Women in IT Security: Eight Women to Watch
Women in IT Security: Eight Women to Watch

Diana L. Burley is a full professor of human and organizational learning at The George Washington University, and executive director and chair of the Institute for Information Infrastructure Protection (I3P), a consortium of universities, national laboratories and nonprofit institutions dedicated to strengthening the cyber infrastructure of the U.S.

Prior, she managed a computer science education and research portfolio and led the Cyber Corps program for the U.S. National Science Foundation.  She co-chairs the ACM/IEEE-Computer Society Joint Task Force on Cybersecurity Education and, in 2013, served as co-chair of the U.S. National Research Council Committee on Professionalizing the Nation's Cybersecurity Workforce.

Widely cited in the media, Dr. Burley is also an in-demand speaker at industry gatherings, most recently at tech panels hosted by the U.S. Department of Homeland Security's Cyber Security Division, and (ISC)2.

She has been the recipient of a number of awards and honors and has authored 75 publications on cybersecurity, information sharing and IT-enabled change.


Jennifer Stisa Granick is an attorney, educator and the director of civil liberties for the Center for Internet and Society (CIS) at Stanford Law School. A prominent advocate for intellectual property law, free speech and privacy, she has represented a number of high-profile hackers, including internet activist Aaron Swartz.

Beginning her legal work at the state public defender's office, she then became a trial attorney before shifting to a private practice where she specialized in defending cases involving computer crime. In 2001, she also began teaching cyber law at Stanford University. Granick was the civil liberties director at the Electronic Frontier Foundation from 2007 to 2010 and then an attorney at ZwillGen, where she specialized in internet security issues.

Most recently, Granick was in the news for  her work on a case seeking to reveal how the government proceeds in matters of domestic snooping and how it strong arms companies into cooperating with federal efforts to thwart cryptography.


Dawn-Marie Hutchinson, executive director for the office of the CISO at Optiv, recognizes the potential security crisis that complements the growth of the Internet of Things (IoT). As our devices increasingly become tethered to the internet, she says, not enough people are concerned about the security implications – and the risks presented.

"I was blown away to hear most people don't think [the IoT is] really a thing yet," she said in May at Interop during a presentation on securing enterprise infrastructure.

The former head of information security at Urban Outfitter has more than 15 years of achievement in healthcare, retail, technology, and professional services sectors. Her extensive experience in cybersecurity and risk management transfers to the board room where she is fluent in speaking with board members about the risks the company faces so the approporiate decisions can be made to enhance business strategy, improve supply chain operations and manage enterprise risk.


Jeannette Jarvis, director of product management at Intel Security, is a huge proponent of threat intelligence sharing, and she predicts it will rise this year as a primary strategy for mitigating cyberattacks.

"Sharing threat intelligence shifts the balance of power away from the adversaries and back to us, the defenders,” Jarvis said.

“Adversaries have more information about our defenses than we have about their attacks, and this asymmetry significantly influences threat defense effectiveness," she told the World Economic Forum. "Attacks can be tested against security defenses with impunity, whether in laboratories or deployed systems. Preventing attackers from testing against us is very difficult and possibly unsolvable."

Jarvis told the forum that in order to improve our cyber defenses, the industry must cooperate. "Crowdsourced threat intelligence and collaborative analytics help connect the dots and form better pictures of what is happening in the attack landscape. 2017 will be the year in which threat intelligence sharing makes its most significant strides."


Armed with a master's degree in global affairs, transnational security from NYU, Alex Kassirer lent her expertise on the Anderson Cooper 360 show before becoming a terrorism analyst at NBC News as well as a senior analyst, lead on counterterrorism at Flashpoint.

Her ability to dig deep into areas of the Dark Web where most computer users never venture, along with her fluency in Arabic, enables her to keeps tabs on the online presence of jihadists who engage in hacking and cybercrime. This includes Al Qaeda, ISIS and other terrorist movements, as well as nation-state actors. This reconnaissance includes getting vetted to be granted entree into underground forums and then communicating with the actors so as to interpret how they think and might act.

Frequently cited on cyber terrorism issues in the media, she was recently profiled in the The New York Times and was included among "54 Amazing Women" in Glamour magazine.

Sharon D. Nelson is the president of Sensei Enterprises, a Fairfax, Va.-based digital forensics, information technology and information security firm. She is the author of hundreds of articles and co-author of more than a dozen books (published by the American Bar Association). Prominent on bar associations as president and chair, she has served on the ABA's Standing Committee on Technology and Information Systems since 2012.

“Law firms are always scanning the horizon, and cybersecurity is not only a goliath, but it is a goliath that is never going away,” Nelson told an industry publication. “We are here to stay in the digital world, and data is black gold. Data is the new oil, and having seen that, law firms are very responsive.”

She maintains a cybersecurity and electronic evidence blog, Ride the Lightning, and is a co-host of two Legal Talk Network podcast series: “The Digital Edge: Lawyers and Technology” and “Digital Detectives.”


With more than 15 years in the security field, Wendi Whitmore, global partner & lead at IBM X-Force Incident Response & Intelligence Services (IRIS), has diverse experience to arm her in efforts in the global incident response, proactive services and intelligence teams within IBM Services. 

Prior, Wendi was a VP at CrowdStrike Services, where she was responsible for professional service offerings and engagements. That included critical security breach response for Fortune 500 companies and the federal government. She spent six years at Mandiant and prior was a special agent conducting computer crime investigations with the Air Force Office of Special Investigations.

A frequent speaker at industry gatherings, including the fourth annual Women in Cybersecurity Conference (WiCyS), held in May in Tucson, as well as SANS, BlackHat, DoD Cybercrime and the FBI National Infragard Conference, she also has been widely cited in the media on the topics of online privacy and consumer awareness.


After a dozen years as a senior researcher at the National Security Agency, Ellison Anne Williams left to found and take the CEO title at Enveil, a data protection company that uses homomorphic crypto to protect data interactions including search and analytic. Or, as she puts it, "does cool stuff with massive amounts of data."

The company certainly reached an early milestone when it was named a runner-up in the RSA Conference Innovation Sandbox Contest 2017 for its "pioneering work in data security." It was the youngest company to compete in the competition and was selected from a roster of more than 300 startups. “This is the first time in over 20 years of work into homomorphic encryption that this kind of scale has been achieved,” Williams said at the event.

Fortified with masters degrees in mathematics and computer science, and a Ph.D. in mathematics, Ellison Anne Williams in 2009 authored The Use of Neural Networks in Intrusion Detection