Women leaders in security recognized

Each year, the Executive Women's Forum announces their "Women of Influence" Awards at their annual EWF event.

The awards, co-presented by Alta Associates and CSO Magazine, recognize outstanding women in several categories: one winner from the public sector, a private solutions provider from the security industry, a corporate practitioner from the private sector, and a "One to Watch," a future leader in the security field. This year, a lifetime achievement award was also given. The winners were nominated by peers in the security community.

CSO asked each winner of the 2012 WOI awards to give us their perspective on their success, lessons learned in their careers -- and how women are making their mark in the security industry today.

Here is a list of the winners, and their thoughts and advice for career success.

One To Watch: Claire McDonough

Claire McDonough is an Engineering Manager in the Security Operations team at Google. Throughout her 5 years at Google she has worked in various parts of the security team as a technical program manager, focused on a broad set of projects from pre-launch security product reviews to security strategy, vulnerability management and now as an engineering manager on client platform hardening, network perimeter security and machine identity. Claire manages a team of security engineers who focus on innovation in enterprise security and developing solutions that make it easy for people to work securely.

How are women making inroads in security professions today? What more needs to be done?

Encourage women at the beginning of their careers and highlight inspiring role models to demonstrate what is possible.

EWF has partnered with the Information Networking Institute (INI) and Carnegie Mellon CyLab to offer a full tuition scholarship for their Master of Science in Information Security Technology and Management (MSISTM) program. I think programs like these are invaluable for encouraging women to pursue a career in information security. Though still a small number, there were more women than ever before in my undergraduate degree in Information and Communications Technology. Even so, very few of them chose to pursue a career in computer science, due in part to the fact that most didn't have role models to show them their options. The women who receive the EWF scholarship discovery an amazing array of possibilities when they attend the EWF conference, and suddenly anything seems possible. I think providing mentorhsip is a great method to encourage more women to stick with computer science.

Provide an inclusive atmosphere and celebrate diversity.

There has been a lot of research that demonstrates that diversity of thought leads to better group performance. One of my favorite studies on this topic is one referenced in this Harvard Business Review discussion where the finding was that while there's little correlation between a groups collective intelligence and the IQs of its individual members, the collective intelligence of a group rises when you include more women. Women frequently have better social sensitivity than men, and groups function better with the ability to listen to one another's ideas, criticize constructively and maintain open minds. Recognizing the importance of these skills in a successful organization and celebrating the different strengths women bring is essential to enabling more women to have successful careers in information security today.

What valuable advice have you received along the way in your career?

I was very fortunate to work for a wonderful mentor right out of college who really inspired me. He demonstrated his belief in me by giving me a lot of responsibility right off the bat. There were other senior managers who thought I would fail and there was a lot of pressure. Nonetheless, he set high expectations that I was determined to live up to, and I credit a lot of my determination and drive to what I learned in that first real professional role.

When he moved on to a new role just a year later, I was devastated and he saw that. He told me that in my career, nothing would stay the same; change was inevitable. And those who found a way to embrace change-- to thrive on it --were the successful people. I dried my tears and found a way to be successful in his absence. From then on I've often been the one to force the change myself when Im not satisfied.

So the advice is to embrace change; dont be afraid of it. If you can, control it and make it work for you. Look for the opportunities change brings and latch on.

What has your personal mission been in your career?

To do everything to the utmost of my ability, to improve what I see around me, and to implement ideas --not just talk about them.

Have your accomplishments lived up to your expectations for yourself?

I had no idea I would end up where I am. Sometimes I look around and I am amazed at where I live, the people I work with and the life I lead. I couldn't have pictured something this far from where I started. When walking around Google, or meeting friends who hold C-level roles in global companies at the EWF conference, I sometimes have the urge to pinch myself to see if I'm dreaming.

I am very proud of my accomplishments and the work I've put in to get here, but it wasn't a plan I created early on that I'm following in a dedicated fashion. I just do my current job as well as I can. I follow my heart and as opportunities arise that excite and challenge me I grab them with both hands and hang on for dear life. My husband often jokes that Im the kind of person who jumps in with two feet before having any idea how deep the water is. Sometimes I have found myself in over my head without any clue how to proceed, but somehow I always manage. When I take on too much, I back off something less critical for a little while until I'm back in my comfort zone --then it's full steam ahead again.

What goals have you set for yourself for the future?

