Women in Cybersecurity: Reducing the Gender Gap Part III

May 2, 2016
No Comment

Katie Kennedy

This is the third post in a three part blog post on the Women in Cybersecurity Conference that took place March 31st through April 2nd in Dallas, Texas.

The first keynote for the final day of the Women in Cybersecurity conference was Shelley Westman. Westman had a long road that ultimately led her to where she is today, Vice President of Operations and Strategic Integration Initiatives at IBM Security. With a law degree, Westman decided that she did not care for law practice and decided to move into another field. Throughout her career, she came up with her three key points:

  1. What you think you want, may not be what you ultimately want. Don’t be afraid to course correct.
  2. Don’t be afraid to try new things and take on new responsibilities.
  3. There will be times in your life where you feel as if everything is falling apart… the only choice is to move forward, one step at a time.

Westman pointed out that there shouldn’t be a disparity among men and women in the field of cybersecurity. Men and women should work together to find solutions to the problems we face daily.

Following Shelly Westman, were the 5 Minute Lightening Talks. The most startling and eye opening talk was “Detecting The Mismatch between Privacy Policy and Android Code,” with speaker Jianwei Niu, associate professor in the Department of Computer Science at the University of San Antonio. Niu received her Ph.D. in Computer Science from University of Waterloo. With Android applications, there is user privacy risk with mobile applications that are built for the Android. The applications have access to sensitive personal information (SPI) about the users’ locations, contacts, and unique device information. Although regulators require the application developers to publish privacy policies that describe what information is being collected and used, it is common that the privacy policies have become inconsistent with the application implementation code. Click here to read the full research. From the research, there were many policy violations found with various applications, forcing one think twice before downloading applications.

The distinguished speakers session began shortly after the lightening talks concluded. Cybersecurity leaders, Michele Myauo, Director of Cybersecurity for Microsoft U.S., and Christina Carlson, Principal Developer of Cybersecurity at Target, spoke on “What Really Matters”, sharing their best practices and lessons learned for succeeding in the cybersecurity industry. Myauo addressed how cybersecurity is a business. Today, you can purchase malware online and preform an attack. An attacker can be in a system for a year and a half, before their presence is noticed. Myauo highlighted her dissertation research, bringing to light the “Pass-the-Hash” (PtH) scenario, a key cyber-attack that is identified in academic, government, and industry. Cyber attacks are not lessening, only gaining traction. More women are leaving the cybersecurity workforce than there are women entering. The gaps need to be filled. Women need to be supported in this field, and they should want to go into the cybersecurity workforce and stay there.

Christina Carlson provided advice on: work, communication, relationships, and life. Adding personal experience to shed light onto how to approach different situations. Carlson’s overarching themes were: take ownership, speak up, and be kind to yourself. Any work can have it’s ups and downs. The most important thing in cybersecurity is to stay current. The world of cybersecurity is constantly evolving and changing; therefore, one has to be aware of what is happening.

Each speaker and participant at Women in Cybersecurity brought something different to the table. With the focus on what women can do in the cybersecurity world, the idea is to be supportive of one another and to work together as one to solve some of the world’s greatest challenges. According to Hewlett Packard and Ponemon Institute of Cyber Crime, “hacking attacks cost the average American firm $15.4 million per year, double the global average of $7.7 million.” ( Cyber crime is a very lucrative industry, now more profitable than the drug trade (

Speaker Allison Cerra, Vice President and Head of Marketing in the Intel Security Group at Intel Corporation, underscored that by year 2020 there will be 40 zettabytes of data, 57 times the amount of all the grains of sand on all the beaches on earth. With all this data, the rapid increase of cyber crime, and the lack of cybersecurity professionals, we are at a bad combination. The Women in Cybersecurity Conference, paved the way for women to go out in the world and work together to combat cybercrime and hacking. Just because you do not have the expertise in cybersecurity, does not mean you don’t have something to add. With mentors, support, staying current, and drive, we will defend against cyber crime.

Find more information on Women in Cybersecurity Conference here.

Follow @WiCySConference on Twitter.