These five women have exerted influence on a variety of
cybersecurity issues — from policy, awareness training and legislation to R&D and regulatory compliance.
vice president, research and development, Arctic Wolf Networks
When she started university studies as a math major 20 years ago at the University of Lethbridge in Alberta, Canada, Dinah Davis thought she would pursue the traditional track for a woman – a career as a math teacher, as suggested by her high school career counselor.
“One of the great things about my undergraduate years at Lethbridge was that they encouraged us to take a lot of different courses outside of our major, so I took as many courses in computer science that I could,” Davis says. “Over time I discovered that computer science fit in nicely with the way my brain works in terms of a problem-solving approach.”
Davis also was exposed to cryptography as part of the internships she did with the Canadian government during her undergraduate years at Lethbridge. Later on as a graduate student at the University of Waterloo, Davis earned a master’s degree in mathematics majoring in cryptography.
After graduation, she worked for eight years on the development team at BlackBerry that focused on security.
“I was part of the team that made BlackBerrys secure enough that government agencies and corporations would use it for their most sensitive data,” she says.
Today, she heads up the team at Arctic Wolf Networks that’s building the underlying platform for the company’s SOC-as-a-Service offering.
Davis has also become a major advocate for encouraging women to pursue careers in STEM fields. She founded Code Like A Girl, a publication that supports women in tech, guides allies on how they can help, provides resources for parents and teachers for getting girls involved in tech, and works to change perceptions of women in technology.
“On one of my previous jobs, I had a misogynistic boss and I decided to leave,” she says. “I started blogging about my experiences and it turned into the site that exists today where we now have 40,000 followers and up to 3,000 unique views a day.”
Davis has also been planning to bring many female keynoters to the CyberCity Conference in the Waterloo area in October. She says that with so many open jobs in cybersecurity, it makes sense the industry should steer women into a career in that field. Davis wants to promote the Waterloo Region as a cybersecurity hub along with its existing reputation as tech hub. “We have a female keynote speaker yet to be announced and are also looking into running a blind CTP event so that gender will have no play in who we choose to speak at the conference,” Davis says.
“I am not a fan of Women In Security panels where they talk about being a woman in security. That story has been told already,” she says. “We want to see women in security speaking about security so that they become role models for other women and men in the audience.”
The security field offers a career path where people can start off as an entry-level analyst and work their way to becoming a security engineer or researcher, says Davis. In fact, she points out that a Deloitte study identifies something like 20 different titles within cybersecurity.
“There are a lot of ways people can get involved, they don’t have to have a math background like me,” she says. “People can participate in various capture-the-flag events both locally and online, take a college program geared towards cybersecurity, or simply do reading on their own.” – Steve Zurier
Angela Davis Dogan
director, vendor risk and compliance services; member, executive strategy team, Lynx Technology Partners
Angela Davis Dogan’s contributions to the field of cybersecurity can be neatly summed up as a combination of “Risk” and “Reward.”
As director of vendor risk and compliance services for infosec company Lynx Technology Partners, Dogan develops third-party risk management programs for enterprises and public sector organizations, allowing them to mitigate threats that often arise when sharing data or systems with business partners.
Then, in her spare time, she mentors underrepresented women and minority youths in the Greenville, South Carolina area, encouraging them to reap the rewards of a career in cybersecurity.
Dogan has devoted 16 years to helping companies combat third-party risk. She presently serves on the Steering Committee of the Shared Assessments Program, a global member-led organization with a mission to drive third-party risk assurance via best practices, training and technology. Dogan also chairs the organization’s Standardized Controls Assessment Tool Development Committee, which aids in the advancement and adoption of emerging risk management solutions.
The Shared Assessments Program is managed by the Santa Fe Group, a strategic consulting company where Dogan worked as senior project manager from 2013-2017. During this time she helped guide the development of best practices and resources that were ultimately integrated into leading organizations’ vendor risk management frameworks. Before that, she was a vendor auditor with Resurgement Capital Services, a manager and servicer of consumer debt portfolios for credit grantors and debt buyers.
Dogan also serves on the Cloud Security Alliance’s Cloud Controls Matrix Working Group, assisting in the organization’s efforts to further enhance its cloud security framework for the past three years.
Last year Dogan received an Outstanding Service Award from the International Consortium of Minority Cybersecurity Professionals (ICMCP), where she volunteers in an effort to grow the cyber workforce through diversity initiatives. She is a current member and past director of the organization’s Corporate Events Committee and has assisted in the development of its K-12 outreach program. Dogan is also a member of Techgirlz, Women in Cybersecurity (WiCys) and Women In Technology (WIT).
