Women in IT Security, Advocates

Vandana Verma: Broadening the diversity aperture

Vandana Verma is OWASP Foundation and InfosecGirls.

Increasing the number of women – and women of color specifically – is critical for the cybersecurity market to thrive, said Vandana Verma of the OWASP Foundation and InfosecGirls. But she also believes it’s not enough. 

“People have started talking about diversity, but it's not just about growing the number of women,” she said in an interview with SC Media. “It’s about people from different domains.” 

Click here for complete coverage of the 2020 Women in IT Security

Consider, she says, how valuable a psychologist could be in the cybersecurity realm, given how often bad actors prey upon human nature. Or consider lawyers, who can understand legal considerations that emerge after a cyber breach or ransomware attack. Or consider how many journalists have transitioned to the world of cybersecurity threat intelligence. 

“On the surface these professions seem related nowhere, but the approach and tactics are so valuable,” Verna said. “We talk about a skills gap in cybersecurity, but I believe that can be fulfilled” by expanding the purview of what is deemed the cybersecurity talent pool. She also points to the benefit of international perspective.  

“I have learned that in every country, the culture is different, the people are different, the way they think is different,” she said. “Cybersecurity remains the same, but the way people play around with cyber security is totally different.” 

Verma herself fell into cybersecurity in 2005 in India – “at a time when cybersecurity was not really considered a career” – thanks to what she calls a bit of serendipity. Working in IT consulting, she was asked to support a project onsite that involved security monitoring. She accepted and learned, and at the recommendation of a colleague, became more active in the cybersecurity community that was only just beginning to develop. 

“So, you talked about this word advocate, and that I can be an advocate about cybersecurity; I never thought so to be honest,” Verma said. “But the community showed me that there is always light after this tunnel, and I can reach that light and be the light for somebody else.”    

In the 15 years since, Verma has worked with security teams at IBM, Accenture and Time Inc. of India. But among her proudest achievements came with the recognition that women in cyber needed their own communities to thrive.

She established InfosecGirls to “inspire curiosity among women in technology about the realities of information security,” as the mission states, and gradually created chapters throughout India – in Bangalore and Pune and Mumbai, as well as less developed areas like Bhopal. The group has since gone global, with chapters in Italy and New York. And among the many hats she wears with the OWASP Foundation, Verma is the Asia lead and secretary for its Women in AppSec. 

Said Verma: “That gives me a platform where yes, I can be a leader locally, I can be a leader globally.”  

Jill Aitoro

Jill Aitoro is senior vice president of content strategy for CyberRisk Alliance. She has more than 20 years of experience editing and reporting on technology, business and policy. Prior to joining CRA, she worked at Sightline Media as editor of Defense News and executive editor of the Business-to-Government Group. She previously worked at Washington Business Journal and Nextgov, covering federal technology, contracting and policy, as well as CMP Media’s VARBusiness and CRN and Penton Media’s iSeries News.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.