Buckle up for some long yapping session below đź¤
When I first heard about Project Friedman (my team at work pinged me on Teams and encouraged me to give it a shot), I felt a mix of curiosity and hesitation. Public speaking has been on my mind for a while, but it’s not exactly in my comfort zone. Still, something about the program’s mission; amplifying women’s voices in cyber security really resonated with me.
I’ve never seen a woman like myself (being a hijabi) deliver a technical talk at a cyber conference, let alone one about exploiting things.
Yet, it was something I envisioned and deeply wanted for myself. I couldn’t shake the thought. The idea of sharing my perspective and perhaps even inspiring someone else felt incredibly powerful.
I was like ..."OK, let's do the Expression of Interest", but if I have to be honest it did felt slightly intimidating for me. It wasn’t just filling out a form; it made me really think about myself in a way I hadn’t before. I couldn't remember all of the questions on top of my head, but I remember sort of overthinking my answers a bit. I had no idea if I’d be selected, but I had put myself out there, and that was a big step for me.
At the time, I sort of knew I wanted to present though, and it was about:
- Technical talk, and
- Exploiting things.
The Interview
A couple of weeks later, I got an email saying I’d been shortlisted for an interview. My first reaction? Pure excitement. My second reaction? Total panic.
What would they ask? What if I blanked or said something dumb? I spent the night before prepping answers to every possible question I could think of, even though I knew I couldn’t predict everything.
The actual interview ended up being way more relaxed than I expected. I remember meeting Louisa from Women Speak Cyber - virtually over Teams call. She asked me about my work, what I was passionate about, and how I felt about public speaking. I was as honest as I could without overthinking it.
I think I remembered saying, “I think cyber security needs more voices like mine, and I’d love to prove to myself that I can actually do this.” It felt weirdly vulnerable to admit, but she seemed to appreciate it.
I had already decided what I wanted to talk about, and it was about DevOps. Exploiting DevOps sounds cool (to me at least).
When It Became Real
I received my acceptance letter around late June. I had actually been chosen.
I knew this was going to be a big challenge, but I also felt ready to take it on. This wasn’t just about me anymore. It felt like an opportunity to represent something bigger, and I didn’t want to waste it. When I told my team at work about my acceptance, we immediately started looking for accommodation in Melbourne. Their support for me and this initiative is something I will never take for granted.
There was a schedule: a whole list of sessions and deadlines that instantly made it feel real. There were in-person and online workshops, individual coaching sessions, rehearsals, and, of course, the big event at CyberCon in Melbourne. It was structured yet flexible enough to fit into my life, but wow, it was clear this wasn’t going to be a half-hearted commitment.
My speaker coach was Catherine McGrath, and let me tell you, she is incredible. From the moment I met her, I knew I was in good hands. She had this way of making you feel like you were capable of anything, even if you weren’t sure what you were doing yet.
Our first session was a full day of training with the cohort, and I was equal parts excited and intimidated. Seeing all these amazing women with their own unique stories and topics made me feel like I was exactly where I needed to be.
We kicked things off by talking about our topics. I confidently announced, "I want to talk about exploiting the DevOps pipeline." I remember being met with blank stares, a big reality check that what seemed obvious to me wasn’t common knowledge for everyone. Catherine turned that moment into a valuable lesson: the importance of connecting with your audience and making technical concepts accessible. It’s a lesson I’ve carried into my professional life ever since.
Yes Adela, it's cool to throw in fancy technical jargon, but it’s not so great if your audience can’t follow along.
The Three Jewels
One of the first things we learned was how to structure our talks into "three jewels." This meant breaking our message down into three key takeaways that would anchor the entire presentation. It sounded simple, but when I tried to map out my ideas, I realized just how much I had to say. Narrowing it down was a challenge, but by the end of the session, I had a rough outline.
Catherine encouraged us to keep going, to let the ideas flow and not worry too much about making it perfect yet.
The Challenge (or the Gap I Saw)
When we go to conferences, any conference really, you’re usually hit with a firehose of information. You’re moving from one session to the next, just sitting there and hearing what the speaker has to say. Chances are, as much as you can absorb the content & information, most of it starts to blur together after a while.
If I only hear things, I might remember them for a couple of hours. If the talk’s really good, maybe I’ll hang onto it for three days tops. But I like learning by doing. I started thinking about how I could make my talk more engaging, something that would actually stick with the audience.
There's another issue. DevOps isn’t the easiest thing to translate into a story. I mean, how do you make pipeline code misconfigurations sound interesting to an audience that might not even know what a pipeline is?
