International Women's Day: Women in security weigh in
International Women's Day: Women in security weigh in

Another trip around the sun, another International Women's Day. Women in cybersecurity have accomplished some amazing feats and bringing their talents to bear. The industry still has a long way to go to achieve true diversity, though. Today, SC Media is highlighting women who have made their mark in cybersecurity. SC will be rolling out interviews with women throughout the day, so check back frequently.

Laura Lee, executive vice president of cyber training and assessments at Circadence

SC Media: How did you come to develop the first ever Cyber Protection Team Crew Operations Manual for U.S. Military and National Guard Teams? 

LL: When I was tasked by USCYBERCOM to evaluate Cyber Protection Teams in 2013, I was literally given an old-fashioned clipboard with one check box “Perform Defensive Cyber Operations”.  They wanted me to evaluate 25 teams with that criteria alone!  I spent the next year analyzing what makes a “good team” and then developing metrics for that.  On Feb 14, 2014, NIST published the Cybersecurity Framework and I wondered if everything I learned fit that standard.  I spent a couple of months trying to fit scraps of paper that I received as “best practices” from professionals in the field to that standard to see if there were gaps. That became the first ever Crew Manual. I sent drafts to every National Guard team out there and some states (Georgia in particular) answered the call and I became the editor of that document.  It really is the hard work of many military (National Guard and Reservist and Active Duty). As a result, they gave me my hacker handle, Cyber Queen, so my license plate is CYBQWN. Geeky, I know, but a true story of two long years crowd-sourcing a document.

SC: What projects are you particularly proud of? Why?

LL: I am most proud of our on-line gamefied cybersecurity training platform called Project Ares that I was privileged to led 2.5 years ago.  I decided to take on the project (leaving my comfort zone), because it was a chance to scale cyber training on a massive scale.  This also allowed me to pursue my passion of bringing a capability to people of all ages, experiences and genders.  To me, it is like life before when given volumes of an encyclopedia to now, with everything at your fingertips on line.  With Project Ares, we allow people of all ages and types to log on, explore and learn at their own paces.  It lets each person build confidence with challenges and support through Artificial Intelligence.  It levels the playing field making the only criteria ---- intellectual curiosity.

SC: Who/what has mentored or influenced you during your career?

LL: In my career, I have been fortunate to have an amazing mentor that I met when I was 27 years old and about to have my first child. My company at the time was old fashioned and looked for ways for me to “pause” my activities and my planned promotion. My future boss/mentor asked if I wanted to join him (on a task that we had been working for some time) and I told him I did, except that I was 8 months pregnant.  He said “So, you take the time you need”.  It didn't matter to him.  I joined him when I was about to deliver my first child and took 3 months off to write software (while changing diapers) – it was wonderful.  I ended up having two more children and a rich career learning from him.  I worked for him for over 20 years until he died of ALS.

SC: Could you speak to being a woman in this field -- opportunities and challenges?

LL: What I love about cybersecurity is that you never stop learning (it's never boring) and you can work from everywhere – hey, it is the internet, so it was perfect for me as a single parent of 3 young children.  I remember telling my oldest child, a daughter, that a flexible work schedule was one of the best advantages of this field.  She went on to the University of Pennsylvania (double major in Mechanical Engineering and Computer Science) and a Masters in Computer Science at Harvard.  She works for Amazon in the security of the Internet of Things (IoT), There are so many opportunities to be challenged and you can balance family life – it is the perfect opportunity and challenging career.

SC: How have things changed for women in cybersecurity over the past few years?

LL: Information and opportunities in cybersecurity are now much more prevalent than ever before.   The challenge I see is that young people don't always know what the field is and teachers don't always have the opportunity to train in this specialty to teach them.  Fortunately, there are some great new programs at middle/high school, such as Securing our E-City competition,http://socal.cc , that is working to offer hands-on opportunities at all ages.  I believe that when young women are exposed to this fascinating career where the analytical challenges never end, they will never think of any other opportunity.

Farrah Vijayan, senior technical product manager, STEALTHbits Technologies 

SC: What lessons did you learn from your biggest challenges/hurdles?

