The cybersecurity industry is becoming hugely important for all aspects of society. As more work moves online and more processes involve digital data storage, it is essential to have good security practices. Furthermore, as technology becomes more complex with new innovations like blockchain, IoT, and machine learning, cybersecurity professionals must quickly advance their technical skills to keep pace.
The expected growth rate for security analyst jobs over the next decade is 33%, four times the average jobs growth rate! The median salary for these roles (in the U.S.) is over $100k, which is more than double the median salary in the U.S. overall!
It’s especially frustrating, then, that women only make up about 25% of the cybersecurity workforce. With so much opportunity and worker demand, people from all demographics should have the chance to take advantage of these favorable economic conditions.
The great thing is that the movement for women in cybersecurity is building – fostering awareness and enthusiasm in the tech world. In today’s post, we’re spotlighting seven amazing women in cybersecurity. As Renee Tarun, Chief Information Security Officer at Fortinet said, “we’re not unicorns. We in cybersecurity do exist.”
Dorothy Denning was a pioneer in the field of cybersecurity before most people even had access to the internet. In 1982, she published a groundbreaking book called Cryptography and Data Security, which was one of the first publications to thoroughly delve into cryptologic algorithms and is still read by computer science students today.
A major contribution that Denning made to the field is the IDS statistics model for anomaly detection, which uses statistics and data science to flag system intruders. Her later contributions include using timestamps to improve encryption technology, using the concept of checksums to improve the security of multilevel databases, and developing a highly secure algorithm for digital signatures. In all, Denning has received over twenty awards for her contributions to cybersecurity.
In affiliation with Georgetown University, Denning completed comprehensive social and technological research on hacktivism and hacktivists around the world. In her published paper she described the different strategies taken by hacktivists and the social or political movements that drove them.
Jen Easterly is a former military official who now directs the United States Cybersecurity and Infrastructure Security Agency, or CISA. Before being appointed to her current Directorial position, Easterly worked on cryptology with the NSA, first in Baghdad and later in Kabul.
In 2010, Easterly helped found USCYBERCOM, the arm of the U.S. Department of Defense which specializes in countering cyberattacks. The establishment of this organization inspired other countries, such as South Korea and England to follow suit in establishing a dedicated cyber command.
As CISA director, one of Easterly’s most impactful accomplishments has been the creation of JCDC, or the Joint Cyber Defense Collaborative. This new center, announced in 2021 will facilitate cooperation and coordination between the private sector, federal government, and state and local agencies in establishing robust cybersecurity practices across the U.S.
Parisa Tabriz, is the self-styled Security Princess. To explain the title, Tabriz says, “I want them to know that princesses can do engineering and STEM.” She currently works at Google as Director of Engineering but began her career as an intern on the security team in 2006. She was named as one of Forbes’s Top 30 People Under 30 To Watch in the Technology Industry in 2012 and was charged with overseeing all cybersecurity for Google Chrome in 2013.
At Google, Tabriz’s major priority is ensuring that Google Chrome functions seamlessly, securely, and easily across all devices and for all users. An interesting strategy Tabriz has discussed is that she uses a different type of device each day – MacBook, ChromeBook, iPhone, etc. – so she can fully understand the user experience of Chrome for different devices. Recently, she has been working to improve privacy settings for browsers that are shared by multiple members of a household.
Outside of work at Google, Tabriz delivers addresses at security conferences around the world and works with girl scout groups to introduce kids to the field.
Runa Sandvik is a Norwegian cybersecurity expert who, at just 28 years old, was named The New York Times Senior Director of Information Security in 2016. Today, Sandvik also serves as a security advisor to the Freedom of the Press Foundation and Black Hat, an international cybersecurity events and research organization.
Two of Sandviks most high-profile contributions in cybersecurity are her 2014 interview with Edward Snowden – in which they discussed mass surveillance and the interaction between hackers, journalists, and the government – and her striking research into the cyber vulnerabilities of ‘smart’ weapons done in partnership with her husband.
Katie Moussouris became a computer science pioneer at an early age when she was the first girl in her high school to take AP Computer Science. From there, her list of accomplishments kept growing.
Early in her career she worked on advancing and securing computer infrastructure at MIT and Harvard. She went on to work at Symantec and later Microsoft, where she pioneered new strategies for cyber vulnerability research – most notably the Microsoft Bug Bounty program, which rewards independent researchers and white-hat hackers with bounty rewards up to $75,000 for submitting vulnerability reports on Microsoft products. After the success of this program, Moussouris worked with DoD to execute similar programs called Hack the Pentagon, and Hack the Airforce. Follow-up programs in the “Hack the…” series are anticipated.
Alongside her work in cybersecurity, Moussouris has fought for equality for women in the workforce and even filed a class action lawsuit against Microsoft for discriminatory hiring practices and pay.
In 2016, Moussouris founded her own security consulting firm called Luta Security, which advocates for respect, pay equity, and accountability in the workplace.
Lisa Jiggets is making major headway in promoting women’s inclusion in cybersecurity. In 2012, she founded the Women’s Society of Cyberjutsu, a 501(c)3 organization dedicated to empowering women to succeed in the cybersecurity sector. WSC offers career guidance, study groups, networking opportunities, and workshops to women who work in cyber or want to forge a new career in the field.
Though it’s not recorded on her resume, Jiggets actually began her tech career as a cook in the navy, “flipping burgers all over the world” (source). Though she possessed valuable technical skills, which she had learned independently by experimenting with her own computer growing up, she did not score high enough on her ASVAB (Armed Forces Vocational Aptitude Battery) to land a more technical role. However, while she was on tour, she began taking on systems administration responsibilities simply because she knew how to fix the computer issues that her unit encountered. Though she was technically still a cook, she was informally accepted as the unit sysadmin.
After six years in the Navy, Jiggets moved into IT work for the Department of the Interior. She transitioned into security with a C&A job (Certification and Accreditation), while expanding her skill set through classes and hacking clubs.
Today, Jiggets is on the Board of Directors at WSC, where she mentors new cybersecurity professionals and also works as a penetration tester at Dark Wolf Solutions, a security firm.
Summer Craze Fowler
Summer Craze Fowler established herself in tech as a Software Engineer at Northrop Grumman. From there she moved on to Johns Hopkins and Carnegie Mellon, where she fostered her cybersecurity career and ultimately rose to Technical Director of Cybersecurity Risk and Resilience at Carnegie Mellon.
Today, Fowler is the CIO at Argo AI, an automated vehicle firm. At Argo AI, Fowler is chiefly concerned with developing security systems to prevent autonomous vehicles from hacks. She frequently speaks at conferences like InfoSec World, Security Summits, and RSA Conference on the state of the cyber field today, the biggest threats to consider, and the tech workplace.
In 2017 she became a part of Deloitte’s Board-Ready Women program, which provides guidance and mentorship to women who serve on Advisory Boards.
Resources for Women in Cybersecurity
Ready to become the next amazing woman in cybersecurity? Check out the following resources for guidance, networking opportunities, and education.
Technical training, networking opportunities, and career development resources.
Canadian organization for career development, mentorship, and community-building.
Education, networking opportunities, career development, and yearly conferences.
Education, certifications, and studies about diversity and equity in the cyber workplace.
WiCyS (Women in CyberSecurity)
Multi-chapter organization with networking opportunities, mentor-mentee program, student groups, events, and educational trainings.