Report from the first annual Women in Cybersecurity Conference (2014) - CWW
Monday, April 21, 2014
Posted by: WSC Admin
- Last Updated on Monday, 21 April 2014 23:03
- Hits: 904
by Lesley Piper
Last week, I attended the first annual Women in Cybersecurity Conference (WiCyS) in Nashville, TN. Dr. Ambareen Siraj, Computer Science Professor at Tennessee Tech University, organized WiCyS to start a conversation about cybersecurity as a viable career option for women. In seeking to expand awareness of cybersecurity careers, the conference brought together students, academia, government, and industry; it was funded by The National Science Foundation and a host of other sponsors, a list of which can be found here.
As stated on the WiCyS website: “Security professionals worldwide are expected to increase to nearly 4.2 million by 2015.” However, women are severely underrepresented in this field; according to a whitepaper from ISC2 and Symantec, women represent just 11% of Information Security professionals. The basic questions asked at WiCyS were: how can more women be encouraged to pursue a career in cybersecurity? And what resources and strategies can be shared to help them succeed?
The conference was divided into three tracks: Research, Education, and Industry. It included workshops, panel discussions, a poster session, resume clinics and a career fair. Speakers came from a variety of backgrounds and included Deb Frinke, Training Director of the NSA; Becky Base, Chief Strategist for the Center for Forensics, Information Technology and Security; and Michele Cantley, Regions Financial Chief Information Security Officer.
There were a number of great presentations and the following stood out:
I was particularly impressed with Ms. Frincke’s keynote, Follow Your Heart While Using Your Head. She spoke about times in her career when she acted from a place of passion, candidly admitting she was unsure whether to do so would adversely affect her career. It was inspiring to learn that her instincts proved successful and resulted in an impressive career path. The frankness with which she shared her experiences was refreshing, as was the fact that her journey was unplanned. Key points from her presentation included:
- Be willing to change your plan
- Know what your interests are (She likes to start from scratch and build)
- Know what to ask for
- Speak up
- Learn how to negotiate well
- Lead change by example
- In regards to executive leadership –executive coaching can be beneficial, see if it is for you.
Another great talk with helpful advice was from Michele Cantley, Senior Vice President and Chief Information Security Officer, Regions Bank. What made her talk so interesting was the emphasis she placed on non-technical skills. Obviously having a technical background is helpful in cybersecurity, but the following are the top skills required to perform her every-day job:
- Strategic Planning
- Budgeting/ Financial
- Communication Skills
- People Management
- Critical Thinking
- Problem Solving
- Crisis Management
In her current roll, Cantely explained, she spends about 60% of her time on problem solving, even though her background is in mathematics/programming. She emphasized the importance of being able to excel in less technical areas because it increases marketability as an employee.
Technical skills are a helpful, some would say necessary, foundation in this field and Lisa Foreman’s presentation focused more on developing such skills. Ms. Foreman, founder and CEO of Women’s Society of Cyberjutsu, created her non-profit because there were no resources available to her while navigating a career path, so she built a platform where women could come together to network and learn from each other.
With over 300 members, her organization offers services including networking, training, certifications, and volunteer opportunities as well as active email discussions about jobs in cybersecurity, working in the industry, and information about virtual competitions
Finally, Becky Base, Chief Strategist for the Center for Forensics, Information Technology and Security, made several powerful points in her closing remarks. She encouraged us to:
Acknowledge contributions women have made to security -
Elizabeth Friedman, known as “America’s first female cryptanalyst,” helped to break over 12,000 rum-runners’ messages during the Prohibition era. Meredith Gardner, Genevieve Feinstein, and the women of the Venona Project decrypted about 2,200 messages during 1942 – 1948, revealing Soviet espionage.
Nail the fundamentals – If you don’t understand how a system works, you will likely be incapable of hacking or securing it.
This is an ecosystem – Understand from top down, but change can only be effected from bottom up.
Mentor those who come in your wake – include those older than you and those with skills different than yours.
Overall, the energy and environment of the conference were relaxed, engaging, and friendly. It was easy to sit next to someone I didn't know and fall into conversation about the conference, cybersecurity in general, or more specific topics. I chatted with women who came from strikingly diverse backgrounds to land in cybersecurity, including finance, the liberal arts and law. Additionally, all the speakers were approachable and friendly. In addition to Lisa Foreman, mentioned above, I had the opportunity to speak with Dawn Isabel, Mobile Security Consultant at IBM, and Dr. Martha Kosa of Tennessee Tech University, Associate Professor of Computer Science.
Common themes throughout the conference:
- Know your interests
- Build skills outside of school/work
- Find something you are passionate about!
Cybersecurity is a burgeoning field with incredible opportunities. I had a great time over the weekend and came away re-inspired about my career, building my skill set, and the future in general. I’m already looking forward to next year’s conference (to be held in Atlanta, GA)!
WiCyS websitehas a great list of resources on its site. Students, especially, should check out the scholarship opportunities because funding is available for women majoring in Computer Science or Cybersecurity.