I want to continue to be proud of what I achieve every day. I want to continue to grow both in my experience and knowledge. I can't imagine standing still.

Private Solutions: Laura Mather

Laura Mather, Ph.D. is a worldwide expert in combating Internet fraud and a sought after speaker, published author and expert witness on the topic. She has spoken at IRS, Federal Trade Commission and Merchant Risk Council events in addition to many security industry conferences and summits. Following the work she's done with Silver Tail Systems since the company's inception in 2008, Fast Company ranked Dr. Mather #16 on their annual list of "The 100 Most Creative People in Business" for 2012 and Business Insider named her one of the "25 Powerful Women Engineers in Tech". She is also the Managing Director of Operational Policy for the Anti-Phishing Working Group, where she drives Internet policy to fight electronic crimes of phishing, pharming and spoofing. Prior to co-founding Silver Tail Systems, she spent three years in fraud prevention and anti-phishing at eBay, was a Director of Research and Analysis for the online division of Encyclopedia Britannica, and also spent time as a research analyst for the National Security Agency (NSA).

How are women making inroads in security professions today?

I look at the world more broadly than just security, so I'll answer this question based on women in technology. We are making inroads now in that we are again starting to talk to about the issues. 5 or 10 years ago, nobody spoke much about there not being many women in technology. Now the conversation has started again and I think that is a key driver to making progress.

What more needs to be done?

It's time to look at new ways to further women's issues in security. I'm concerned that the feminist movement has stalled. I've even heard that millenials (sp?) say that "feminism" is the "f-word". Women in technology and security have come a long way in the last 50 years, but there is still more work to be done.

How can we reignite the passion for getting women more involved in security? I'd like to get women to start thinking outside the box. Is there a technology that could help enable this? For example, can we create a website that spotlights careers - both security and otherwise -- where the people being interviewed have diverse backgrounds. Maybe a woman CISO, a black software engineer, a veteran who is pursuing a degree in physics. It would be nice to give younger generations role models that break the molds of what society tends to enforce about who can do what job.

There are other technology ideas as well, but the above gives you one example of how we might be able to use technology to address this problem.

What valuable advice have you received along the way in your career?

Two things. First, don't worry about what other people think. I used to be very concerned about whether my colleagues, or even previous colleagues, would judge me for starting my own company -- especially if it failed. One day I realized, I want to wake up every day and do the very best job I know I can do. That is good enough for me. It doesn't matter what people think of the job I do as long as I'm proud at the end of every day.

Second, don't be afraid to fail. One thing I learned in starting my own company was that failure comes frequently. I created a mantra that I continue to live by: "Success is not measured in the quantities of your stumbles, but the quality of your recoveries." Not only does this remind me to recover well, but it reminds me to push myself enough that I fail sometimes, because without failure I can't recover.

What has your personal mission been in your career? Have your accomplishments lived up to your expectations for yourself?

Early in my career I didn't really have a mission. When I was working at eBay, though, I realized that what gave me real satisfaction was helping people. Working in security meant that I was making the world a better place and I really liked that.

Through Silver Tail I feel like I was able to expand on that mission. Where eBay protected 80M people when I was there, Silver Tail protects multiple brands. We probably protect over 1B people right now. I think that's incredible. I feel extremely fortunate to have had to opportunity to work with such amazing brands and to realize this dream for myself.

What goals have you set for yourself for the future?

I want to help get more women involved in entrepreneurship, especially technical women. As I mentioned above, the feminist movement seems to have stalled out. But we still aren't equal to men, especially in start up companies. I want to find a way to change that. Wish me luck!

Corporate Practitioner: Harriet Pearson

Harriet Pearson was one of the first chief privacy officers in the Fortune 500 and is an internationally recognized corporate privacy and data security pioneer. Previously VP Security Counsel and CPO at IBM, Harriet in 2012 became a Partner in the global law firm Hogan Lovells US LLP, where her practice focuses on counseling clients on privacy and cybersecurity. She co-chairs the inaugural 2013 Georgetown Cybersecurity Law Institute and serves on multiple advisory boards including the Future of Privacy Forum.

How are women making inroads in security professions today? What more needs to be done?

To be effective, security today and in the future will of necessity be more interdisciplinary. That will play to women's abilities to lead and participate in cross-silo teams that will assess risks, develop compliance and training strategies, design IT architectures, and embed security into all types of environments.

What valuable advice have you received along the way in your career?