A grandmother of four, Dogan says her personal goal is to one day develop a third-party risk management curriculum for students. – Bradley Barth
Atefeh (Atty) Mashatan
director, cybersecurity research lab, professor, information technology management, Ryerson University
Dr. Atefeh (Atty) Mashatan may have settled into life as a professor at Ryerson University in Toronto, where she focuses on information systems security, cryptography and combinatorics, but she previously had an extensive career on the front lines of the cybersecurity field.
Mashatan’s co-workers nominated her based on her leadership and efforts in advancing the industry, as well as academic partnership with focus on cybersecurity. In her current role she “has been a tireless innovator and leader…for development of talent through mentorship and broader society in advancement of trust in technology through cybersecurity.”
Mashatan’s care and dedication to her subject matter is also obvious to many of her students who gave her a series of glowing reviews for the most recent semester.
“Professor Mashatan clearly cares about her students. She was always willing to help me and others after class. Her level of expertise and knowledge is evident in her teaching and she is able to clearly articulate the material. Tests and assignments were difficult but fair. They helped me gain new knowledge about information security,” said one student.
Prior to Ryerson, from 2012-2016, Mashatan was with the Canadian Imperial Bank of Commerce as a senior information security consultant and solutions architect and led the evaluation of newly proposed and existing security systems while providing subject matter expertise related to threat and risk management. The preceding three years were spent as a scientific collaborator at the Security and Cryptography Laboratory of the School of Computer and Communication Sciences, EPFL (Swiss Federal Institute of Technology, Lausanne) where she conducted research on design and analysis of cryptographic protocols.
She is a Certified Service Oriented Architect (SOA) with honors and obtained the Certified Information Systems Security Professional (CISSP) certification from International Information Systems Security Certification Consortium (ISC2) in 2015. – Doug Olenick
project lead, governance and policy, Centre for Cybersecurity, World Economic Forum
Devout ice skating fans might recognize Algirde Pipikaite as a former Lithuanian champion skater, but over the last 15 years, she’s also distinguished herself in cybersecurity, summoning legal, technical and business knowledge combined with prudent and pragmatic risk-taking to tackle complex issues and influence the advancement of cybersecurity in both the private and the public sectors.
Perhaps it is her fluency in chess – she’s a champion in that as well – that makes Pipikaite a successful and respected strategist in the security sector. As project lead of governance and policy at the Centre for Cybersecurity at the World Economic Forum, Pipikaite works closely with investors – bringing together leaders from the likes of S&P Global and Moody’s – to tease out new market incentives that will help make security a priority in technological innovation. By pushing for security to be backed into software, resulting in less vulnerable offerings, Pipikaite strives to shrink the cyberspace attack surface.
She came to the World Economic Forum from CyberSponse, Inc., where she was the vice president of information risk. Her journey to cybersecurity started with work on a variety of international development and security projects that included the launch of a community-driven group for incident responders.
Billed as a digital transformation and cybersecurity policymaker, Pipikaite holds an MPA from the Harvard Kennedy School of Government, an LLM from the University of Lausanne, Switzerland and a B.A. from Mykolas Romeris University in Lithuania. – Teri Robinson
senior VP, cyber operations, KnowBe4
As a cyber threat analyst who supported cyber operations in the Central Intelligence Agency for more than a decade and a veteran of the Iraq war, Rosa Smothers has built up a portfolio of skills and experience – much of which can’t be disclosed for national security reasons, though one supporter said her CIA work qualified her as “an all-out badass” – that make her an influential player in the cybersecurity industry.
At KnowBe4, where she’s senior vice president of cyber operations, Smothers conducts internal investigations that bring her research and forensics experience to bear – and showcases her ability to work with external subject matter experts in coordinated efforts to determine attack attribution.
Her extensive research into FedRAMP and contract-specific work shaped KnowBe4’s plan to become the first, and what is currently the only, security and awareness training platform in the FedRAMP marketplace. Exemplary of her influence is her work with two lobbying firms in Washington to help boost federal cybersecurity legislation.
Smothers puts in considerable time with lawmakers on Capitol Hill to develop cybersecurity working groups and caucuses aimed at tackling cybersecurity issues and has provided input to various committees across different industries that touch on cybersecurity. Her efforts have paid off and she’s lauded for increasing lawmakers’ understanding of the importance of security awareness training and simulated phishing to help mitigate cyber threats.
She is generous with her time in helping women understand their value and improve their status within the cybersecurity industry and cultivating the tools and confidence for them to develop persuasive and assertive skills. She has mentored countless women and was tapped as a designated mentor during her tenure at the CIA. Smothers also is a member of Women in Defense, aimed at advancing women in national security. – Teri Robinson