Women drive innovation and maintain the security of organizations around the globe. Join Security magazine in celebrating and highlighting the achievements of women in the security field today, International Women’s Day 2022.

Although the security field has increased its levels of diverse hires over the years, there is still progress to be made regarding gender equity in the industry, from hiring practices to how security initiatives affect women, people of color and members of the LGBTQ community.

Security magazine spoke with women in the security industry to discover their journeys into the security industry and what security practitioners can do today to increase diversity and inclusion in the field.


Sam Humphries headshot


Security magazine: What inspired you to enter the security field?

Samantha Humphries, Head of Security Strategy EMEA, Exabeam: My strong interest in tech and a desire to help people drew me into this field, but very early on in my career I felt like there were times where I was something of a novelty factor. Men would sometimes speak down to me, as if to challenge my technical abilities. However, I persisted until I was more consistently treated as their equal. There have been a lot of steps forward, with brighter and more accessible paths being made for women in this field. Security community events are commonly ensuring there is greater speaker diversification. And, when women and girls see themselves represented, they are far more likely to relate, interact and aspire towards the same goal. This is why the power of mentorship is so important. There are countless benefits of learning from people who have walked in your shoes. However, we cannot walk alone. It is not just women who should support one another, but male allies too.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Humphries: Security leaders should first be meeting the bare minimum to promote equity and diversity, and that means equal work for equal pay. Women and minorities often find themselves not on equal footing compared to their white male counterparts. Ensuring all employees are paid and rewarded equally for their work should be a fundamental standard. Having leadership that is representative of the diversity you wish to promote within your organization is critical. I personally go straight to the hiring page when looking at an organization, and if the board lacks true diversity, there’s an immediate red flag in my head. Thus, organizations must be mindful of this when appealing to a diverse workforce and ensure they are presenting themselves in a manner they wish to attract diverse candidates.

 


Security magazine: What inspired you to enter the security field?

Arti Lalwani, Risk Management and Privacy Knowledge Leader, A-LIGN: The security world truly fell into my lap. I got my break into technology working in asset management. Since embarking on this path, the career journey hasn’t gotten any easier.

My first job in tech was learning the ins and outs of asset management: hardware and servers. Oddly, I went on to learn about individual servers then racking and stacking and was thoroughly intrigued.

When I moved on into security compliance auditing, everything “clicked” thanks to my asset management experience. I still find it fascinating how differently each company operates. You really do have to tailor your auditing approach based on each organization.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Lalwani: Leaders need to consider diversity and inclusion in everything they do! Especially when it comes to hiring and advancement.

It is no secret; women face a high barrier to entry when trying to break into the cybersecurity field. Particularly when they don’t have mentors and advocates to guide them and provide support. Mentorship is critical for women looking to forge a career in cybersecurity. Honestly, if I tried to break into this industry as a fresh college graduate today, I don’t think I’d have nearly as much success without all the people who mentored me. Mentorship programs should be part of a company’s HR program, if they truly want to promote diversity.

I also believe that diversity representation in leadership teams and at educational institutions has enormous potential to inspire more women to pursue a career in cybersecurity. Representation is important! The cybersecurity industry suffers from a lack of diversity. This is exacerbated by unrealistic hiring expectations, like entry level roles that require ten years of experience and outdated certifications listed as qualifications. Unnecessary obstacles like these prevent a lot of people (not just women) from considering a career in cybersecurity.

 


Security magazine: What inspired you to enter the security field?

Jennifer Manning, Director, Alvarez & Marsal Global Cyber Risk Services, LLC: I began my career in information technology and spent many years at a Fortune 500 company. My interest in information security began after a cyber incident with a server I managed. After that, I dedicated time to learning about key issues in cyber risk and how to balance between operational business requirements and ensuring data is secure. My career further evolved when I moved into a Security Engineer position and then ultimately into cyber risk consulting.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Manning: Although diversity wasn’t commonplace when I first started working in cybersecurity, I’ve noticed a change in the community in recent years. When I was promoted to team lead and given the task of building my first team, I took the opportunity as a leader to develop a diverse team. I was given opportunities throughout my career and have been inspired by so many people and strong leaders. I have a deep-seated desire to share my knowledge and give people opportunities that they might not have had otherwise. As a leader, I believe listening is important to effectively guide and encourage diversity inside and outside the cybersecurity field. Our differences are what makes us stronger professionally and personally.

