The Cyber Express - Quarter 2 by The Cyber Express

Award Winning World’s Fastest Growing Cybersecurity Company

ISSUE 15

TheCyberExpress

Cyble VISION Beyond

Threat Intelligence

The Best Ai-Powered Threat INtel PLATFORM • Uncover hidden threats. • Predict and prevent attacks. • Empower informed decision-making. • Stay ahead of evolving risks. • Secure your digital ecosystem.

See Cyble Vision in Action

TheCyberExpress

ISSUE 15

Contents 6 FROM THE DESK

Celebrating Women in Cybersecurity

8 FORESIGHT We’re Not There Yet Women in Cybersecurity

12 CYBERVILLE Work-Life Integration: Strategies for Balancing Career and Personal Life in Cybersecurity

16 HER CYBER 40 under 40 Women in Cybersecurity

126 VIEWPOINT Trends Shaping the Future of Cybersecurity Marketing

ISSUE 15

TheCyberExpress

UNDER

130 THE COVER Amplifying Voices For Gender Equity In The Technology Industry

134 HOT SEAT Why is Gender Diversity Important in Cybersecurity?

138 DIGEST Breaking Codes and Glass Ceilings:The Legacy of Women in Cybersecurity

142 TRENDS Breaking Barriers: How A NonTechnical Background Led To A Cybersecurity Career

146 REGISTER From Military To Mentor: Col. Padilla-Taborlupa Empowers Women In STEM

156 INSIDER Bridging the Gap: Why Women Hold the Key to Cybersecurity’s Future

TheCyberExpress

ISSUE 15

Editorial

Management

Augustin Kurian

Rajashakher Intha

Editor-in-Chief editor@thecyberexpress.com

Director of Marketing And Product Management raj@thecyberexpress.com

Avantika Chopra Associate Editor avantika@thecyberexpress.com

STAFF

Samiksha Jain

Ashish Jaiswal Conference Manager ashish.j@thecyberexpress.com

Magazine Producer

Priti Chaubey

samiksha.jain@thecyberexpress.com

Content Strategist priti.c@thecyberexpress.com

Ashish Khaitan Journalist ashish@thecyberexpress.com

Ravi Gupta SEO Analyst ravi@thecyberexpress.com

Vittal Chowdry Design Lead vittal@thecyberexpress.com

Image credits: Shutterstock & Freepik

*Responsible for selection of news under PRB Act. Printed & Published by Augustin Kurian, The Cyber Express LLC., The publishers regret that they cannot accept liability for errors & omissions contained in this publication, howsoever caused. The opinion & views contained in this publication are not necessarily those of the publisher. Readers are advised to seek specialist advice before acting on the information contained in the publication which is provided for general use & may not be appropriate for the readers’ particular circumstances. The ownership of trade marks is acknowledged. No part of this publication or any part of the contents thereof may be reproduced, stored in a retrieval system, or transmitted in any form without the permission of the publishers in writing.

ISSUE 15

TheCyberExpress

From the Desk Dear Readers, As an Associate Editor with The Cyber Express, every day brings with it the opportunity to amplify voices that are often drowned out in the cacophony of the digital space. For too long, the narrative surrounding tech and cybersecurity has been dominated by male voices. But in this rapidly evolving domain, diversity isn’t just a buzzword—it’s the key to unlocking innovation and resilience. Women bring a unique perspective, a different set of experiences, and invaluable skills to the table. Recognizing and celebrating the contributions of women in cybersecurity isn’t just about equality—it’s about harnessing the full potential of our collective intelligence. As I sift through the pages of The Cyber Express, I am filled with a sense of purpose and responsibility. Every article, every interview, and every feature is an opportunity to challenge stereotypes, shatter glass ceilings, and pave the way for future generations of women in tech. I see more than just articles and interviews—I see a movement. A movement towards a future where women stand shoulder to shoulder with their male counterparts, shaping the security space with their vision and expertise. Together, let us continue to champion diversity, celebrate achievement, and pave the way for a future where every woman has the opportunity to thrive in cybersecurity and beyond. Avantika Chopra Associate Editor

