"Can't Find" Any Women in Cyber?

The well-known RSA conference got heat this year after an initial list of 20 keynote speakers featured only one woman. Before that, the popular Consumer Electronics Show (CES) had a similar incident. As Melanie Ensign, Uber’s head of security and privacy communications, then told The Register, “It's not just RSA but all of the conferences, or at least 99 per cent of them...But [RSA’s] keynote list was the straw that broke the camel's back.”

Women make up about 20 percent of the cybersecurity workforce, so there’s no doubt the field has a problem with gender diversity—not to mention homogeneity in other aspects as well. The world must realize, as Jane Frankland highlighted in a recent Humans of Cybersecurity interview, that more diversity will make us all more secure.

With this in mind, I decided to aggregate some resources for “finding” the inspirational women who are already making our digital world a safer and more secure place. If you really are struggling to find women in cyber, this list of resources and organizations (and insights from their founders) should help. (And check out the New America Cybersecurity Initiative’s list of inspirational women in tech as well!)

Did we miss an important initiative or resource? Email us (weingarten@newamerica.org) to let us know, and we’ll add it to the list.

Susan Hennessey, Fellow at Brookings Institution and founder of Sourcelist, a database of diverse experts in tech policy.

Find the database here.

“At the Brookings Institution, we’ve launched Sourcelist, a user-friendly online database of experts in technology policy from diverse backgrounds. Sourcelist is intended to aid conference organizers, journalists, and others in identifying and connecting with expert sources beyond those in their existing Rolodexes. Recognizing the particular set of institutional barriers facing women in this field, we dedicated the first Sourcelist database to Women+.

Too many news articles and events feature homogenous expert voices, and too often we hear that diverse individuals just could not be found to contribute. Sourcelist utilizes technology to make it easier to identify experts from diverse backgrounds. It eliminates one of the more stubborn hurdles to better representation by making these voices easier to find.”

Kristina Tanasichuk, CEO of the Government Services and Technology Coalition and founder of Women in Homeland Security, a networking and professional development group.

Find the organizations’ websites here and here.

“Women in Homeland Security, a 501(c)3 organization made up of over 5,000 women (and men) working in homeland security, has numerous CIOs, CISOs, and other professionals working in cybersecurity at the highest levels of government and in the private sector. The group hosts a major STEM initiative that connects schools with field trips in cybersecurity and other STEM fields throughout the federal homeland mission. The organization also hosts a speakers bureau of women who talk about cybersecurity and other STEM fields to an assortment of audiences. Our community is a great resource for those looking to find female experts in any cyber- or homeland-related field!”

Jumoke Dada, Principal of Signature RED and founder of the Tech Women Network, a platform for finding tech-savvy women.

Find the network’s website here.

“Launched in 2017, the Tech Women Network is a digital café for tech-savvy women. The online platform for women with technical skills is a space where technologists can showcase their skills and tap into resources to help them thrive in their fields. Membership for previous, current, or aspiring technologists is free. Founders and parties seeking to connect to or share opportunities with members can do so by contacting leadership to learn about partnership opportunities. It’s a great potential resource for event organizers and recruiters.”

Adrienne Porter Felt, software engineer at Google and organizer of Our Security Advocates (OURSA), a cybersecurity conference with diverse experts.

Find the conference’s website here.

“Like most security conferences, OURSA speakers included passionate security experts from a variety of industries, but unlike most conferences, most of them also identify as members of underrepresented groups. Our lineup demonstrated that top security talent has no color or gender, and that event organizers can bring diversity to conferences if they make it a priority.”

Ambareen Siraj, Professor of Computer Science at Tennessee Tech and founder of WiCyS, the women in cybersecurity conference.

Find the WiCyS website here.

“There are a lot of very accomplished and very successful female cybersecurity professionals, whether researchers or academics or designers or executives. We’re currently building a repository of these women to enable other organizations and events to reach out or recruit them as speakers or attendees. This will also help others highlight the accomplishments of these women, who can serve as excellent role models.

WiCyS also has a mailing list of over 2,000 people, and we maintain a very engaged relationship with our community; when people reach out with a request, they often say they get more than what they asked for. Others could easily use this platform to find female cybersecurity professionals as well. Ultimately, though, you have to be sold that diversity is the only way to be more successful at cybersecurity—and then you have to invest in diversity itself.”

Theresa Payton, CEO of Fortilace Solutions and founder of Help a Sister Up, a networking group for women in cybersecurity.

Find the group on LinkedIn.

“A hot topic for the cyber community right now is attracting women to the field and elevating their status through the ranks in the industry. Luckily, there are already a number of highly-qualified women in the cybersecurity community, and the place to find them is on social media, where women are channeling their thought leadership and getting profound affirmation in the form of followers. I asked my team to highlight some of these women on social media and in minutes got back over 50 women to watch. Now, we have the Help a Sister Up group, which is building a social media community among women in cyber. My advice to event staff is to get creative with search terms on social media and look for women with unique perspectives on the issues they want to highlight at their next event.”