FV: Some of my biggest challenges in my career have revolved around people. In a software development organization, at the end of the day, we all have to work together to deliver the best products to our customers. That's not accomplished by a single person, but an army of people, different teams of people who have to work together, each playing a unique role in the software development process. But we're all human, and have differences in opinion and approach. And that's ok! And that was one of the most difficult things to comprehend. It sounds straight forward, but when it comes to real business and decision making, it's sometimes not that easy, I've learned though how important it is for people to put their differences aside, be open minded, and willing to compromise. 

SC: Who/what has mentored or influenced you during your career?

FV: I've been extremely lucky in the opportunities I've been presented with, and the team of people I am able to work with on a daily basis. I think where I'm luckiest though is with leadership. I have always had great bosses who have seen potential in me, invested in me and helped me find professional growth, and have been encouraging throughout it all. These individuals have always offered me advice, and have helped shape me into the professional I am today.


Juliet "Jules" Okafor, SVP, Global Security Solutions

SC: Could you speak to being a woman in this field -- opportunities and challenges?

JO: I tend to see the world as it could be, so while I have faced tremendous challenges while building my career in security, it has not shaken my warrior spirit.  Success in this industry as a woman requires more than just talent, it requires grit – the ability to persist despite all obstacles, because there will be many.

As a woman, I feel like I must constantly prove my value – to earn the big projects, assume positions of leadership, lead teams and become trusted to make the big decisions. Each day, in different ways my value is tested through the lens of men. Often, the important conversations happen behind close doors, the rules of engagement are unspoken, the scores unwritten and yet every point counts.  I find that my that talent alone is not enough. As an attorney, people assume I am smart. The key to demonstrating my value has been in building the right internal and external relationships, holding myself to the highest standards, focusing on the needs (and drivers) for our business and blazing a trail in every project, in a way that no man could.

I have turned my challenges into opportunities to be a better woman. In doing so, by simply being the best me I can be, the opportunities for my career are endless.

SC: What's your best advice for women in the field or interested in entering the field?

JO: My advice for women seeking to enter this field is twofold: (1) Find a woman you admire and make her your sponsor. Beyond mentorship, you want to find someone who will be responsible for your entry and success in this industry. Seek her out, ask for her time and then let her know why she should help support your career. These relationships are two-way street, so young women should be patient, but persistent and be prepared to give of themselves too. (2) Do a self-assessment of your skillset. It's one thing to want to enter the field, its another to understand your strengths and weaknesses, research perhaps where they would be a good fit or fulfill a major need and have a plan of action.


Maggie Louie, CEO, DEV/CON DETECT

SC: What projects are you particularly proud of? Why?

ML: Our recent index report on the top ranked news sites. Because benchmarking anomalies not only gave a sense of the size of the problem, but also the areas of greatest risk.

SC: Who/what has mentored or influenced you during your career?

ML: The most influential figure in my career and life, is Richard Feynman. Though brilliant, his ability to remain curious and in awe of the unknown, has always been a guiding virtue.

SC: What lessons did you learn from your biggest challenges/hurdles?

ML: After hiding the fact that I was gay, for many years, for fear of judgement and unconscious bias, I did finally “come out” in my professional and personal life. I learned that controlling how people responded to that, wasn't really my job and that to be authentic was my job.

SC: Could you speak to being a woman in this field -- opportunities and challenges?

ML: Tech, in general, is a bit of a bro-club, even fewer women in cyber. Lots of man-splainers and garden variety “put-down artist,” the opportunity for me, as a CEO, is to hire smart women programmers and engineers, and create a culture that doesn't tolerate conscious or unconscious bias.  

SC: How have things changed for women in cybersecurity over the past few years? 

ML: The emphasis on closing gender gaps has been big in terms of funding, wages, opportunities, but we still have a long way to go.

SC: What's your best advice for women in the field or interested in entering the field?

ML: Send me your resume.  But also, don't be afraid to compete and don't apologize for being a badass. Don't downplay how much work you put into being that either.  

SC: Where do you think the best opportunities lie for women in the coming years?

ML: Leadership, shaping a new paradigm for how we think about work and how humanity interests our professional and personal lives. 