Dear Readers, In this quarter one (Q1) issue of The Cyber Express, I’m thrilled to shine a spotlight on the incredible achievements of women in cybersecurity. As TCE unveil the “40 Under 40” trailblazers, I’m reminded of the immense impact these professionals have had and continue to have on shaping the cybersecurity world. While the field of cybersecurity has often been seen as male-dominated, a closer look reveals a wealth of talent, innovation, and resilience among women professionals. Their unique perspectives, adept problem-solving skills, and unwavering dedication to securing our digital world are indispensable in fortifying our cyber defenses. However, despite the strides we’ve made, there’s still much ground to cover. Gender parity remains a distant goal, with women holding only a fraction of leadership roles within the cybersecurity sector. Moving forward, it’s crucial that we actively work towards greater inclusivity, ensuring that women not only find a place but thrive and lead in this crucial domain. Furthermore, diversity in cybersecurity isn’t just a matter of fairness; it’s a strategic imperative. Varied backgrounds, experiences, and viewpoints foster innovation and enhanced our ability to tackle ever-evolving cyber threats. By championing diversity and inclusion, we not only enrich our industry but also strengthen our capacity to safeguard the digital ecosystem. As we manage the complexity of our linked world, let us renew our commitment to creating an atmosphere in which women in cybersecurity feel powerful, respected, and valued. Let us work together to create a safer, more resilient digital future for future generations by leveraging the entire range of skills and expertise. Samiksha Jain Magazine Producer

TheCyberExpress

ISSUE 15

FORESIGHT

We’re Not There Yet -

Women in

Cybersecurity - By Zinet Kemal Associate Cloud Security Engineer, Best Buy

The cybersecurity space, as dynamic and challenging it is, has been witnessing a gradual but significant change – the rising influence of women in its ranks. When I took the plunge into this field in late 2017, it was like stepping into a world where women were just a ripple in a vast ocean, making up 14% inching up from 11% of the industry’s workforce. Fast forward to today, and that ripple has become more

ISSUE 15

TheCyberExpress

noticeable, with women representing around 25% of the cybersecurity workforce. It’s a shift, yes, but let’s be clear: we’re not there yet. The recent surge to nearly a quarter representation is heartening, but it’s not the full picture. The industry has been hit by a workforce gap that’s not just 3.4 million as we know it but a 4 million, exacerbated by recent cutbacks and layoffs as per a recent ISC2 report.

This begs the question: how has this impacted women in cybersecurity? What about women from underrepresented groups ? The truth is, it’s a mixed bag. On one hand, there’s the optimism that female representation in the field is projected to grow to 30% by 2025. On the other, there’s the stark reality that we’re still far from where we need to be.

TheCyberExpress

ISSUE 15

FORESIGHT

Cybersecurity, at its core, thrives on diverse perspectives and innovative problem-solving approaches. The need for women in this field isn’t just about hitting a quota or balancing ratios; it’s about enriching the industry with diverse insights and experiences. Women, with their unique perspectives, are instrumental in driving innovation and contributing to problem-solving in ways that homogeneity simply cannot. Women’s involvement brings to the table different life experiences, viewpoints, and creativity – aspects essential for tackling the complex, ever-evolving cybersecurity challenges. The inclusion of women, particularly those from underrepresented backgrounds such as Black communities, stands not as a mere act of equity but as a strategic imperative for the industry.

What can we do to ensure that the industry isn’t missing out ? Targeted initiatives can light the spark of interest to young girls at an early age. These efforts and programs aim not just to open doors but to pave new pathways for the youth who might not have seen cybersecurity as a viable career option. This is also why I published ‘Oh, No …Hacked Again! and ‘See Yourself in Cybersecurity’ to educate children not only about the importance of online safety but creating exposure and introducing them to cybersecurity careers. The power of mentorship cannot be overstated, by pairing emerging talents with seasoned professionals.

ISSUE 15

TheCyberExpress

We’re not just transferring knowledge; we’re also building confidence and breaking down the invisible barriers that often deter women from advancing in the field. I am also big on building personal brand and networking opportunities tailored for women and underrepresented groups to serve as both a support system and a professional springboard. This is also why I created a LinkedIn Learning Course on Build Your Brand in Cybersecurity for both aspiring and seasoned cybersecurity professionals. Moreover, fostering an environment that champions professional development that ensures that once talent is in the door, it has every opportunity to grow, lead, and innovate. The voices of women in cybersecurity need amplification, not just within their organizations but across the industry. Advocating for and highlighting successes, and ensuring women are visible in leadership roles, paying them what their skill worth, speaking engagements, and in the media, sends a powerful message about the value of diversity in cybersecurity. We need to continue pushing the boundaries, breaking stereotypes, and paving the way for more women to enter and thrive in this field. The industry desperately needs this infusion of more women and diversity of thought to continue growing, innovating, and effectively securing our world.

