Women leaders in security recognized

Thoughts and reflections from the 2012 EWF Women of Influence winners

Each year, the Executive Women's Forum announces their "Women of Influence" Awards at their annual EWF event.

The awards, co-presented by Alta Associates and CSO Magazine, recognize outstanding women in several categories: one winner from the public sector, a private solutions provider from the security industry, a corporate practitioner from the private sector, and a "One to Watch," a future leader in the security field. This year, a lifetime achievement award was also given. The winners were nominated by peers in the security community.

CSO asked each winner of the 2012 WOI awards to give us their perspective on their success, lessons learned in their careers — and how women are making their mark in the security industry today.

[Infosec 2013: Cyber security sector failing to attract new talent]

Here is a list of the winners, and their thoughts and advice for career success.

One To Watch: Claire McDonough

Claire McDonough is an Engineering Manager in the Security Operations team at Google. Throughout her 5 years at Google she has worked in various parts of the security team as a technical program manager, focused on a broad set of projects from pre-launch security product reviews to security strategy, vulnerability management and now as an engineering manager on client platform hardening, network perimeter security and machine identity. Claire manages a team of security engineers who focus on innovation in enterprise security and developing solutions that make it easy for people to work securely.

How are women making inroads in security professions today? What more needs to be done?

Encourage women at the beginning of their careers and highlight inspiring role models to demonstrate what is possible.

EWF has partnered with the Information Networking Institute (INI) and Carnegie Mellon CyLab to offer a full tuition scholarship for their Master of Science in Information Security Technology and Management (MSISTM) program. I think programs like these are invaluable for encouraging women to pursue a career in information security. Though still a small number, there were more women than ever before in my undergraduate degree in Information and Communications Technology. Even so, very few of them chose to pursue a career in computer science, due in part to the fact that most didn't have role models to show them their options. The women who receive the EWF scholarship discovery an amazing array of possibilities when they attend the EWF conference, and suddenly anything seems possible. I think providing mentorhsip is a great method to encourage more women to stick with computer science.

Provide an inclusive atmosphere and celebrate diversity.

There has been a lot of research that demonstrates that diversity of thought leads to better group performance. One of my favorite studies on this topic is one referenced in this Harvard Business Review discussion where the finding was that while there's little correlation between a groups collective intelligence and the IQs of its individual members, the collective intelligence of a group rises when you include more women. Women frequently have better social sensitivity than men, and groups function better with the ability to listen to one another's ideas, criticize constructively and maintain open minds. Recognizing the importance of these skills in a successful organization and celebrating the different strengths women bring is essential to enabling more women to have successful careers in information security today.

What valuable advice have you received along the way in your career?

I was very fortunate to work for a wonderful mentor right out of college who really inspired me. He demonstrated his belief in me by giving me a lot of responsibility right off the bat. There were other senior managers who thought I would fail and there was a lot of pressure. Nonetheless, he set high expectations that I was determined to live up to, and I credit a lot of my determination and drive to what I learned in that first real professional role.

When he moved on to a new role just a year later, I was devastated and he saw that. He told me that in my career, nothing would stay the same; change was inevitable. And those who found a way to embrace change— to thrive on it —were the successful people. I dried my tears and found a way to be successful in his absence. From then on I've often been the one to force the change myself when Im not satisfied.

So the advice is to embrace change; dont be afraid of it. If you can, control it and make it work for you. Look for the opportunities change brings and latch on.

What has your personal mission been in your career?

To do everything to the utmost of my ability, to improve what I see around me, and to implement ideas —not just talk about them.

Have your accomplishments lived up to your expectations for yourself?

I had no idea I would end up where I am. Sometimes I look around and I am amazed at where I live, the people I work with and the life I lead. I couldn't have pictured something this far from where I started. When walking around Google, or meeting friends who hold C-level roles in global companies at the EWF conference, I sometimes have the urge to pinch myself to see if I'm dreaming.

I am very proud of my accomplishments and the work I've put in to get here, but it wasn't a plan I created early on that I'm following in a dedicated fashion. I just do my current job as well as I can. I follow my heart and as opportunities arise that excite and challenge me I grab them with both hands and hang on for dear life. My husband often jokes that Im the kind of person who jumps in with two feet before having any idea how deep the water is. Sometimes I have found myself in over my head without any clue how to proceed, but somehow I always manage. When I take on too much, I back off something less critical for a little while until I'm back in my comfort zone —then it's full steam ahead again.

What goals have you set for yourself for the future?

I want to continue to be proud of what I achieve every day. I want to continue to grow both in my experience and knowledge. I can't imagine standing still.

Private Solutions: Laura Mather

Laura Mather, Ph.D. is a worldwide expert in combating Internet fraud and a sought after speaker, published author and expert witness on the topic. She has spoken at IRS, Federal Trade Commission and Merchant Risk Council events in addition to many security industry conferences and summits. Following the work she's done with Silver Tail Systems since the company's inception in 2008, Fast Company ranked Dr. Mather #16 on their annual list of "The 100 Most Creative People in Business" for 2012 and Business Insider named her one of the "25 Powerful Women Engineers in Tech". She is also the Managing Director of Operational Policy for the Anti-Phishing Working Group, where she drives Internet policy to fight electronic crimes of phishing, pharming and spoofing. Prior to co-founding Silver Tail Systems, she spent three years in fraud prevention and anti-phishing at eBay, was a Director of Research and Analysis for the online division of Encyclopedia Britannica, and also spent time as a research analyst for the National Security Agency (NSA).