Julia Cline, vice president of product marketing, Rubicon Labs 

SC: What lessons did you learn from your biggest challenges/hurdles?

JC: “Never shy away from a challenge. Some of the biggest lessons and opportunities in my career have come with the biggest hurdles. A consumer product was stacking up in a warehouse unable to ship because of a potential defect found after shipping started. Nobody wants to be in the middle of stopped shipments. But, the ability to think outside the box and come up with a solution using only parts and software already built was definitely one of the most rewarding experiences. If there is a problem at hand, step in.”

SC: Could you speak to being a woman in this field -- opportunities and challenges?

JC: “I hear so many stories from women who have a great idea, yet their voice just isn't heard around the table. There is never just one perfect solution; if your voice isn't heard the first time, keep trying. Speak up and don't give up! All opinions need to be considered. “ 

SC: What's your best advice for women in the field or interested in entering the field?

JC: “With money to earn, the attackers will never stop trying new types of scams. And, those of us, women and men in the cybersecurity field, need to continually find new methods to stop them. No one person can do it alone; we have to work together with a variety of mindsets to be successful.”

SC: Where do you think the best opportunities lie for women in the coming years?

JC: “The typical caricature of someone in cybersecurity is a man behind a screen in a dark room. But security has changed. It isn't just protecting a few secret codes in a corner. Security is fundamental to how we live our daily lives; think of your connected home, our public infrastructure, and even our service industry.

If you want to make money on something, you need to trust it is not being stolen. Cybersecurity is fundamental to knowing your product is safe and women should play a key part in this across products.

Women are founding companies at a historic rate and the buying power of women is growing. But, if you want to make money on something, you need to trust it is not being stolen. Let's help each other succeed. We have to secure products, so products sell, and enable the money to come back into more women's hands.”


Keenan Skelly, vice president of global partnerships and security evangelist, Circadence

SC: Who/what has mentored or influenced you during your career?

KS: It is hard to pick only one; but Laura Lee, our EVP of Training and Assessments has been such an amazing influence.  As the creator of Project Ares, she has been a true innovator in the space and consistently pushing the boundaries. I have never known a more persistent or prolific woman. She has really inspired me to expand my personal and professional limits.

SC: What projects are you particularly proud of? Why?

KS: Without question, Project Ares.  The first ever online gamified cybersecurity training platform, powered by AI.  Ares addresses all the problems with current training efforts. Scalability, high cost of training, poor skill retention, and simple availability are now a thing of the past. Our Ares team, led by Laura Lee, has redefined what it means train, assess, and exercise in cyber.  I have had the privilege of evangelizing the transformative nature of Ares and seeing first-hand how it is changing our customers' cyberprograms for the better.  

Could you speak to being a woman in this field -- opportunities and challenges?

KS: The time is now for cybersecurity.  The decisions we as a community make in the next couple of years are going to shape the space for decades.  Women are key to this shaping and uniquely skilled in traversing both the strategic and technical hurdles we face.  Women are determined, we are natural critical thinkers, and we bring singular insights to the problems in cyber. 

What's your best advice for women in the field or interested in entering the field? 

KS: Be hungry and ever stop learning.  Cyber is fast paced and ever changing and allows you to continuously recreate your best self.  Accept the challenge. 

Where do you think the best opportunities lie for women in the coming years?

KS: As a Cyber Patriot and Girls Who Code Coach for 12-17 year old girls, I have seen some of the smartest and most skilled coders in this space.  Many of them struggle with the idea of being a computer scientist or engineer and would rather be scientist or doctors.  To me this is a messaging problem.  When a 16-year-old proficient in 14 coding languages is not sure that cyber or computer science is right for her, we need to do better as a community.  That said, I know without hesitation that women are going to be pervasive in this area.  The great thing about cyber is that it transcends traditional work roles.  You can be a Marketer for a cybersecurity company.  You can be the CIO of a F100 organization. You can test the security of critical, live saving medical technologies.  The field is literally wide open.

Shauntinez Jakab, director, product marketing, Virsec 

SC: How have things changed for women in cybersecurity over the past few years? 

