Today, March 8, is International Women’s Day. With March also being Women’s History Month, there has never been a better time to celebrate the women in cybersecurity who continue to be influencers, thought leaders, and innovators.
Here are the top 15 women in cybersecurity, arranged in no particular order:
Window Snyder is the CSO of Fastly and the co-author of Threat Modeling, a manual for security architecture analysis in software. She previously worked for five years at Apple, developing their security strategies and features for the OS X and iOS. She also served as Chief Security Something or Other (in her words) for Mozilla, and as a senior security strategist at Microsoft.
Lesley Carhart is the Principal Threat Hunter at Dragos, Inc. where she faces off against digital theft, hackers, and infections every day. Few people could claim the practical experience she’s had over two decades; she worked as the Security Incident Response Lead at Motorola Solutions until January of this year.
Niloofar Howe is the Chief Strategy Officer at RSA, handling direction of one of the most prominent cybersecurity firms in the market and working to incorporate the needs of clients of all sizes. She previously worked as the Chief Security Officer at Endgame. Why the RSA Conference didn’t ask her to speak is more than a little baffling.
Ann Barron-DiCamillo is the Vice President Cyber Threat Intelligence and Incident Response at American Express. She has nearly 20 years of experience, having served as a member of the Board of Directors at FS ISAC and as Director of US CERT (Computer Emergency Readiness Team) at the Department of Homeland Security responding to major incidents on a national level.
Independent consultant, Cyber Connector, Cybersecurity and Information Governance Attorney, Former General Counsel—it might be easier to list what Christina Ayiotis isn’t. She also provides strategic and operational consulting involving cyber risk management and incident and breach response.
Runa Sandvik is the Senior Director of Information Security at the New York Times, where she helps keep the newsroom secure and teaches digital security to journalists. She’s a technical advisor to the Freedom of the Press Foundation and a member of the Black Hat Europe Conference review board.
Katie Moussouris’ reputation was cemented when she pioneered the first bug bounty program at the Department of Defense as well as Microsoft. She was the Chief Policy Officer at HackerOne and is now the Founder and CTO of Luta Security, which helps businesses and government agencies work with hackers to better defend themselves. She’s also a frequent public speaker.
The Editor of Infosecurity Magazine and one of our favorite voices on Twitter, Eleanor Dallaway has over eight years on the job running one of the largest and most respected cybersecurity publications in the world. Between interviewing industry professionals and keeping the website up to date with the latest cybersecurity headlines, she truly is in the thick of things.
Google’s own “Security Princess, Guardian of Stability” and the Director of Engineering for Chrome, Parisa Tabriz has over 10 years of experience at one of the largest and most famous technology companies in the world helping to make the internet a safer place. She’s a former consultant for the United States Digital Service.
The Director of Content at the MISTI Training Institute, Katherine Teitler leads the content direction for MISTI’s cybersecurity business, researches InfoSec content, manages new and existing security conferences including the InfoSec World Conference. She’s a major influence in the field.
Joyce Brocaglia is the Founder and CEO of Alta Associates, a boutique executive search firm specializing in information security, risk management, and privacy, which has been in operation since 1986. Joyce is also the Founder of the Executive Women’s Forum on Information Security, Risk Management and Privacy—the largest member organization serving emerging leaders and the most prominent and influential women in cybersecurity.
The Head of Security at Tendermint, and the former Security Empress for 1Password, Jessy Irwin is a human-centric security practitioner. Her work focuses on encouraging better interactions with users, making cybersecurity accessible and comprehensive. She is a prolific speaker and published writer advocating human-centric cybersecurity; in her eyes, people shouldn’t have to become experts to be safe.
Amy Howland is the Chief Information Security Officer at CSRA INC. CSRA formed in 2015 when SRA International and CSGov merged to become the “world’s largest pure-play U.S government solution provider.” Amy has more than 20 years of experience in cybersecurity. She was previously the Director of Cybersecurity at Blue Canopy.
With three decades in security experience in both the private and public sphere, Mischel Kwon founded MKACyber in 2010, a security consulting firm that assess and builds security operations centers. She was the deputy CISO for the Department of Justice, building and deploying the first ever Justice Security Operations Center (JSOC). Her experience also encompasses application development and network architecture.
Masha Sedova is the President and CSO at Elevate Security, which delivers adaptive security training utilizing behavioral science.She is the Former Senior Director of Trust Engagement at Salesforce, raising awareness of phishing campaigns and building security engagement teams. She is an industry-recognized expert who has appeared at Black Hat, RSA, ISSA, and SANS conferences.
This list barely scratches the surface of the women in cybersecurity—plenty of exceptionally talented and experienced people had to be cut to keep the article a manageable length. But even so, there is still a significant gap in representation in the industry. Women in cybersecurity make up only 11% of roles in the field, which is truly appalling. Not only does the lack of female voices limit the effectiveness of cybersecurity solutions, it also demonstrates a regressive attitude in the tech fields that needs to be corrected if we are to move forward.
In short, we need more women in cybersecurity. Full stop.
Latest posts by Ben Canner (see all)
- Why Behavioral Analytics Matter to Enterprise Cybersecurity - August 22, 2019
- How to Improve Your Enterprise’s SOC Efficiency - August 20, 2019
- Why Due Diligence Matters to Determining Third-Party Risk - August 15, 2019