10 Women Who Are Making A Difference In Cybersecurity

Female cybersecurity executives speak to CRN about their own journeys in the field and give kudos to the RSA Conference for selecting so many women to give keynotes and participate in panel discussions.

For Brittany Greenfield, it’s a case of one step forward and a half-step backward in terms of women making career progress in cybersecurity.

“It’s been frustrating,” said Greenfield, founder and CEO of Wabbi, a Boston-based application security orchestration and correlation company. “There’s been progress over the years, yes. But it’s something in which we haven’t seen the needle move much lately.”

Greenfield’s sentiments are echoed by other female cybersecurity leaders who talked to CRN and are attending this week’s RSA Conference in San Francisco.

The general consensus: There have been encouraging signs of women gaining influence, clout and investment funds within cybersecurity, a field that has exploded over the past two years.

Lynn Dohm, executive director of the Women in Cybersecurity organization, said the statistics do show women gradually making workforce gains.

In 2014, only 11 percent of the cybersecurity workforce was made up of women, but that number stands at 20 percent to 24 percent of the workforce today, depending on the survey, Dohm said.

“So there has been some progress, but clearly not enough,” said Dohm, whose organization has about 5,600 members in 70 countries.

She said it’s important to get men involved in recruiting more women into cybersecurity. It’s not just a matter of fairness. It’s also a way to help relieve the acute labor shortage cybersecurity is experiencing, Dohm said.

At the RSA Conference, Dohm will speak at the “Level Up Leadership Traits Through (WiCyS) Mentoring” session Tuesday.

Sharon Goldberg, co-founder and CEO of BastionZero, a Boston-based cybersecurity company, said the general attitude toward women in technology 20 years ago, when she first started her career, was condescending. Men routinely questioned whether women were competent enough to succeed, she said.

A computer-science professor at Boston University and a member of the BU Security Group, Goldberg said she’s treated more seriously these days. But she said that’s largely due to her being a professor and CEO of a company—and that other women are still struggling against bias within the industry.

Women interviewed by CRN praised organizers of the RSA Conference for selecting so many women to give keynote speeches and participate in panel discussions, this year and in years past, saying it inspires younger women in the field.

Following are 10 women who are prominent within cybersecurity and who are participating in various events this week at the RSA Conference.

Caroline Wong

Chief Strategy Officer

Cobalt

Besides her security-related duties at Cobalt and security experience at other institutions, Wong, holder of a bachelor’s degree in electrical engineering and computer sciences from UC Berkeley, also hosts the “Humans of InfoSec” podcast, teaches cybersecurity courses on LinkedIn Learning, and has authored the popular textbook “Security Metrics, A Beginner‘s Guide.” She spoke at ‘The Practicalities of Pen Testing at Scale’ Monday.

Avril Haines

Director

U.S. Office of Director of National Intelligence

Haines is the first woman to lead the U.S. intelligence community as director of the U.S. Office of Director of National Intelligence. Among the many national security threats the agency monitors are cyberattacks, particularly after recent nation-state attacks and amid fears of spreading cyberwarfare stemming from the Russian invasion of Ukraine. Haines previously served as Assistant to the President and Principal Deputy National Security Advisor from 2015 to 2017 and as deputy director of the Central Intelligence Agency from 2013 to 2015. She was a keynote speaker at the “Rethinking the Cybersecurity Challenge from an IC Perspective” session Monday.

Shailaja Shankar

SVP, GM

Cisco Security Business Group

Before joining Cisco, Shankar was senior vice president of engineering, enterprise at McAfee, responsible for its security and threat defense solutions across endpoint, extended detection and response, data center security, and cloud-native application protection. Shankar is also considered a “champion of diversity” and a frequent mentor of women in technology. She’s a global adviser with “How Women Lead” as well. She spoke at the RSA Conference Monday, focusing on the subject “What Do We Owe One Another in the Cybersecurity Ecosystem?”

Jane Horvath

Chief Privacy Officer

Apple

Responsible for overseeing Apple‘s compliance with global privacy laws, Horvath was previously Global Privacy Counsel at Google and, prior to that, the U.S. Department of Justice’s first Chief Privacy Counsel and Civil Liberties Officer. She’s also served as an assistant general counsel at AOL, where she helped draft the company’s first privacy policies. She’s scheduled to speak at the RSA Conference’s “Privacy 2022: Perspectives from the Top” Tuesday morning.

Kalinda Raina

Chief Privacy Officer

LinkedIn

Currently overseeing LinkedIn’s Global Privacy team, Raina has more than 20 years of experience in data protection programs and ensuring enterprise compliance. Previously, Raina was head of privacy for the Americas at Apple and served as the CPO of Nintendo. She has also served as chair of the board of directors of the International Association of Privacy Professionals. She is scheduled to be a speaker at the “Privacy 2022: Perspectives from the Top” session Tuesday morning.

Bobbie Stempfley

Business Unit Security Officer

Dell Technologies

At Dell, Stempfley helps drive the company’s security and resilience efforts in the product business units. She has previously served in top positions at the Department of Homeland Security and Department of Defense, where she worked on cybersecurity matters. She’s also the former CIO of the Defense Information Systems Agency. She’s scheduled to speak at the RSA Conference’s “Cybersecurity as a National Security Imperative” on Tuesday.

Vasu Jakkal

Corporate VP, Security, Compliance, Identity

Microsoft

With nearly 20 years of experience in the tech industry, Jakkal today is now responsible for crafting the strategy and defining the go-to-market motions to help customers with their security posture. Jakkal is a strong advocate for diversity and expanding the opportunities for women in technology. She is scheduled to speak at the RSA Conference’s “Innovation, Ingenuity, and Inclusivity: The Future of Security is Now” session Tuesday.

Edna Conway

VP, Chief Security, Risk Officer

Microsoft’s Azure

Conway is responsible for the security, resiliency and governance of the cloud infrastructure and supply chain upon which Microsoft’s Intelligent Cloud business operates. She previously was Chief Security Officer of Cisco’s Global Value Chain. Among other public services she’s performed over the years, Conway was an appointee to the Executive Committee of the U.S. DHS Task Force on ICT Supply Chain Risk Management. She’s scheduled to speak at the “The Missing Supply Chain Link: A Safe Harbor for Risk Information Sharing” on Tuesday and “Are Localization Policies a Looming Disaster for Cybersecurity?” session Wednesday.

Nicole Dove

Head of Security, Game Division

Riot Games

An award-winning information security leader, Dove heads a team at Riot Games focused on developing and deploying cybersecurity strategies that align with business priorities. She attended the 2016 White House Summit on the United State of Women and recently completed studies in Cybersecurity Leadership at Harvard University. She’s scheduled to speak at the “Business Information Security Officer: A Cybersecurity Secret Weapon” session Wednesday.

Lesley Carhart

Principal Industrial Incident Responder

Dragos

Carhart has spent 20-plus years in IT, more than a decade of them in information security, with a heavy focus on response to nation-state adversary attacks. She is recognized as an expert in the field of cybersecurity incident response and digital forensics. She is scheduled to speak at the RSA Conference’s ‘Preparation for OT Incident Response’ session Thursday.