How are women making inroads in security professions today?

I look at the world more broadly than just security, so I'll answer this question based on women in technology. We are making inroads now in that we are again starting to talk to about the issues. 5 or 10 years ago, nobody spoke much about there not being many women in technology. Now the conversation has started again and I think that is a key driver to making progress.

What more needs to be done?

It's time to look at new ways to further women's issues in security. I'm concerned that the feminist movement has stalled. I've even heard that millenials (sp?) say that "feminism" is the "f-word". Women in technology and security have come a long way in the last 50 years, but there is still more work to be done.

How can we reignite the passion for getting women more involved in security? I'd like to get women to start thinking outside the box. Is there a technology that could help enable this? For example, can we create a website that spotlights careers - both security and otherwise — where the people being interviewed have diverse backgrounds. Maybe a woman CISO, a black software engineer, a veteran who is pursuing a degree in physics. It would be nice to give younger generations role models that break the molds of what society tends to enforce about who can do what job.

There are other technology ideas as well, but the above gives you one example of how we might be able to use technology to address this problem.

What valuable advice have you received along the way in your career?

Two things. First, don't worry about what other people think. I used to be very concerned about whether my colleagues, or even previous colleagues, would judge me for starting my own company — especially if it failed. One day I realized, I want to wake up every day and do the very best job I know I can do. That is good enough for me. It doesn't matter what people think of the job I do as long as I'm proud at the end of every day.

Second, don't be afraid to fail. One thing I learned in starting my own company was that failure comes frequently. I created a mantra that I continue to live by: "Success is not measured in the quantities of your stumbles, but the quality of your recoveries." Not only does this remind me to recover well, but it reminds me to push myself enough that I fail sometimes, because without failure I can't recover.

What has your personal mission been in your career? Have your accomplishments lived up to your expectations for yourself?

Early in my career I didn't really have a mission. When I was working at eBay, though, I realized that what gave me real satisfaction was helping people. Working in security meant that I was making the world a better place and I really liked that.

Through Silver Tail I feel like I was able to expand on that mission. Where eBay protected 80M people when I was there, Silver Tail protects multiple brands. We probably protect over 1B people right now. I think that's incredible. I feel extremely fortunate to have had to opportunity to work with such amazing brands and to realize this dream for myself.

What goals have you set for yourself for the future?

I want to help get more women involved in entrepreneurship, especially technical women. As I mentioned above, the feminist movement seems to have stalled out. But we still aren't equal to men, especially in start up companies. I want to find a way to change that. Wish me luck!

Corporate Practitioner: Harriet Pearson

Harriet Pearson was one of the first chief privacy officers in the Fortune 500 and is an internationally recognized corporate privacy and data security pioneer. Previously VP Security Counsel and CPO at IBM, Harriet in 2012 became a Partner in the global law firm Hogan Lovells US LLP, where her practice focuses on counseling clients on privacy and cybersecurity. She co-chairs the inaugural 2013 Georgetown Cybersecurity Law Institute and serves on multiple advisory boards including the Future of Privacy Forum.

How are women making inroads in security professions today? What more needs to be done?

To be effective, security today and in the future will of necessity be more interdisciplinary. That will play to women's abilities to lead and participate in cross-silo teams that will assess risks, develop compliance and training strategies, design IT architectures, and embed security into all types of environments.

What valuable advice have you received along the way in your career?

To be authentic — anything else, if you want to have an impact, is impossible to sustain. To be passionate about the mission —whatever it may be —because passion sustains you and anyone you aspire to influence. To put yourself in others' shoes, because empathy builds trust and alliances. Success is much more likely if you put these ideas into practice.

What has your personal mission been in your career? Have your accomplishments lived up to your expectations for yourself?

Everything I've enjoyed doing over the years has had just one thing in common which, I eventually realized, is my personal mission: To work on important and complex subjects, make sense of them, and help guide others so together we do the right things. I think that's why I enjoy working in security and privacy so much, and why I consider myself so lucky to have starting work in this area when I did.

What goals have you set for yourself for the future?

To keep growing. To stay passionate. To always be authentic.

Lifetime achievement: Sandra Hughes

Sandra Hughes has over 25 years of managerial and executive experience at the Procter & Gamble Company in variety of leadership assignments in the US, Germany and Belgium. Since 2001 until retirement in June 2012, she was responsible for developing global strategic programs for Information Governance & Compliance Risk Management, Privacy & Data Protection, Ethics & Compliance, Social Media Policy and Competitive & Technical Intelligence.

1 2 Page 1
Page 1 of 2
7 hot cybersecurity trends (and 2 going cold)