It was a gap I felt I had to bridge. I wanted my talk to resonate with both technical and non-technical people, but figuring out how to balance it was tricky. Every time I tried to simplify it, I’d worry I was watering it down too much. But if I went too deep into the technical side, I’d risk losing people entirely. And honestly, nobody wants a talk so dense it makes them fall asleep.
Wildcard*
That’s when I had this wild thought: what if I threw in quizzes? Like, what if the audience didn’t just sit there listening to me talk but actually got to do something? Maybe a little activity where they could problem solve and spot vulnerabilities themselves.
I’d never seen anything like this in a conference talk before, but I thought, "Why not? This might actually work." If people could engage with the content hands-on, maybe it would stick with them longer.
I honestly didn’t know if it would work, but it felt like the right move. It was different, and it aligned with how I learn best. Catherine’s advice came in clutch at this point. She told me to focus on the "why." Why does this matter? Why should people care? Those questions became my point as I crafted this talk.
I just wanted to do something different, something interactive. I figured when you actually do something yourself, it sticks with you. And even though I wasn’t 100% sure about how it would land, I felt like it was worth a shot.
(ps: this is one of them. Can you guess what the answer might be?)
Mentorship
I have to say, Project Friedman really spoiled us. Alongside the speaker coach, we were each paired with a one-on-one mentor. My mentor, Danielle, was amazing. She had just spoken at BSides Canberra, and I’d gone to her talk. It was so inspiring to see another woman in penetration testing like me. We met in person to go over some initial ideas, but the real game was our one-on-one session.
When I did my first run-through of my talk, it was dense — way too dense. Danielle gave me a much-needed wake-up call: “Not everyone knows what Git is,” she said. “Make it high-level so leadership and board members can follow.” That advice hit hard. She also challenged me to think about what I wanted the audience to walk away with, which made me realise I needed to reframe my approach entirely.
After our session, I went back to the drawing board, literally.
I made a major revision to both my slides and my presentation style. They're more visual and speech-driven instead of text-heavy. It became less about showing off what I knew and more about connecting with the audience and telling a story they could remember.
Danielle’s feedback shifted a lot for me. She helped me step out of my technical comfort zone and focus on making my talk relatable and impactful.
Final Rehearsal
One of the unexpected joys of Project Friedman was meeting other women in cyber security. We laughed over awkward moments in meetings, shared stories about navigating this field, and hyped each other up during practice presentations. It felt like finding a tribe; a group of women who just got it.
Our talks and topics were wildly different, which amazed me. I loved how diverse our perspectives were and how much I learned from their insights. On the final rehearsal day, the energy was different. We weren’t just refining our talks, we were building each other up in ways that extended far beyond the conference stage. The friendships I formed during this program are core memories I’ll carry forever, and knowing they were cheering for me made all the difference.
CyberCon Melbourne
When the day of the CyberCon Melbourne finally arrived, I was a bundle of nerves. My talk was scheduled for the last day, and that only added to the anticipation. But that gave me a chance to fully support the other women in the cohort. We hyped each other up, took pictures, and celebrated each other’s victories.
When my moment came, I remember sitting outside the room an hour early, mentally rehearsing my talk. Two guys walked out of a different session, and I overheard them saying they left mid-talk because it wasn’t what they expected. That moment shook me a bit; I started worrying if my talk would resonate or fall flat. But then I reminded myself of all the support I’d received and told myself, "You’ve prepared for this. Just breathe."
When I finally stepped on stage, something shifted. All the nerves melted away. I was in the zone, fully present, and speaking from the heart. No robotic voice, no overthinking, just me being as authentic as I could.
Biggest flex? No one left my talk mid-way. People stayed and they were immersed. The interactive format worked better than I'd hoped. People took the time to figure out the vulnerabilities and even got the answers right. It was so fulfilling to see them engage and understand the concepts. I accidentally clicked the wrong slide but they stayed with me.
When the applause came at the end, it didn’t feel real. People came up afterward to tell me how much it resonated with them. That was the moment I realized how far I’d come.
The Aftermath
Project Friedman didn’t just teach me how to give a conference talk; it changed how I see myself. I learned that I have a voice worth sharing and that I don’t have to fit into a mold to make an impact.
Looking back, it feels like the start of something bigger. I’m still growing, still learning, but now I know the magic really happens when you step outside your comfort zone.
If you’re wondering whether your talk matters or if you’re "ready" to take that leap, let me tell you this: You are. Sometimes, the hardest part is just believing that you belong.
Massive thank you to Australian Women in Security Network (AWSN), Louisa Partridge, Louisa Vogelenzang, Catherine McGrath, the Project Friedman cohort, Danielle, Sahnaz Khurshied, and my whole team at Irradiate Security. I couldn’t have done this without y'all.
If you’re interested in joining Project Friedman next year, applications are always open — don’t wait to take that leap! 🌸