Role Model: Ms. Katia Bonello

Personal Details  

Expertise  

  • Your role/job title: Senior Manager - NCSC - National Coordination Centre MT, Cyber Security Department
  • ​​Company name: Malta Information Technology Agency
  • What is your field of expertise? My expertise in cybersecurity spans strategic leadership, EU‑level coordination, cyber capacity building, awareness & education, and governance.

​​​Company details

Introduction

Please tell us a few things about yourself. 

I am a daughter, a sister, an aunt, a wife, a friend, a mother to a 7‑year‑old girl — and a committed professional who believes deeply in purpose-driven work. My journey started in 2004 when I began my career as a software developer, a role that laid the foundation for my analytical thinking and problem‑solving mindset.

In 2018, I was presented with an opportunity that changed the course of my career: joining the Cyber Security Department within the Malta Information Technology Agency as a Project Manager. It was a leap into a field I had not initially planned for, but one that became one of the most fulfilling decisions I ever made. Cybersecurity gave me space to grow, lead, and contribute to national‑level priorities that truly matter.

Today, I serve as the Chair of the Consultation Council for the National Cybersecurity Community, I am a member of the National Cybersecurity Steering Committee, and I have the honour of representing Malta on the Governing Board of the European Cybersecurity Competence Centre. Each of these roles allows me to bring Malta’s voice to the table, shape cyber policy, strengthen collaboration, and support the development of our national ecosystem.

I am also proud to have been recognised by the Malta British High Commission with the Women and Girls Inspirational Leadership Award in 2023.

At the heart of it all, I remain the same person who values family, connection, empathy, and purpose.

Inspiration

What motivated you to enter the cybersecurity field, and how can we make that journey more accessible and visible to young women today? 

I entered the cybersecurity field in an unconventional way. I wasn’t chosen because of a technical background, but because of my determination, leadership, and ability to bring people together. I’ve never been one to limit myself or accept boundaries placed in front of me — and this mindset opened the door to one of the most rewarding chapters of my career.

My journey truly began when I was entrusted to lead Malta’s National Cybersecurity Awareness and Education Campaign, a role that allowed me to express creativity, think differently, and break norms to ensure our message reached every part of society. That opportunity unlocked a new passion, and from there my role kept evolving — from coordinating national‑level cybersecurity initiatives, to shaping EU‑level policy engagement, guiding strategic projects, and managing the work of the National Cyber Security Coordination Centre. Each step reinforced that cybersecurity is far broader than technical work alone; it is strategic, human‑centric, collaborative, and deeply impactful.

When we speak about careers, society tends to highlight the traditional paths — the accountants, the lawyers, the business leaders. But cybersecurity is often only visible when something goes wrong, and usually through the stories of people with bad intentions. We need to change that narrative.

To make this field more accessible and appealing — especially to young women — we must show that cybersecurity is not one pathway. It is a world made up of policy experts, investigators, communicators, educators, analysts, legal minds, project managers, and strategists. There is space for creativity, leadership, empathy, and the ability to connect people and build communities. These are all skills that women often excel in, and they are essential to national and international cyber resilience.

My hope is that by bringing more visibility to these diverse roles, and by sharing real stories — including my own — we encourage more young women to recognise that cybersecurity is not only a technical fortress; it is an ecosystem. One where they can belong, thrive, and lead.

Career Growth

Beyond technical knowledge, which soft skills - such as teamwork, problem-solving, or ethical awareness - are most valuable in your day-to-day work? 

Beyond technical expertise, I believe soft skills are the true backbone of effective work in cybersecurity. No one succeeds alone, and I genuinely live by the idea that no person is an island. Teamwork is at the heart of everything I do — collaboration, trust, and shared responsibility are what keep complex national and EU‑level projects moving forward.

In my day‑to‑day work, the soft skills that matter most include teamwork as Cybersecurity is a collective effort whereby success depends on how well people communicate, support one another, and work toward a shared goal; problem-solving whereby every day brings new challenges and being able to think critically, adapt quickly, and find solutions under pressure is essential; responsibility and accountability whereby taking ownership — of tasks, decisions, and outcomes — builds trust and credibility across teams and stakeholders; ethical awareness as cybersecurity is rooted in trust whereby ethical decision‑making guides how we serve the public, protect systems, and handle sensitive information; and values‑driven leadership whereby holding firmly to life values such as integrity, respect, fairness, and transparency shapes how I lead and how I expect my team to operate.

These skills don’t appear in isolation — they work together, with different ones taking centre stage depending on the situation. Some days require empathy and communication; others require resilience, ethics, or structured problem‑solving. But ultimately, it’s this interplay of soft skills that allows a team to function, grow, and deliver meaningful impact.

Memorable Achievements

Share a project or moment that reflects the impact of your work. 

