• United States




Security industry is a meritocracy, so don’t anchor on gender

Jul 05, 20164 mins
CareersIT JobsIT Leadership

Focusing on the work that needs to be done in security will get you noticed more than your gender will

There is no surprise that the information security tech world has tended to be predominately men, but we are seeing more and more women break into the cyber security field. STEM education didn’t exist when I was in school with the dinosaurs, back in the day when we had chalkboards and typewriters and we did all our homework using pen and paper. Actually, the pen was even advanced at that time. Pencil was safe because you could erase. 

Computer science majors were about the only people who were using the internet in its nascent stages, and most of these people were men. But as the rapid proliferation of technology became more common place, people’s ideas about the world around them also progressed.

Toni Gidwani, the director of research operations at ThreatConnect, leads their threat intelligence research team. She and I had a great conversation about gender and security, about the traits that women possess which make them an asset to the cyber community, and about the ways in which the industry is advancing perhaps not in spite of women but rather because of them.

Prior to entering into the information security industry, Gidwani worked for the Department of Defense. Though she has spent her entire career working in a male-dominated space, she said, “I find it curious now coming into information security, that my gender seems more pronounced than it was before. This is knowledge-based work, so I have a hard time seeing the correlation.”

Undoubtedly, any sort of team benefits from a diversity of experience and way of thinking, and Gidwani said, “Gender is one component of that diversity.”

But it is the one that she is most frequently asked about. People often ask her, How did you get into this space? “A lot of times at conferences, I will be the only female speaker, and to me it feels comparatively more remarked upon. Maybe that has to do with being in a leadership position?” Gidwani said.

It’s not just other women in attendance who approach her with these gender questions. “A lot of my male colleagues who have daughters and are interested in getting their daughters into the industry will talk to me about it,” she said.

So why does gender matter? 

Gidwani said, “Simply put, this is one of the most pressing challenges of our time. You want the best brains working on these problems. If you don’t have some semblance of balance, you’re less likely to succeed. Many projects are team focused work, and women are more collaborative in nature, more communicative.”

Yes, we realize that there are always exceptions to those rules.

[ ALSO ON CSO: 10 tips to attract women to infosec jobs ]

Why, then, are women outnumbered? 

For decades there has been a well developed argument for getting women in to STEM, but the pipeline has been unbalanced. Particularly when it comes to leadership, “Women tend to feel that they are not really an expert, that they are unqualified. Everybody has to deal with a bit of impostor syndrome,” said Gidwani.

In reality though, the talent pipeline–regardless of gender–is so insufficient to the scale of the industry’s needs. “As cybersecurity evolves, there is a growing realization that it’s’ not just a technical layer of analysis. It’s moving out of threat and into a broader security, which provides a different opening for women in the field,” said Gidwani.

As a woman in a leadership position, Gidwani noted, “The industry prizes you on your ability to do and to learn things. As the field expands there are going to be so many more females in leadership roles.”

In the late 1980’s and early 1990’s, programming was a niche thing, but it’s becoming so much more widespread, and for young women today, it is a completely normal part of the experience of coming up through education system. Working with technology has become more mainstream for young men and women alike.

Gidwani said, “In this space, like so many others where there is a gender disparity, there are different challenges that women have to navigate. Building a network is key to success, but you need mentors that are both male and female. I don’t hide my gender, but I don’t anchor on my gender. It’s really about the quality of the work that you do.”

Perhaps now, after so many years of encouraging women into the STEM pipeline, the industry will begin to reflect the quality of talent–not the number of men or women–available to do the overwhelming amount of work that needs to be done so that one has time to anchor on gender. That ship, hopefully, has sailed.


Kacy Zurkus is a freelance writer for CSO and has contributed to several other publications including The Parallax, and K12 Tech Decisions. She covers a variety of security and risk topics as well as technology in education, privacy and dating. She has also self-published a memoir, Finding My Way Home: A Memoir about Life, Love, and Family under the pseudonym "C.K. O'Neil."

Zurkus has nearly 20 years experience as a high school teacher on English and holds an MFA in Creative Writing from Lesley University (2011). She earned a Master's in Education from University of Massachusetts (1999) and a BA in English from Regis College (1996). Recently, The University of Southern California invited Zurkus to give a guest lecture on social engineering.

The opinions expressed in this blog are those of Kacy Zurkus and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author