TheCyberExpress

ISSUE 15

CYBERVILLE

Work-Life Integration:

Strategies for Balancing Career and Personal Life in Cybersecurity - By Rooplakshmi Chamraj Head HR, Cross Identity

In today’s rapidly shifting landscape, finding a harmonious balance between work and personal life can seem like an elusive goal, especially in the demanding field of cybersecurity. For women in cybersecurity, this balancing act often involves navigating additional layers of complexity. Despite significant strides in gender diversity and inclusion,

ISSUE 15

TheCyberExpress

women continue to be underrepresented in the field of cybersecurity, comprising only a fraction of the workforce. As such, achieving work-life integration is not only about managing the demands of a high-pressure career but also about overcoming barriers and breaking stereotypes in a male-dominated industry.

TheCyberExpress

ISSUE 15

CYBERVILLE

However, regardless of gender, cybersecurity professionals face similar challenges when it comes to balancing career aspirations with personal commitments. The constant demands of safeguarding digital assets, staying ahead of emerging threats, and maintaining stringent security protocols can leave little room for personal time and relaxation. Yet, achieving a healthy work-life integration is not only crucial for individual well-being but also essential for sustained success and effectiveness in one’s career. Establish Clear Boundaries: Set clear boundaries between your work and personal life. Designate specific times for workrelated tasks and ensure that you stick to them. Avoid checking work emails or engaging in workrelated activities during your personal time. By delineating boundaries, you can prevent work from encroaching into your personal life and vice versa Prioritize Tasks: In the fast-paced world of cybersecurity, it’s easy to feel overwhelmed by the sheer volume of tasks and responsibilities. Take a step back and prioritize your tasks based on their importance and urgency. Focus on completing high-priority tasks first, and don’t hesitate to delegate or seek assistance when necessary. By effectively managing your workload, you can avoid burnout and maintain a better balance between work and personal life Practice Time Management: Efficient time management is key to achieving work-life integration. Use tools such as calendars, to-do lists, and time-tracking apps to organize your schedule and allocate time for both work and personal activities. Be realistic about your time commitments and avoid overcommitting yourself. Remember to schedule regular breaks throughout the day to recharge and rejuvenate

ISSUE 15

TheCyberExpress

Set Realistic Expectations: Be realistic about what you can accomplish within a given timeframe. Avoid setting unrealistic expectations for yourself or others, as this can lead to feelings of frustration and disappointment. Communicate openly with your colleagues and supervisors about your workload and deadlines, and don’t hesitate to renegotiate deadlines if needed. By setting realistic expectations, you can reduce stress and maintain a healthier work-life balance Unplug and Recharge: Make time for yourself to unplug from work and engage in activities that rejuvenate your mind and body. Whether it’s spending time with family and friends, pursuing hobbies and interests, or simply taking a leisurely walk outdoors, prioritize activities that bring you joy and relaxation. Remember that taking care of your well-being is essential for longterm success in your career and personal life Seek Support: Don’t hesitate to seek support from colleagues, friends, and family members when needed. Share your challenges and concerns with trusted individuals who can offer advice, perspective, and encouragement. Consider joining professional networks or support groups for cybersecurity professionals, where you can connect with peers facing similar challenges and share insights and strategies for achieving work-life balance. Achieving work-life integration in cybersecurity requires a combination of clear boundaries, effective time management, realistic expectations, and self-care practices. By prioritizing your wellbeing and taking proactive steps to maintain a healthy balance between work and personal life, you can enhance your overall satisfaction and success in both realms. Remember that finding balance is an ongoing journey, and it’s okay to adjust your approach as needed to meet changing circumstances and priorities. With dedication, perseverance, and a focus on what truly matters, you can thrive both professionally and personally in the dynamic field of cybersecurity.

