After 10 years on the police force, Tracey Long knew a thing or two about fraud. In this month’s blog series, Long explains how her former training was a natural path into cybersecurity and how both professions are all about getting people to comply.
How long have you been at Worldpay and what is your role?
Tracey Long: I’ve been involved in Worldpay now for seven and a half years. Leading the largest global merchant payment PCI compliance program is quite involved. We have a very significant merchant base of approximately 1400 corporate customers. We are responsible for making sure that the merchants achieve and maintain PCI compliance in order to ensure the regulations of the card brands.
How did you get started in cybersecurity? What led you to that career choice?
Tracey Long: I’m a former police constable. I was a police officer for 10 years, so I knew a little bit about fraud. I saw an ad in a local paper one day, after I’d given up my time in the force, asking for people who knew something about fraud. So, I applied for a job. I didn’t know what it was. I didn’t understand what PCI was, but I did what people do. I researched it and found that, yes, it was something I thought I could do. I went to the interview and, to my surprise, I got the job. I fell into it rather than it be by design, but I’ve done payments now, and acquiring for PCI, for the past 12 years, which is a significant amount of time now. It wasn’t something that I really chose to do from an early age but saw it as a really good move for me.
What do you see in the future for women in the cybersecurity industry?
Tracey Long: In the future, for women in the cybersecurity industry, I see the same as what you would see for any man. I don’t see why it should be any different. I think women have a really good reason to be in this industry. We bring to it different qualities than what men bring – I’m not saying that we are any better than men – but I see good things. I think there will become more and more women in this industry and that’s only right. It shouldn’t just be for men with a technical background. In my experience, when I first came into payments, and particularly at Worldpay, when I joined the team there, I was the only woman on the team. So, for me, being able to employ women, and bring a diverse nature to the team, has really helped. In that respect, I see great things and I don’t see why it shouldn’t be that way.
What advice would you give to young women who are interested in a career in cybersecurity?
Tracey Long: I’d say go for it. Why not? If you really do fancy cybersecurity as a career, it’s a great career to be in. It doesn’t have to be just in payments, but I think it’s the obvious choice. But, why not? If you want to do it, go for it. Don’t be put off because we are still the minority sex in this industry. I’m hoping that, coming up through the ranks as children, girls become more engaged with cybersecurity and coding and everything that goes with that. I really do hope we see an upturn in those numbers. It would be really nice to come back to one of these events one day, perhaps when I’m old and grayer than I am now and see a much larger representation from the female sex in the audience.
What aspects of your job do you enjoy?
Tracey Long: What I like best about my job is the engagement that I have; the interaction with merchants and suppliers. I feel like I’m making a difference. Compliance isn’t much different really than telling people what to do as a police officer. It’s engaging with people and seeing their reaction when you explain something to them. A lot of people in this industry think that compliance is really difficult, and it doesn’t have to be. It’s about being practical. I love it when I walk away from a meeting and I see the results. I see then that people become compliant and that means a lot to me.
What value do you get out of serving on the Board of Advisors for PCI SSC?
Tracey Long: I’ve been on the Board of Advisors now for three consecutive terms and I think probably the most value that I get from that is being involved, feeling like we’re making a difference and having a say in the future of the standards. If we weren’t on the Board, we wouldn’t get the opportunity to do that. That, for me, is the biggest thing that I get from serving. It’s giving back to the Board on behalf of the merchants because the merchants don’t get the same interaction with the PCI SSC as I do, as an acquirer.