Gender gap

Resources and Organizations Working to Bridge the Gender Gap in Security Leadership

In our last blog post, we discussed the diversity gap within Security leadership positions. Though this is a hot topic in our industry, the question of how we, as a community, solve this problem is unclear.

If we work to help balance the scales, we will see improved and innovative problem-solving, greater empathy, stronger emotional intelligence, and better-managed organizations across the board. We need everyone’s help to promote, recruit, drive, and support more women into Security leadership positions.

Below, we have put together a list of pioneering organizations and groups who are enabling a movement of change in the Security leadership space. We support their messages and applaud their efforts. We apologize for any unintentional exclusions from this list.

Our Security Advocates (OURSA)

The OURSA conference was born in 2018 after an uproar regarding the April 2018 RSA Conference. The RSA organizers received backlash after scheduling only one woman on their speaker panel out of 21 scheduled speakers and moderators. OURSA is a “unique security conference” where 26 of its 29 speakers are women. OURSA was started by Facebook’s Chief Security Officer, Alex Stamos, and Google’s “Security Princess” and, more recently, Engineering Director, Parisa Tabriz. We hope to see the OURSA conference return in 2019!

You can stay connected with the group via Twitter @OURSAConference.

Women in CyberSecurity (WiCyS)

The WiCyS initiative was launched in 2013 with support from a National Science Foundation grant. Their mission is to raise awareness about the importance and nature of cybersecurity career. WiCyS focuses on recruiting, retaining, and advancing women in cybersecurity. They bring together women (students/faculty/researchers/professionals) in cybersecurity from academia, research and industry to share knowledge/experience, network and mentor.

You can join one of their online communities and inquire about the WiCyS conference on March 29-30, 2019 at the Wyndham Grand in Downtown Pittsburgh, PA.  

Women in Security and Privacy (WISP)

WISP is a national nonprofit organization founded in 2014 that promotes the development, advancement, and inclusion of women in Security and Privacy. They have a strong and defined set of objectives from education, to fostering community, supporting career advancement, creating thought leadership opportunities, and conducting research for recruitment, retention, and advancement.  

You can join their online community of over 1,500 members and attend an upcoming event.

Women’s Society of Cyberjutsu (WSC)

WSC is a fantastic national organization that was founded in 2012 as a Northern Virginia-based 501(c)3 non-profit organization. WSC’s mission is to advance women in cybersecurity careers by providing programs and partnerships that promote networking, education, training, mentoring, resource-sharing and other professional opportunities. They also have a strong and defined set of objectives including workshops, training, networking events, mentorship, board and volunteer opportunities.

You can get involved and become a member or check out their upcoming events calendar to see where they will be next.

Technology Diversified

Technology Diversified is a non-profit, 501(c)(3) organization dedicated to providing education and resources that promote employment, peer-support, diversity, and inclusion in technology. I wanted to give a big shout out to their Hacking Diversity event in Las Vegas this past week.  Admittedly, I did not attend but the value and mission are right on message. Congratulations on a great event!

You can get involved by following them on LinkedIn or Twitter @T3chDiversified.

Beyond Salons

Beyond Salons is the brainchild of our friend Jodi Jefferson at Riviera Partners. While not focused specifically in the Security space yet, this unique and fantastic group is about accelerating and connecting female executive leaders in Engineering and Product Management. Women leaders are encouraged to share ideas and stories and pass along advice and best practices between multiple generations of women in tech. Their principles and messaging is spot on.

You can get involved and join an event in the New York area by filling out their “join us” form on their website.

We need your help! Are you aware of other groups, organizations, regular meetups, and get-togethers, or forum doing this work on a national or regional level that we have missed? We want to recognize them! Send an email to Michael Piacente (michael.piacente@hitchpartners.com) to give them a shout out!

Addressing the Gender Gap in Security Leadership

Security is prime for a female revolution to rectify the persistent gender gap in leadership positions. According to a global study done by the Executive Women’s Forum, men are four times more likely to hold C- and executive-level positions and nine times more likely to hold managerial positions than women. The industry is centered around making one tough decision after another while translating tech speak into true business value. Having more female influence would benefit both the overall security and business communities.

In 1995, when I started in the IT space, there was an overwhelming imbalance between male and female IT leaders. In fact, it was quite challenging to find more than a handful of women CIOs within the space. Today, only 11 percent of females are represented globally in the cybersecurity profession. I was fortunate to join the workforce during a time of great change in not only technology, but also in social and moral focus.

Over the past two decades, IT leadership has blossomed into a more balanced and healthier environment though things are still not where we want to see them. Though IT is a career where highly technical skill sets are valued and desired, over time the need for communicating the value of IT solutions across an organization has given way to a more balanced need between technical excellence and focused influence. Women IT leaders grew up in precisely that space and were amazing at explaining the value of IT solutions as a business need. These women actually came from the business side of IT and truly understood how the inner workings of the company and its data flowed.

Cross-functional, business driven careers such as program management, compliance, and business applications spawned a new brand of women IT leaders that ultimately grew into the first true wave of Woman CIOs. I believe that this positive influx of fresh thought leaders changed how IT was viewed, teams were built, and the business of IT was managed. Today, women CIOs unfortunately still hold a significantly smaller percentage of the overall CIO positions. Women make up 9 percent of IT leaders globally and 10 percent in larger organizations according to a study done by Harvey Nash/KPMG. However, they have created a positive mark in the space and possibly a blueprint for other highly technical skill sets (such as CISOs) to undergo similar transitions toward greater balance.

For the Security space, we expect to see a greater selection of career trajectories leading to the path of the woman CISO. We may not see the vast majority move from Sec Eng/DevOps into CISO/CSOs. Perhaps they will arrive to the CISO position through another path such as Compliance, Security PMO, or Engineering Program leadership. But we are not there yet. As I write this, I am aware that there are less than 20 female senior Security leaders (i.e. CSO, Heads of Security) in the San Francisco Bay Area, which is arguably the largest and most mature modern CISO market in the US.

However, the news is not all bad; there are several solid programs working to strike a greater balance. In particular, the National Security Forums and events have been making a strong effort in recent years. For instance, BlackHat has a growing balance of female leaders on both their board and within their upcoming sessions. Parisa Tabriz, a true Sec Ops/SecEng leader, will be kicking off the event as the Keynote. (Yes!!!)
In a follow up piece, we will go over a few ideas for what we and others can be doing in the community to help bridge the gender gap and change this incredibly important space. In the meantime, we would love to hear from others witnessing the lack of diversity in the Security space. What challenges and improvements are you seeing? Please reach out to michael.piacente@hitchpartners.com with your thoughts.