TheCyberExpress

ISSUE 15

HER CYBER

ISSUE 15

TheCyberExpress

UNDER

TheCyberExpress

ISSUE 15

HER CYBER

Aastha Sahni Security Analyst II at Microsoft Aastha Sahni, a seasoned cybersecurity professional with over seven years of experience, specializes in Identity & Access Management, Application Security, SIEM, Threat Hunting, Azure Cloud, and Vulnerability Management. Currently Security Analyst II at Microsoft, she has progressed from earlier roles as an Engineer to Technical Trainer. Beyond her technical expertise, Aastha is a dedicated advocate for Diversity & Inclusion, empowering women in cybersecurity through initiatives like the BBWIC Foundation, where she is the founder. She extends her impact as a mentor at WiCyS, TopMate, and WomenTechNetwork. Aastha is also an ambassador for Snyk, actively contributing to the cybersecurity community, and plays a crucial role on The Diana Initiative’s board, providing mission-based leadership. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey into cybersecurity began nearly 9 years ago when I embarked on my master’s degree in information security management. Graduating with a bachelor’s degree in computer science in 2013, I sought a role beyond traditional coding and testing positions. During my undergraduate years, cryptography and operating system security captivated my interest. This passion led me to pursue a master’s program in computers. After preparing for and successfully passing the national-level exam GATE (Graduate Aptitude Test in Engineering) in 2015, I stumbled upon a course in Information Security Management while considering admission options. Instantly intrigued, I enrolled in the two-year program and graduated in 2017. Those transformative years provided me with invaluable

ISSUE 15

TheCyberExpress

opportunities to explore various facets of cybersecurity and its practical applications. 2.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? Over the past 5-10 years, the cybersecurity industry has undergone significant transformations in terms of diversity, equity, and equality. In the early stages of my career, I faced challenges as a woman in a predominantly male team, encountering bias situations that questioned my skills and assumed limited experience in handling critical situations. Initially, navigating such bias was tough, but through my engagement with cyber communities, I recognized the importance of taking a stand and advocating for equity, equality, and inclusion for women. Women often bear a significant responsibility, and when not treated equally, it can lead to self-doubt and imposter syndrome. Thankfully, there is now a positive shift, with companies implementing robust diversity and inclusion policies to empower women to raise their voices and report any incidents. Personally, I am committed to fostering a supportive community and empowering fellow women in the field. Through sharing experiences and insights, we can collectively challenge stereotypes and contribute to building a more inclusive and welcoming industry. Championing diversity is not just crucial for personal growth but also for the overall advancement and innovation of the cybersecurity field.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? While there has been a noticeable uptick in the representation of women in leadership roles within the cybersecurity sector in recent years, the current level of progress remains insufficient. The shortage of women in fundamental cybersecurity roles persists, influenced by factors such as unconscious bias, imposter syndrome, and gender biases, all of which contribute to limiting the professional growth of women in leadership positions. Despite these challenges, the perspectives that women contribute to the field are invaluable. Their diverse viewpoints prove particularly beneficial in various scenarios, be it responding to incidents or constructing effective security response teams. Embracing and fostering these diverse perspectives not only enhances the industry’s problem-solving capabilities but also reinforces the resilience of cybersecurity practices in an ever-evolving landscape. As we continue addressing barriers to entry and progression, the cybersecurity sector stands to gain significantly from a more inclusive and diverse leadership landscape.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? To overcome the primary barriers hindering women’s entry into cybersecurity roles, our comprehensive strategy involves various initiatives. We are actively addressing challenges through scholarship programs, specialized training, and innovative recruitment practices. A key aspect of our approach is empowering women to participate prominently in industry conferences, both as attendees and speakers. This not only boosts their confidence but also facilitates

ISSUE 15

TheCyberExpress

valuable network building, exposes them to different facets of cybersecurity, and ensures continuous skill development. By combining these efforts, we aim to create an environment that not only removes obstacles but significantly enhances female representation in the cybersecurity field. 5.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Cloud computing and artificial intelligence (AI) undeniably dominate discussions as the rapidly expanding trends in the cybersecurity landscape. These trends contribute to the development of more robust strategies in threat hunting, vulnerability management, and various defense, risk, privacy, and offensive mechanisms. To stay informed about new trends and ensure continuous learning in this evolving field, I actively engage in cyber conferences, pursue certifications, participate in cyber communities, and leverage social media platforms such as LinkedIn. Regular research endeavors are crucial for keeping myself updated and adapting to the dynamic nature of cybersecurity. Given the perpetual evolution in this domain, adopting a lifelong learning approach is essential for professional growth and expertise.