 

Jennifer Mellone headshot


Security magazine: What inspired you to enter the security field?

Jennifer Mellone, Security Consultant, Presidio: Cyber is not something I planned for. I had three careers in my employment journey and happened to be in the right place at the right time for all three. I received a B.S. in Electrical Engineering and worked in defense systems engineering, which was hot at the time. I studied part-time while working full-time and earned an M.S. in Engineering Management. I moved into the communications sector testing network systems, and shortly thereafter a manager asked if I would like to become a network engineer because they needed one and they were in high demand and hard to find at that time. My networking career took off, and several years later I rejoined the defense sector performing network engineering. I was called up as a U.S. Navy Reserve officer to serve in Afghanistan for one year. When I came back to my defense job, cyber was the next big thing, so the projects had shifted to cyber. It was a natural transition from networking. I worked in cyber and network engineering in the commercial and defense sectors after that, but cyber stuck as my third career because of the plethora of opportunities in the field.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Mellone: The security industry needs qualified people, period. In theory, the process should start long before a candidate enters the workforce. Awareness, influence and encouragement are key. That comes from self, family, friends, teachers, career interest tests, formal education, self-study, world events, youth programs, military service and veterans programs. The candidate must first establish a foundational baseline — integrity, study skills, work ethic, desire to learn new and challenging concepts, teamwork and becoming a known reliable contributor in any field. Security leaders can leverage a diversity of work experiences. In my case, my employers had a need, and they had confidence in my ability to transition into networking and later security because I was solid in my job, and they witnessed the foundational essentials in action. They knew I could do it, so I adapted and learned. I am grateful to them. Security leaders should keep their eyes open in their own organizations. They can look for the reliable system administrator, network engineer or software developer with the essential foundation who takes security seriously and incorporates it into their own job tasks. Transition them over to cyber, and the security industry will grow.

 


Security magazine: What inspired you to enter the security field?

Alex Nixon, Senior Vice President, Cyber Risk, Kroll: I was inspired to work in security because I wanted to build a career where I could genuinely say that I was working to make the world a better place. This is something that I feel passionate about, and I will routinely check in with that ambition to ensure that I still feel that my work is making a difference.

Most of the engagements that I work on are long-term, often across multiple years, and I get to see organizations go through a transformative mindset shift in how security is viewed and considered. Knowing that this is directly attributable to my work brings me confidence that I am meeting the standard that I set for myself.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Nixon: Promoting diversity starts as early as the job description. Leaders need to work with HR teams to build job descriptions that speak to a role’s true requirements, rather than a list of security qualifications that don’t necessarily relate to the specific role. We also must recognize that lateral experience has immense value and can increase the diversity of our team’s thinking.

Once candidates are in-role, leaders would be remiss to think that their work has been achieved. Long-term cultural change is driven by respect, and that means allowing every voice — not just the loudest — to be heard and have weight. A leader’s responsibility is to give every team member a platform. This is something that I’ve learnt as a natural extrovert — I now make it my duty as an extrovert to champion our quieter team members and their input.

Lastly, a great benefit of a diverse team is that it allows the future generation of people leaders to shine. Some of the most brilliant technical minds may prefer to be subject matter experts. True people leaders are their natural allies, and by working together they can bring a blend of skills that creates teams which succeed faster and go further.

 

Ksenia Peguero headshot


Security magazine: What inspired you to enter the security field?

Ksenia Peguero, Ph.D., Senior Manager of Research Engineering, Synopsys: Frankly, I kind of “fell into it” with my internship while doing my Master’s. But once I got my feet wet, I absolutely loved it. Two things keep me excited about the security field: the greater good and the constant learning. Even when the mundane tasks of the day seem tedious, in the scheme of things, I always remember that my work helps people around the world to have more secure applications which means protecting them from hackers and cybercriminals and making sure that user data is protected. And after being in security for over a decade, I am still learning something new every single day as the technology, internet, software and hardware changes constantly, and I need to remain up to date.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Peguero: We need to change our workplaces to ensure they’re more equitable for everyone. That means having significant and equal maternity and paternity leave policies, promoting a work-life balance culture, conducting anti-bias training for all employees, and investing in inclusion, diversity & equity initiatives. These things will make the workplaces more attractive. However, we should also work in the pipeline from the very beginning by promoting computer science and security for girls in schools.

 

Cathy Pitt headshot.png


Security magazine: What inspired you to enter the security field?

