanded the community college initiative to the equivalent type of educational institutions globally because we’re finding such success. Pragmatically, we can’t fill the job openings unless we engage a lot of different people. Philosophically, we don’t want group-think.” 

Still the small-town girl from southern Utah 

As for being an industry leader and visionary in the cybersecurity sector, a finalist in the Peoples’ Choice Podcast Awards, and one of the most influential women in tech globally, Ann divulges what keeps her grounded.  

“I’m a first-generation college student from a very blue-collar family. When I think about being an industry luminary, […] I’m still that small-town girl from southern Utah that was trying to make sure she had enough to eat. I’m being quite serious. So, it’s hard for me to see myself that way, right?”

“I chose cybersecurity at a time when people were spending more on their coffee budgets than they were spending on their security budgets. It was mission-driven work to me, and that’s kind of how I view it. […] At the end of the day, I have to stay grounded in what the mission is. And the mission is to make the world safer for everyone.”

Listen to the full 45-minute fireside chat for more real talk and cybersecuri-tea from Ann Johnson, including one of her life regrets around education and her top piece of advice on making it as a woman in cybersecurity.

Ready to help secure your path to a cybersecurity career? Community college students – apply to the Microsoft Cybersecurity Scholarship Program or for women and non-binary students in all types of institutions, apply for the Alan Paller Memorial Cyber Talent Emergency Fund now.

This special event was made possible by WiCyS, Last Mile Education Fund, and the Microsoft Cybersecurity Scholarship Program.