TheCyberExpress

ISSUE 15

HER CYBER

Asmae E CISO at Hightech Payment System (HPS) Asmae EL MORABIT- Chief Information Security Officer at Hightech Payment System (HPS), a worldwide leader in the card payment industry and payment processing. She has an extensive experience in the Cybersecurity field, Risk Management and Data protection. Asmae is a seasoned IT & Cyber Risk expert, with more of a decade of experience spanning IT, Education, and financial industries. She has cumulatively represented internal control functions in Audit, IT and Cyber Risk oversight and supervision, Compliance and Data Protection, within multinational banking groups. One of the global 40 under 40 Cybersecurity Talents in 2023, Asmae’s profound knowledge and proven track record are widely acknowledged on an international scale around her peers through her work and project in area of IT & Cybersecurity Audit and Risk Management. She envisions a future where concerted efforts towards talent development not only bolster national security resilience but also foster innovation and competitiveness on the global stage. In overseeing the transition to disruptive technologies, she firmly believes there is there is a constant need to empower organizations to navigate the intricate regulatory environment effectively, while fostering a culture of cybersecurity resilience and regulatory compliance. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? The initiation of my journey into cybersecurity can be traced back to my undergraduate capstone project, which involved an in-depth study of ARP spoofing, Session Hijacking, and DNS spoofing attacks, culminating in their simulation. This threemonth project not only concluded successfully but also profoundly captivated my interest in the field of cybersecurity: I was ‘hooked’. Subsequently, I embarked on my professional career as a Security Engineer at a medium size company, a role that entrusted me

ISSUE 15

TheCyberExpress

with the responsibility of conducting penetration testing that allowed me to expand my technical skills in cybersecurity. Upon joining the banking sector right after, the significance attributed to my endeavors, coupled with the profound implications of cybersecurity threats, imbued my work with a more tangible sense of purpose and value adding. It became evident that the relentless advancement of technology would invariably introduce a spectrum of cybersecurity vulnerabilities, ensuring a dynamic and ever-challenging environment. From that juncture, I was convinced that the field of cybersecurity would constitute the focal point of my professional aspirations, promising a career replete with engagement and continuous learning. 2.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? One of the most exhilarating experiences of my career occurred during my tenure as an internal auditor within the banking sector, with a primary focus on security audits through the execution of penetration testing. As a young woman introduced to predominantly male auditees when starting audit assignments, I must acknowledge a recurrent perception of not being taken seriously. However, this initial underestimation, that I somehow naturally ignored, afforded me the opportunity to conduct my duties with minimal skepticism from others, who were notably forthcoming in sharing information. By the conclusion of these assignments, auditees were often taken aback, realizing that their initial discrimination had inadvertently worked to their disadvantage. Even in my current role, I encounter situations where male colleagues, under the assumption that I may lack technical proficiency, attempt to oversimplify technical explanations. I find it a little cliché and I got used to it.

TheCyberExpress

ISSUE 15

HER CYBER But on another note, I consider myself fortunate to have had exceptional mentors who supported and motivated me to follow the cybersecurity path, all those mentors were all men! My father being on top of them 3.

