To mark this year's International Women's Day, Dark Reading went with a mix of new and "old."
We have been publishing lists of "Women in Security You Should Know" since 2018. For our latest installment, we reached out to some who we've previously highlighted to see what they are up to now. No surprise, their stars continue to rise, as they now occupy senior leadership roles across a variety of companies. We also added a batch of new names to this year's list, and we look forward to seeing what new trails they blaze in the days and months to come.
In addition, we partnered with our sister teams in the cybersecurity group at Informa Tech — Omdia Research and Black Hat — to talk about what IWD means to each of us. The messages in this video touch on this year's theme of breaking the bias. While some of us focused on technology and cybersecurity, you will also hear messages about how we can work together to reshape the world.
Building for a Better Tomorrow
Another IWD theme this year is “gender equality today for a sustainable tomorrow.” We agree wholeheartedly. Diverse teams lead to diverse viewpoints, which, in turn, manifest in better products and services, better ways to empathize and respond to user needs, and opportunities for innovation across the board.
Women make up just 25% of the cybersecurity workforce, according to a recent (ISC)² report. It's better than years past, but we can do better. As we focus on bringing more women into the industry, we acknowledge the role women have played over the years to help shape the cybersecurity landscape. Window Snyder, Joanna Rutkowska, Katie Moussouris, Justine Bone, Jennifer Steffens, Eva Chen, and Chenxi Wang are among the pioneers in the industry who continue to make their mark.
We've also come a long way since a grassroots movement led by Chenxi Wang and Zenobia Godschalk after the 2014 RSA Conference thankfully helped end the what-used-to-be-common practice of using "booth babes" — or models in scantily clad attire stationed at vendor booths — at trade shows and other events across the cybersecurity industry. We are seeing conscientious efforts to address overt denigration and objectification of women, as well as mindfully name more women security professionals as speakers and advisers.
Today women hold high-profile CISO positions. Last year, for example, Jen Easterly became the first woman named as director of the Cybersecurity and Infrastructure Security Agency (CISA).
Representation matters, and we want to note that there's still more work to do to break the bias that deters women — and people of color — from entering the security field and advancing their careers.
How We Can Be Better
But this is no time to rest on our laurels. As long as we still have International Women's Day, we have to continue improving.
For Dark Reading, diversity, equity, and inclusion is a year-round endeavor, as we speak with a variety of security professionals every day. We elevate the exciting work women are doing without worrying about whether it's Women's History Month. A perennial favorite is the conversation with Google's Camille Stewart on the glass ceiling.
We also try to avoid using the stereotypical stock image — that of a hooded figure (implication being male) leaning over a computer — on our site. This is a bit of a small thing to mention, we know, but it's important to use more images showing women leading meetings and doing cool things to help normalize the idea of what a security professional looks like.
However, we recognize that we have been a bit hit-or-miss on who speaks at our industry events. While we've had the likes of Adobe CISO Shannon Lietz and Tresa Stephens from Allianz Global Corporate and Specialty (AGCS), we would like to do more. Interestingly, we've noticed that when we reach out directly to women across the industry, many decline. Perhaps they are already too busy with their daily jobs and don't have the support from their organizations to take the time to speak at events. Or maybe we are not offering the right opportunities. Regardless, it's something we want to improve on.
We have a request of you, too. When we ask for introductions to interesting security professionals — whether it's what they're doing or with interesting perspectives, please don't serve up the same names. Look at your teams and help us elevate the voices we don't get to hear from normally.
So on this International Women’s Day, we call for the infosec industry to:Pay women salaries equal to men.Hire more women for CISO positions.Remove biased programs and societal "norms" that discourage girls and women — and people of color — from pursuing technical curriculum and careers.Raise the profile of women on your security and research teams so girls and women have representation and role models that inspire them to pursue careers in security.Acknowledge and eradicate biases that either consciously or unconsciously discriminate against women.
Remember: When late U.S. Supreme Court Justice Ruth Bader Ginsburg was asked how many of the nine judges on the Supreme Court should be female — and at what point there would be enough women on the bench — she said, "When there are nine." Why not? As she noted, "Nine men was a satisfactory number until 1981."