To be authentic -- anything else, if you want to have an impact, is impossible to sustain. To be passionate about the mission --whatever it may be --because passion sustains you and anyone you aspire to influence. To put yourself in others' shoes, because empathy builds trust and alliances. Success is much more likely if you put these ideas into practice.

What has your personal mission been in your career? Have your accomplishments lived up to your expectations for yourself?

Everything I've enjoyed doing over the years has had just one thing in common which, I eventually realized, is my personal mission: To work on important and complex subjects, make sense of them, and help guide others so together we do the right things. I think that's why I enjoy working in security and privacy so much, and why I consider myself so lucky to have starting work in this area when I did.

What goals have you set for yourself for the future?

To keep growing. To stay passionate. To always be authentic.

Lifetime achievement: Sandra Hughes

Sandra Hughes has over 25 years of managerial and executive experience at the Procter & Gamble Company in variety of leadership assignments in the US, Germany and Belgium. Since 2001 until retirement in June 2012, she was responsible for developing global strategic programs for Information Governance & Compliance Risk Management, Privacy & Data Protection, Ethics & Compliance, Social Media Policy and Competitive & Technical Intelligence.

How are women making inroads in security professions today? What more needs to be done?

As the number of women with technical degrees continues to increase, I think we will continue to see greater strides in women leading security professions. However, another way for a woman to make inroads is through broadening her scope to interface with hot topic areas like Privacy and Information Governance which statistically tend to be more gender balanced professions. Then, as more corporations think strategically about their total risk universe --with security/privacy/information governance/ethics & compliance ranked right up there with the risk of missing financial projections for example --women with a scope broader than security may have more opportunities, or at least more options, to advance their careers.

What valuable advice have you received along the way in your career?

Of course the big pieces of advice we all know resonate the most, for example: be yourself, work hard, be your own boss, practice 'effective' listening, be positive, and don't burn bridges. However some additional ones that helped me were: never make a job decision based on who your boss will be; always find something to at least like in your job no matter how much you hate it --you will be better for it; life is about choices --if feel you have chosen wrongly, learn from it; and finally, as people do good for you, 'pay it forward'-- help others.

What has your personal mission been in your career? Have your accomplishments lived up to your expectations for yourself?

This was a tough question! The philosophy I have followed as stated on one of my Facebook accounts, is 'live for today, plan for tomorrow'. As I reflect on the past and how I think about the future, I believe a more complete answer is that I strive to 'embrace life while making a difference'. In this first half of my life, I have to say that while it was far from easy I am very proud of my accomplishments --not only in my career and external pursuits but also in raising two healthy, intelligent, independent, beautiful children (now adults and off our payroll!) who appear to have the same ambition. I know that I have been successful because some time ago, when faced with a potential airplane crash and my life flashed before my eyes, I felt peace and had no regrets! That's a great feeling. I run that exercise through my head every now and then as a 'check', especially when I have to make a tough choice.

What goals have you set for yourself for the future?

Now that I have retired from Procter & Gamble and I am empty-nested, my ambition remains to experience all that life offers and to make a difference --but now I will have more time to 'give back'. I am fortunate to be in at a point in my life where I can try new things and choose what I work on and with whom. Other than opportunities that look 'fun' and allow me to grow, my focus will be to continue to help develop the professions I belong to, and the young people who are beginning their careers in those professions. In addition I hope to use my extensive experiences, skill set and passion to help organizations, especially those benefiting women and children, with their strategies to make our communities and the world a better place.

Public Sector: Aimee Larsen Kirkpatrick

Aimee Larsen Kirkpatrick is the former Director of Partnership Engagement & Strategic Initiatives for the National Cyber Security Alliance (NCSA), a public-private partnership dedicated to helping citizens stay safe and secure online. Ms. Larsen Kirkpatrick developed strategies and programs to fulfill NCSA education and awareness objectives and increase the number of engaged stakeholders to participate in NCSA's mission. Among her many accomplishments, she spearheaded a national public service campaign to develop a unified message on Internet safety for all citizens. Known as the STOP. THINK. CONNECT. campaign, it was declared the national cybersecurity awareness campaign by the White House and is supported by Fortune 500 companies, several government agencies and is currently being rolled out globally.

Aimee was unavailable to answer questions.

Tags security

Comments

Comments are now closed

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Get Powerful Protection for All of Your Mobile Devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.