Cathy Pitt, Global VP, Chief Security Officer, Plex Systems: My first real job was in the military tracking submarines in the Atlantic Ocean, so my mindset was already around security. In my first civilian role, I supported computer networks and communications, and it quickly became apparent that there was a growing need to continue tracking and deterring bad actors, albeit using a different toolset in the business environment.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Pitt: What is most exciting about the world of security to me is the diversity within the field itself. Much like the medical field, there are opportunities for many different interests and areas of expertise. From cybersecurity to physical security to risk management, forensics, DevSecOps and beyond, there really is something for everyone. For example, if you’re not jazzed by technology, risk management is a hugely broad discipline that requires strong business acumen, an eye for the big picture, and the ability to work with people across a broad spectrum from business owners to technologists. Of course, if you love the tech stuff, there are many opportunities from secure security architecture to software development and everything in between. In my view, we promote diversity in the security industry by promoting the diversity of the security industry! We’re well past security being all about firewalls and anti-virus. There really is something here to appeal to just about everyone!

 

Arti Raman.png


Security magazine: What inspired you to enter the security field?

Arti Raman, Founder and CEO, Titaniam Inc.: Security represents a rich field with many challenges that I could apply myself to. With respect to my current company, Titaniam, it was my personal experience of being impacted by a data breach in 2019 that led me to creating it. Today, my company is the only data protection platform that uses high-performance encryption-in-use to neutralize data compromise during ransomware attacks. I want to push, and be pushed, to meet the market challenges.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Raman: We must start with cybersecurity education in schools and colleges, and then we must encourage the industry to bring women into the security workforce. Once they are there, we must give them leadership opportunities and make them visible. Too often I find myself to be the only woman in a speaker lineup. This needs to change.

In my own life, I have a fine example of this. My daughter, Nikiita, who was 14-years-old at the time, worked with me on the underlying Titaniam algorithms. Given how good she is at visualizing and formulating multi-dimensional spaces, she was a great asset in our original work and is a named inventor on our patents. Her experience represents the potential of young women. Young women, like my daughter, will continue to grow and flourish when someone believes in them.

 


Security magazine: What inspired you to enter the security field?

Marisa Randazzo, Ph.D., Executive Director, Ontic Center of Excellence: Even though I can recall my interest beginning when I was very young, I didn’t actually consider law enforcement or security when I started thinking about potential career paths. I attended an all-girls high school where there was a lot of discussion about becoming lawyers, doctors, professors, artists, authors — but no mention of careers in law enforcement or security. The same was true for the prestigious college I attended. If I wanted to become an analyst on Wall Street, they had numerous job listings and mentors I could contact; but for applying to any law enforcement agency, for whatever position, the listings were non-existent.

A course I took in college on psychology and law reignited this interest for me and helped me to learn more about possible careers in law enforcement and security. Once I got into graduate school to pursue a Ph.D. in research psychology, I became involved in a professional association (the American Psychology-Law Society) and attended conferences where I got to meet a lot of professionals in law enforcement and security. It was through that professional association that I learned about internships at the U.S. Secret Service, and once I started in that internship, I fell in love with the agency and its mission of protection, protective intelligence investigations and violence prevention. I spent a decade at the U.S. Secret Service, working my way up from unpaid intern to Chief Research Psychologist, got a chance to co-direct groundbreaking research on behavioral threat assessment, and eventually started my own threat assessment firm (SIGMA Threat Management Associates), which just recently became a proud member of the Ontic family. It’s been 27 years since I first started with the U.S. Secret Service, and it has shaped every professional opportunity I have had since then.

Security magazine: What can security leaders do today to help promote diversity in the security industry?

Randazzo: Security leaders can do a lot to help promote diversity in the security industry. One strategy is to help promote awareness about the broad range of positions within law enforcement and security more broadly. Careers in security span far beyond what is portrayed on television series and action movies. If you don’t have friends in the security industry, or didn’t grow up with family members who worked in law enforcement, it’s easy to think that the positions are limited to front-line positions like special agent, police officer, or state trooper. But there are countless positions available that fewer people may know about, such as intelligence analysts, global security specialists, linguists, forensic examiners, project managers, procurement specialists, cyber security analysts, the list goes on. Finding ways to talk about these positions, feature them in short videos, highlight them in blog posts, etc. can all help expand awareness about the broad range of knowledge, skills and abilities that can contribute to positions in security and law enforcement.