• United States




Who makes better cybersecurity decisions, men or women?

Feb 16, 20173 mins

There’s a common perception that men and women make decisions differently.

man woman decide
Credit: Thinkstock

Unfortunately, it’s very common to assume that when women are stressed they are more emotional or that they rely more heavily on intuition or hunches. (If you agree with this notion, spoiler alert – you are wrong…. LOL) Then you’re probably going to rely more heavily on men, not women, in high pressure, high risk situations.  I guess I don’t have to point out that cyber security, and incident response in particular, is full of high pressure, high risk decisions – and you may want to dig a little deeper to get the right person for the job.

The research shows that women are just as data-driven and analytical as men in decision making. In fact, in high pressure situations they are often even more analytical than men. In a sample of 32 studies that looked at how men and women thought about a problem or made a decision, 12 found that women adopted an analytical approach more often than men.

It’s counter intuitive to our cultural conditioning, but the research shows that women systematically turned to the data while men were more inclined to go with their gut, hunches, or intuitive reactions. The other 20 studies found no difference between men and women’s thinking styles. None of these studies found that women tended to be more intuitive than men in their decision-making styles.

The men reading this article probably find this hard to believe. Well, here’s more detail on this research. Mara Mather, a neuroscientist at the University of Southern California, and Ruud van den Bos, a neurobiologist at Radboud University in the Netherlands, both found that men under stress are more eager to take risks. They’ve found that men tend to become laser-focused on rewards when cortisol levels run high, even if that reward has only a tiny chance of materializing. When the pressure is on and there’s a small chance of a highly rewarding outcome, men are more inclined to gamble.

In contrast, when you put women in the same stressful situation that bumps up their cortisol levels and ask them to make the same decision, they behave differently. Mather and van den Bos found when women’s bodies were undergoing a strong stress reaction, they took more time weighing the contingencies. Instead of becoming emotional or acting on hunches, become analytical and risk-aware! 

This research doesn’t mean that one strategy is necessarily better than another. And we can’t necessarily translate lab-based research into practical application in day to day business operations. However, I do think this research raises some interesting questions about the unique strengths women can offer in technology teams and cyber security specifically. 

At a minimum, this research offers a very valid reason to set specific, measurable goals around building diverse teams that include both men and women. Especially when high-risk decisions are being made, we need both genders in the room because these two approaches balance one another and the resulting decision will be stronger because it incorporates different approaches.

Remember – we are all in this together!

Cheers!  Tammy


As CIO and chief information security officer at Venafi, Tammy Moskites helps CIOs and CISOs fortify their strategies to defend against increasingly complex and damaging cyberattacks on the trust established by cryptographic keys and digital certificates. Tammy draws on her professional experience, leadership capabilities and domain expertise as a CISO at Global 250 companies to help fellow CISOs defend their organizations. There is often a gap that cybersecurity teams miss in securing keys and certificates that leaves the door open for cybercriminals. Tammy’s leadership and experience will help other CISOs close those doors.

Prior to joining Venafi, Tammy served as CISO at Time Warner Cable, where one of her many responsibilities was to re-engineer and centralize the information security and IT compliance organizations to support global operations. Tammy also held the CISO position at The Home Depot, where she provided strategic executive and collaborative business direction for several teams, including identity and access management, IT compliance and regulatory, e-discovery and forensics, encryption and more. Tammy's other relevant security experience includes stints at Huntington National Bank, Complete Information Technologies LLC, BankOne, Nationwide and Aetna.

Tammy is also a leader in several important IT security organizations, including ISSA, ISACA, InfraGard and the Information Risk Security Board. In 2013, she was recognized as one of the Top Women in Technology by CableFax magazine and as one of the 25 finalists for the Evanta Top 10 Breakaway Leader Awards. In 2010, she was the winner of the Information Security Executive North America People’s Choice award. Tammy is a member of the advisory boards of Box and Qualys, and she provides strategic guidance to other industry-leading security vendors.

The opinions expressed in this blog are those of Tammy Moskites and do not necessarily represent those of IDG Communications Inc., or its parent, subsidiary or affiliated companies.