Throughout my journey, I’ve had several moments that made me truly appreciate the impact of my work. Some projects stay with you — like the ones that, even four or five years later, people across the community still refer to with pride. Launching the first-ever national cybersecurity conference, CYBER ROOT, and building Malta’s first national cybersecurity community were defining milestones, because they created spaces for people to learn, connect, and grow together.

But my most memorable achievements aren’t only tied to events or projects. They are the moments when I see people in my team being recognised, when new faces join the cybersecurity field and start finding their voice, and when our work opens doors for others. Watching people grow — professionally and personally — is one of the greatest rewards of leadership.

And if I’m honest, the biggest impact has been personal: the day my daughter told me that when she grows up, she wants to do the same work I do. That was the moment I truly understood what representation means. It reminded me that the work we do doesn’t just shape a sector — it shapes the next generation.

​Challenges

How do you stay ahead in a competitive field, and what obstacles have you overcome? ​​

Staying ahead in such a fast‑moving field requires intention. For me, it starts with surrounding myself with knowledgeable, inspiring people, and never hesitating to create discussions, challenge ideas, or ask the difficult questions. I constantly push myself into projects that may initially fall outside my comfort zone — not because I already master them, but because I know they are opportunities to learn, grow, and expand my capabilities.

Like many women in leadership, I’ve faced moments of being underestimated, or having my assertiveness misinterpreted. At times, a woman’s confidence can be labelled as arrogance, and her ambition as insensitivity. These perceptions can create barriers that men rarely encounter. But experience has taught me this: once you earn respect through your work, values, and consistency, the journey becomes easier.

The key is to believe in yourself even when others hesitate, and at the same time remain open to constructive criticism. Growth comes from balancing self‑confidence with humility — knowing when to stand firm and when to listen, learn, and adapt.

In the end, staying competitive isn’t only about technical knowledge. It’s about mindset: being curious, being brave enough to take on new challenges, and refusing to let outdated perceptions define your potential.

​​Work-Life Balance

How do you manage the demands of career and personal life?

For me, work‑life balance begins with passion. When you truly care about what you do, it naturally demands a lot of your energy — but it also gives you purpose. That’s why it’s essential to surround yourself with people you trust, people who are strong, capable, and aligned with your values. When you empower others and create a team that carries responsibility with you, it opens the space you need to take care of your personal life.

I’ve learned that balance doesn’t come from trying to do everything yourself, but from building a support system — both at work and at home — and allowing yourself to rely on it. Leadership is not about carrying all the weight; it’s about enabling others to excel so you can all move forward together.

And yes, when your work is driven by passion, the sacrifices feel less heavy. But passion should never replace your well‑being. It’s important to recognise when to pause, when to prioritise family, and when to recharge. That awareness is what truly sustains a healthy balance in the long run.

​​​Personal motive

What’s your personal motto, or favourite motivational quote, that can also inspire the younger generation to follow studies and a career in an ICT / Cybersecurity field? 

I don’t have a motto that is specific to cybersecurity — mine is about life, and it guides everything I do: “Do whatever makes you feel proud of yourself, every single day.”

To me, this means choosing paths that align with your values, pushing yourself beyond what you think you can do, and never letting fear or uncertainty stop you from trying. It’s a reminder that your journey should make you feel fulfilled — not society, not expectations, but you.

And that’s the message I hope young women take with them as they consider a future in ICT or cybersecurity: Follow the path that excites you, challenges you, and makes you feel capable and empowered. If it brings out the best version of you, then you’re already on the right track.

Future

Which emerging areas in cybersecurity, such as AI security, data protection, or social engineering, will be most relevant for the next generation of professionals entering the field? And what role can gender diversity and inclusion play? 

Several emerging areas will shape the future of cybersecurity, but social engineering is undoubtedly one of the most critical. As our technical systems become increasingly robust, attackers shift their focus to the human element — exploiting emotions, trust, and behavioural patterns. With the rapid advancement of AI, these attacks are becoming far more sophisticated. AI enables criminals to craft highly personalised messages, mimic voices and identities, and manipulate people with unprecedented precision. Cybersecurity is becoming as psychological as it is technical.

AI security will also be central for the next generation: defending against AI‑driven attacks, ensuring trustworthy AI systems, and addressing risks such as data poisoning, deepfakes, and automated exploitation. Equally important is data protection, as the volume of personal and sensitive data continues to grow and regulatory expectations tighten.

But the future of cybersecurity will not be defined by technology alone — it will be shaped by the people behind it. And this is where gender diversity and inclusion play a transformative role.

Cybercriminals are evolving, and so must our defenders. We need a wider range of skills, perspectives, and cognitive approaches to understand how people are manipulated, how systems fail, and how society responds. Attributes that may be more prominent or intuitive in one gender — such as empathy, communication, emotional intelligence, risk perception, and collaborative problem‑solving — are becoming increasingly essential in tackling social engineering, user awareness, policy development, and resilience‑building.

Downloads:

- Ms. Katia Bonello Role Model Poster

Share On: