Women in Cybersecurity: When it comes to gender diversity in tech, cybersecurity is not the first space that comes to mind when we think of an equal workforce, but it is certainly making strides in the right direction.
We met five women in The States who are bridging that gap and owning the space. They told us about how they developed their careers in cybersecurity and how they’ve found the journey.
Brooke Motta – CEO and co-founder of KSOC
What is KSOC?
KSOC – Kubernetes Security Operations Center. We help to uncover Kubernetes security issues for the enterprise. We also offer remediation and deliver solutions in a very developer-friendly way that often helps security teams.
How did you develop your career to date?
I’ve been in cybersecurity for about twenty years, starting my career at a company called Rapid7 which was a successful vulnerability assessment company. I then went into the bug bounty space, and now I am the CEO and co-founder of KSOC.
Prior to starting the company with my co-founder Jimmy Mesta, I had been leading go-to-market teams at various security companies that were selling software. Jimmy was actually a customer of mine, historically. He reached out to me when I was selling to chief information security officers and learning a lot about how people had gone through or were still going through digital transformation. Everything was going to the cloud, and most large organisations leveraged Kubernetes as part of that digital transformation.
While Kubernetes is really great from an orchestration perspective, as you’re deploying containers, it also allows for a new attack vector for bad actors. Jimmy came up with the idea for KSOC while doing Kubernetes security awareness training. We found out that we were speaking to the same people – who were having the same challenges – he was tackling it from a service perspective and educating people on what they can do to ensure they’re more secure. And I was approaching it from a go-to-market perspective and how we can help from a software perspective.
The timing was nice to start the company since the company I was in didn’t actually solve the problem that we’re solving today.
How have you found it, being a woman in the cybersecurity space?
When I started, I remember attending conferences like Blackhat and RSA and feeling like one of the only women in the room, and there’s still a long way to go in terms of getting more women to the table. However, there are a lot more women in the space today than there were when I initially started. I think it will take a village to make sure everyone can have opportunities, so we need male advocates. We need companies that have great cultures where that help women thrive.
I think that if you don’t create an environment where everyone has a seat at the table, there are many options for people. That’s why there was a great resignation recently – people want to be a part of an inclusive culture.
Holly Neiweem – Chief Operating/Financial Officer at Quantum Xchange
What is Quantum Xchange?
Cryptography is everywhere and something we rely on in our day-to-day lives and completely take for granted, from banking to payments. People don’t know that the tools and technologies we use for encryption were invented about five decades ago, and a lot has changed since then. Quantum Xchange, at its core, our mission is to protect and secure the future of data. Our solutions help protect organisations from current threats, threats to their encryption as well as future threats.
How did you develop your career to date?
I don’t have a traditional cyber background. I started my career at GE – industrial infrastructure businesses. Then I spent the majority of my career on the investing side at Morgan Stanley. I came to Quantum Xchange in January of last year – my first leap into cyber – to help finance the company and commercialise and scale the technology. It’s definitely not the most traditional path, but I think I bring a unique background and perspective to the table. Often, I find myself translating the tech speak to the non-tech folks.
How have you found it, being a woman in the cybersecurity space?
I find that I’m most engaged when I’m learning a little bit out of my comfort zone, and that’s definitely been something here. What I like about it, though, is that cyber is a little bit more of a team sport and Quantum Xchange is very purpose driven – both of those things are pretty appealing to me.
Mollie MacDougall – Director of Product Management at Cofense (formerly PhishMe)
What is Cofense?
Cofense is focused on providing solutions to customers to help them defend against emergent and ongoing phishing attacks targeting their company and their company employees. I have been with this company since October 2017. I basically run the intelligence product. We are providing phishing-specific threat intelligence to organizations. We’re really focusing on what are the tactics that phishing threat actors use that are effective to reach end users. And what are the signatures of those attacks that our customers can take and use to block or identify any of those attacks.
How did you develop your career to date?
I was very much focused on international security. I got my masters from the Fletcher School of Law and Diplomacy at Tufts, focusing specifically on Middle Eastern security and regional security, and international global security studies. From there, I went and worked with the House Foreign Affairs Committee in the US Congress. Throughout my education and through my time on The Hill, I recognised that if I didn’t really understand cybersecurity, I wasn’t a global security expert. So, for what I thought would be a few years, I went over to the US Department of Homeland Security to look at and understand how different organisations that other nation states might seek to target US infrastructure, federal networks, and critical infrastructure as well.
I had an opportunity to move with my husband to London, which was a dream of mine, so I joined this company, PhishMe – I thought maybe for a year at the time. I have just loved how much I’ve been learning since then and how much being in a company that’s evolved so much since I joined it. I’ve been hooked and continued to learn and evolve my understanding of space. I’ve been surprised by how much there is to the cybersecurity space and where I could learn where I could provide value based on my different background. So here I am today, and I would never have thought, had I come from a non-technical background, educationally speaking, that I would be here or could be in this space and in this field.
How have you found it, being a woman in the cybersecurity space?
I think it really can depend on the organisation that you’re in. While I have been at Cofense, it has been fantastic. We have a lot of female leaders, especially in the product management side of the house, and many experts. But I do notice it has been tough to recruit a diverse group of people on specific technical teams, and there’s not enough balance there – I don’t know if that is because people aren’t going into the field.
I’m engaging with more and more women and young women expressing interest in the field, which makes me excited. I try to do a lot to support people and encourage people who are thinking about going into this field. I think having diversity, and how what we’ve experienced and how we’re wired, and how we’re thinking about things is so important – that goes beyond gender. Still, I think having more representation in the field is definitely a positive.
Caitlin Gruenberg – Director of Solutions Engineering at CyberGRX.
What is CyberGRX?
CyberGRX acts as a third-party risk management platform. We assess organisations’ risk to ensure that customers vet their vendors and third parties to determine whether they want to go into a business relationship, etc. We have an assessment operations component to that, which I did for five years. Being a part of CyberGRX as a start-up has been absolutely phenomenal. I think it’s a once-in-a-career opportunity to come into a company so early on and be with it through all the growing stages and the maturation to where we are today.
How did you develop your career to date?
I spent a lot of time in privacy and third-party risk management in the government, retail and financial spaces. When I got married, my husband said why don’t we look for a job in Colorado? I said I’d apply to one, and CyberGRX ended up being the one job I applied to, and it worked out. I believe in a little bit of fate here – it has been one of the most amazing experiences I’ve had.
How have you found it, being a woman in the cybersecurity space?
Being the minority sex in the industry, it’s not something that’s gone unnoticed. More often than not, I’m the only female on the team and in meetings. However, in the last, I’d say, four or five years or so, we are seeing more women in privacy and security groups – and mentoring of women and bringing more women into the industry. I think those efforts that are going on, in multiple different avenues globally, are really picking up and are really starting to stick. You see, the STEM groups for elementary school children and women didn’t have that. The movement is taking hold, and I couldn’t be more thrilled about that. In CyberGRX, I’ve seen the ratio of men to women much better than in other organisations I’ve been in.
Brianna Groves – Cybersecurity Engineer at CyberGRX
How did you develop your career to date?
Right out of high school, I started working for the local city government, and then I went to work for our city mayor as his executive assistant. Towards the end of that tenure, I just started to feel unfulfilled – I wanted a challenge, direction, and passion.
I had two friends who were pushing me towards working in tech just because of all the buzz about it and I really didn’t understand it very well. Definitely, I didn’t know what specifically I wanted to do, and it was all very confusing. Then I left the city government and decided just to throw myself into this new journey. I ended up here at CyberGRX.
I came in as an office manager and made it very clear to the interview panel and our CEO, to whom I was reporting at the time, my desire for admission, and they were all for it, and spent the first several months really learning the job and building it out – we were a very small start-up at the time, and I built that identity first.
Then I started to sit with my peers and shadow different teams, asking questions about what they do and what we did as a cyber company. We have a female engineer on the team. She was the only engineer at the time; I thought that was very cool, so I went and sat with her. She gave me directions on how to get started. I started teaching myself coding in the afternoon after I got home from work.
Over the course of several months, people were noticing, so they coached me and asked me to work on projects on their teams. Eventually, who would become our CTO at the time – I thought I might do well in cybersecurity. He kind of mentored me into that space, coached me to get certifications and taught me from the ground up. This all led to my promotion to an engineer.
How have you found it, being a woman in the cybersecurity space?
I think that timing was right in a lot of ways. There are certain difficulties that are definitely prevalent and real, being able to get your foot in the door, especially when you don’t have experience.
I didn’t have the work experience, but I worked at the same company with someone who chose to pull me under his wing because he saw my dedication and interest rather than looking for someone who already had the knowledge and background. I got lucky.
It can be difficult. I think many of the roughest parts, for me, are my self-doubts and that impostor syndrome that I struggle with. But I have a good network around me, and I try to make sure that I share my story and hear the stories of other women I’ve met who work in technology.