SJ: In the Silicon Valley and around the world, more companies have become comfortable with hiring women (and Black women at that) in key Cybersecurity roles and within companies that compete in cybersecurity market. Years ago, you would never receive a call back, or the interview process would be interrupted if you were a female.  Yes, these things happen.

Look into many corporate IT and Security teams today, and you will find females in roles as architects, researchers, directors and even head of security.  Some of the best, most knowledgeable application and network security experts are women. After all, the Pentagon has placed Essye Miller as CISO. I think organizations are getting more excited about the notion of females joining what may still be a male dominated team.  For the high degree of education, attention to detail and professionalism we bring, today, your resume is highly considered and your experience is now less suspicious than it used to be -- if your name is Sally instead of Sam. Honestly, I think they are probably tired of looking at one another.

SC: What's your best advice for women in the field or interested in entering the field?

SJ: To women interested in the field, find the company that is right for you. Not all work cultures are the same.  Some may be dysfunctional and unprofessional, while others are highly pleasant and collaborative. Sometimes, it may take a few different settings to find your place. 

Always be forgiving of others and don't take yourself too seriously. Not everyone can meet personal standards we have established for ourselves. Security teams usually walk to their own beat. Baring harassment of any type, we must not write people off so quickly if we are disturbed by eccentricities. Find ways to overcome differences and work together amicable – and always have fun.   Women do stand out, so stay on top of your game. Cybersecurity requires continuous learning to be up to date and able to discuss relevant topics.  Write blogs and attend events. Take time to read and stay abreast of new technologies, attack types and even how organizations are evolving functions in this area.

SC: Where do you think the best opportunities lie for women in the coming years

SJ: Providing expertise is where the opportunities continue to persist for women. Women can really establish themselves as business and technical cybersecurity experts supporting efforts to improve corporate or national security in roles that span strategic leadership positions, deep technical know-how, like architects, developers, administrators or analysts, and roles that communicate knowledge to the masses. Not all roles require a computing science degree, but the more relevant formal education or experience you have will set you apart. Its starts with what you like to do and the drive to continuously develop your skills in that area.

Luda Luzar, security research engineer at Imperva

SC: What projects are you particularly proud of? Why?

LL: My work is very challenging. One of the things I find most interesting is that I'm constantly challenged to think like an attacker. To learn more about their techniques, tools, practices, and motivations. And the work changes all the time. For every project I'm doing very different things. It's not repetitive. I've been given the opportunity to grow and constantly work on new assignments. From database protocols to deception techniques, and now on malware analysis and insider threat protection. It's changing all the time—it's very interesting and very challenging.

SC: Who/what has mentored or influenced you during your career?

LL: As a kid I always loved science and math. I loved computer science.  So I knew from the beginning, at least from the time I entered school, that I would work in something related to computers and computer science.  But it was in the military where I really found a passion for cybersecurity.

Cindy Valladares, director of corporate communications, Tripwire

SC: What projects are you particularly proud of? Why?

CV: When I started my career in cybersecurity, there was a lot of concern and hesitation to share information broadly – pockets of smaller groups were doing it. I believe it's especially challenging for vendors to contribute to the discussion, given that there is a natural lack of trust. As a result, I'm especially proud of building The State of Security, a blog that has allowed us to contribute to build a community where vendors, security practitioners, students and researchers can find the latest news, opinions and advice on important security topics and become better educated. I'm glad to participate in this community.

SC: Who/what has mentored or influenced you during your career?

CV: I've been grateful to have various wise individuals who have a positive influence on my career. Wendy Nather for her strength, humility and wise words. Javvad Malik for his giving attitude imparting knowledge and his amazing sense of humor. Jenn Leggio, whose cybersecurity career I've always looked up to. Jennifer Sunshine Steffens for teaching me that women can break glass ceilings. Anton Chuvakin who has taught me more than I could ever absorb about cybersecurity. Ann Handley (not in cybersecurity), who teaches me to always be learning.

SC: How have things changed for women in cybersecurity over the past few years?

CV: There is definitely more awareness on the challenges of women in cybersecurity. Women and men are striving to have equal opportunities.