Details   

• Title, Name, Surname: Julia Sch​ue​​tze
• LinkedIn Profile: https://www.linkedin.com/in/julia-schuetze/  
• Personal webpage: ​www.cyberpolicyhaus.com ​​     ​ 
• Link and information to any initiatives you ​are involved in that relate to empowering women in ICT: https://www.itu.int/en/ITU-D/Cybersecurity/Pages/Skills-Development/Her-CyberTracks.aspx 

Expertise   

• Your role/job title: Founder & ​​Exercise Designer
• ​​Company name: Cyber Policy Haus​ 
• What is your field of expertise?​ (International)​ Cybersecurity​ Policy & Governance​

Introduction

Please tell us a few things about yourself.  

I am Julia Sch​​​​​uetze and the founder of Cyber Policy Haus, where I design and facilitate tailored cyber policy formats such as trainings, tabletop exercises, scenario workshops, and information design. My work sits at the intersection of cybersecurity, policy, and education. I collaborate closely with designers and governments, focusing on national cybersecurity governance, crisis management, and hybrid warfare exercises. Over the years, I have worked extensively on issues such as state resilience, cyber diplomacy, and the role of civil society in cybersecurity dialogue. My background allows me to translate complex cyber risks into practical, collaborative learning formats that work across sectors and disciplines.

Inspiration

What motivated you to enter the cybersecurity field, and how can we make that journey more accessible and visible to young women today?  

I entered the cybersecurity field when I was 21​, 10+ years ago now,​ working on my bachelor thesis​ about ​national cybersecurity awareness programs​​. At that time, there were no dedicated cybersecurity degrees. I studied public policy and journalism, but​ ​became fascinated by the topic​. When I found out that​ ​the Federal Office for Information Security ​in Germany can tutor and fund a thesis​, I felt my studies were actually put to good use.

​​​Since then I never turned my back on cybersecurity. I am largely self-taught, and ​​had the great fortune to join a think tank right after my master’s degree​ where I got​ opportunities to ​conduct extensive research and analysis​​ allowing ​me to dive deeply into real-world challenges​,​ such as municipal resilience, national security, and early discussions around frameworks like NIS2. What helped me most in the beginning was working on actual, concrete problems. Real-world tasks made the field tangible​ ​and gave me a sense of purpose. 

Another important factor in my journey was mentorship. What helped was having “safe counterparts” - ​senior ​people​ - mostly men -​ I could talk to before going into ​a new ​situation ​​who would ​​support​​​​ ​​me to understand​​​​ the room, the expectations, and the dynamics, so I didn’t feel held back. Over time, I ​became confident to carve out my own path without a role model​. It’s only recently that I ​​became more involved in women’s networks, they simply didn’t exist when I started out. 

To make the cybersecurity journey more accessible for young women today, we must focus on three things: Confidence-building through real-world tasks​ honing skills​, ​​and ​​​​​visibility.

Career Growth

Beyond technical knowledge, which soft skills - such as teamwork, problem-solving, or ethical awareness - are most valuable in your day-to-day work?  

​​One of the reasons I stayed in cybersecurity was how open the field initially was. There were no predefined career paths, which allowed me to explore, experiment, and shape my own role. Today, the field is far more crowded and competitive, making confidence a critical skill - especially for young women. Even when job descriptions seem intimidating or overloaded with certifications, what truly matters is understanding what kinds of tasks you can perform in a real job, what problems you can solve, and how your skills create value for an organization.​ There are still so many challenges you can work on but you need to cut through the jargon, ​show your skills ​and ​find people​​ that can help you put a foot in the door.

​​In my daily work, a broad understanding of the cybersecurity ecosystem is essential - from threats and regulatory frameworks to national security and policy contexts. Cybersecurity rarely exists in isolation; it increasingly intersects with disinformation, physical security, and hybrid threats, which requires continuous learning and adaptability.​​ However, b​​e strategic and do not try to do everything at ​​once on surface level​​, become really invested in one thing, and know how it connects, then add another. ​

​​​​If I would start out again now​​​​,​ I would focus on​ excelling in asset and risk management -​​ risk-based thinking is key. Being able to assess and communicate risk - for example in the context of NIS2 implementation​​ or the Cyber Resilience Act​​​​ ​​or in national security is needed at the moment.​​​

​​Work-Life Balance

How do you manage the demands of career and personal life?

​​​​​In my 20s, this was not a priority but a luxury. I often worked extra on the weekends ​because there​ were opportunities where I gained experience and expertise outside of the day job which meant a little extra money and something more to show on my resume - which paid off in the long run. The benefit I used in my 20s was whenever I took a business trip, I added vacation or seeing friends in other countries. This was a huge plus. ​​ 

​​​Now in my 30s, I use the wheel of life at the start of the year together with my partner. We reflect on the different ​aspects​ of life from the year before e.g. health (was it more a 6 out of 10 or an 8 and where do you want it to be next year and what do you need to get there?). If you do this, you’ll see that you cannot concentrate on ​everything​ at the same time. So you start prioritizing. Doing this at the start of the year helps me ​make​ better decisions which sometimes means “saying no” or ​delegating​. I also find little hacks help e.g. when I travel I bring an ​ergonomic​ cushion, I travel with my coffee, I still plan travel routes that combine seeing family and friends.

Personal motive

What’s your personal motto, or favourite motivational quote, that can also inspire the younger generation to follow studies and a career in an ICT / Cybersecurity field?  

I cannot stand complaining and doing nothing about it. This is not the vibe that means progress. Changing it can be hard and long progress, but if you are on that path, you need to enjoy it and show consistency and grid.

Future

Which emerging areas in cybersecurity, such as AI security, data protection, or social engineering, will be most relevant for the next generation of professionals entering the field? And what role can gender diversity and inclusion play?  

The next generation of cybersecurity professionals will work in a field that extends far beyond traditional ​​information​​​​ security. AI​-enabled​ security​ or ​offense​​ ​or even the aspect of technological autonomy ​will be ​sneaking into the field. 

At the same time, ​regulatory implementation will remain central career paths. Frameworks such as GDPR, NIS2, and the ​​Cyber Resilience Act ​​​​create a strong demand for professionals who can translate legal requirements into practical, operational security measures, especially for small and medium-sized enterprises. 

Cybersecurity is also increasingly connected to hybrid threats, including disinformation, election security, and the protection of critical infrastructures. This requires professionals who can think across technical, political, and societal domains. A strong foundation in IT and information security remains essential, but it must be combined with an understanding of policy, national security, and business risk.

Downloads:

- Julia Schuetze Role Model Poster