Rachel Tobac, CEO of SocialProof Security and board chair of Women in Security and Privacy, a networking and professional development group.

Find the group’s website here.

“Women in Security and Privacy (WISP) is a nonprofit dedicated to advancing and supporting women in the growing fields. We have heard organizers say they ‘can't find’ diverse people to speak at their events, and we have a solution: the WISP Speakers Bureau! Our Speakers Bureau is a long list of brilliant women ready to speak on cybersecurity issues, and the number of names grows every day. Whether you need a senior leader or a fresh face, we match event organizers with the right woman (or women) to speak at their conference, event, workshop, or panel. We also have a job board if someone wants to bring more women into their security or privacy company, and we have a quarterly newsletter that could be leveraged as well.”

Jane Frankland, Managing Director of Cyber Security Capital and founder of IN Security, a networking and advocacy group.

Find the group’s website here.

“The IN Security Club and Movement is an international community that stands behind a mission to champion excellence and diversity. It’s a great place for event organizers to look because we have so many smart, aspirational women and men at all stages of their cybersecurity career. We welcome individuals, corporates, and entrepreneurs—those who are just starting in the industry, those who’ve taken a break and are returning to the workplace, and those who are at the top of their game. Coupled with our strong focus on soft skills like leadership, analytical thinking, and communication, it’s a well-rounded group of diverse people—all with aligned values. We’re also working on a Code of Conduct, a Pledge for diversity and inclusion, and a training course for event organizers.”

Elizabeth Weingarten, Director of New America’s Global Gender Parity Initiative and editor of the Humans of Cybersecurity publishing platform.

Find the project’s website here.

“Humans of Cybersecurity, based at New America, is an initiative that has wide reach and strong connections. We’re linked to groups focused on diversity and inclusion in cybersecurity, as well as more traditional cybersecurity communities—meaning our newsletter is a great way to reach women in cyber (with enough advance notice!). It’s also worth checking out the articles written for our blog, including our ‘A Human to Know’ series which has profiled many women in cyber as well. There are plenty of listservs out there for women in cyber, so it’s just about actively leveraging them.”

Camille Stewart, Cyber & Tech Attorney, New America Cybersecurity Policy Fellow, and Chair, Women of Color Advancing Peace, Security and Conflict Working Group on Cybersecurity and Emerging Technologies.

Find the group's website here.

“My colleagues at Women of Color Advancing Peace & Security and I are launching a group to explore how cybersecurity and emerging technology are affecting women of color. Adverse effects on women color from the innovation in and evolution of this space, whether technical, institutional, or within the legal/policy regime, aren’t often considered. Their concerns are lumped in with that of women, that of their minority group, or that of all underrepresented minorities. There are often discrete needs at the intersection of these demographics. Lack of attention to these needs can create gaps in the effectiveness of the product, policy, etc., it limits the realm of the possible, and we’re not harnessing the intellect and unique insights of these groups.

For example, Native American women have little to no presence in major tech companies and are often rolled up into this catch-all bucket of “other minorities.” That is a missed opportunity and a potential injustice. This WCAPS working group we’ve created aims to amplify, augment, and support the work being done to explore the impacts of technology and cybersecurity on women of color. We want to make sure women of color are represented in the industry as practitioners and as one of the user profiles guiding decision-makers.”

Ashley Podhradsky, Associate Professor of Digital Forensics & Associate Dean of Beacom College of Computer and Cyber Science and Founder of CybHER.org.

Find the group's website here.

“CybHER at Dakota State University has a mission to empower, motivate, educate, and change the perception of girls and women in cybersecurity. By providing resources for girls from middle school through collegiate programs and into professional careers, CybHER helps women foster positive and encouraging relationships within this industry through original and curated content that educates and motivates women. Ultimately, our goal is to increase diversity by introducing more girls to cybersecurity, who will then transition to women in collegiate programs, and finally transition to highly trained professionals. From 2012-2017, the Beacom College of Computing and Cyber Sciences has seen a 296% increase in women in our cyber-related programs. In the fall of 2018, 40% of new Beacom College freshmen were women! To date, we have raised over $700,000 for CybHER programs and impacted over 12,000 kids!”

Steve Morgan, Editor-in-Chief of Cybercrime Magazine at Cybersecurity Ventures.

Find the list here.

“@WomenKnowCyber is taking roll call of women in the cybersecurity field. Women in cyber aren't as much underrepresented as they are underappreciated—and markedly under-counted. In response, we are building the largest list of women in cybersecurity, which you can find in its first iteration on Twitter. We're fast approaching 2,000 experts.”

Editor's Note: July 23, 2018 - The first sentence of this blog has been corrected. It originally characterized what RSA organizers said about the shortage of female cybersecurity speakers. That characterization was incorrect. It has been updated to more accurately reflect the source of the criticism the RSA Conference received.