to recognize that once a woman demonstrates her capabilities and worth, her contributions are acknowledged and valued. This realization underlines the need for a shift in perception and evaluative criteria within the cybersecurity community to ensure a level playing field where talent and merit are the sole determinants of success.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? 5. I believe that Women’s representation in cybersecurity leadership roles is a reflection of their growing contribution to a field that benefits immensely from varied skills and insights. The primary challenges encountered include overcoming preconceived notions about technical competence and navigating a landscape that has traditionally seen fewer women in top positions. Nonetheless, this scenario offers a significant opportunity for women to demonstrate leadership and expertise, pushing the boundaries of what’s achievable in cybersecurity. As the field evolves, the focus remains on the value of individual merit and the unique perspectives each person brings to the table, which, in turn, drives innovation and effectiveness in addressing cybersecurity challenges. I believe that Women’s engagement in cybersecurity introduces a breadth of problem-solving styles and innovative approaches crucial for tackling the sector’s dynamic challenges. Their perspectives contribute to developing nuanced security approaches and enhancing team dynamics, leading to more effective and forward-thinking solutions. By integrating varied life experiences and cognitive approaches, I believe that women can significantly enrich the cybersecurity landscape, fostering resilience and innovation in crafting technically robust and socially aware security measures.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? Reflecting on the primary barriers to entry for women in cybersecurity roles, it is imperative to acknowledge that the foundation for success in this field should ideally rest upon one’s skills and the unique contributions one can offer, irrespective of gender. However, it is observed that women often encounter a more challenging journey to prove their value and expertise compared to their male counterparts, necessitating greater effort to gain professional respect. Despite these initial hurdles, it is important

ISSUE 15

TheCyberExpress

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Advancements in Artificial Intelligence and Machine Learning are poised to revolutionize the cybersecurity landscape, enhancing security resilience in different industries. These technologies enable real-time threat detection and proactive defense mechanisms. Additionally, the adoption of Zero Trust Architecture and Secure Access Service Edge frameworks presents a paradigm shift towards a more decentralized and context-aware approach to security. More specifically, in the realm of cybersecurity within the payment industry and card processing sectors, the integration of these disruptive technologies stands to significantly enhance security and fraud detection capabilities. The addition of tokenization and advanced access and authentication methods offers robust and user-friendly security layers aiming to ensure resilience against security risks. Furthermore, the landscape is increasingly influenced by a surge in legal and regulatory obligations, which underscores the critical need for advanced cybersecurity and data protection measures. These innovations and trends collectively signal a transformative yet complex shift in continuously securing transactions and personal data against sophisticated threats. To stay informed about the latest cyber threats and vulnerabilities, I actively engage with a variety of resources and communities. LinkedIn serves as a vital platform for following industry leaders and organizations, providing insights into emerging trends and discussions. I also regularly consult known cybersecurity journals, which offer in-depth analyses and research findings on the latest threats and technological advancements. Additionally, being a member of international communities, such as ISACA, allows me to participate in global discussions, access a wealth of knowledge resources, and collaborate with professionals facing similar challenges.

TheCyberExpress

ISSUE 15

HER CYBER

Caitlin S Founder and Executive Director at Cybersecurity Girl LLC Caitlin is the top Cyber influencer with 850k+ followers, and SANS Cyber Community of the Year Winner. She empowers cybersecurity for all by helping them protect their online world & inspire tomorrow’s leaders. Over the past 2 years, she’s championed diversity in the field, educated on cybersecurity careers, and promoted/simplified cybersecurity topics and online safety.

me, offering an ever-evolving career that demands continuous learning and adaptation. Cybersecurity is such an incredible career path because the digital environment is always changing, and you get to constantly learn. 2.

Caitlin previously led TikTok’s Global Cyber Advocacy team, leading their cyber awareness both internally & externally and prior, she spent a decade in cyber consulting, starting at EY, focusing on data protection, then moved to the UK for GDPR and Data Privacy and later back to the US to help DLA Piper’s cyber and privacy consulting practice. Caitlin continues to be the top cyber educator. 1.

Yes, cybersecurity, like many STEM fields, has been predominantly male-dominated. My path was full of gender-based hurdles and biases. Facing skepticism about my capabilities solely based on my gender was a recurring theme on my path, even now. I navigated these challenges by focusing on acquiring knowledge, showcasing competence, and building a supportive network. Overcoming these biases wasn’t just about proving my worth but about paving the way for more women to enter and thrive in this field without facing the same prejudices as well as having faith in myself and my abilities.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? I never thought I would get into cybersecurity, mostly because I thought it was just men in a black hoodie sitting behind a computer and hacking. I was an aerospace mechanical engineer and after my Masters, I was applying to tech consulting. During one of my interviews, I was asking if I was interested in doing cybersecurity consulting. Despite my reluctance— stemming from my less-than-stellar coding skills acquired from two college classes—the prospect of diving into cybersecurity sparked my curiosity. I pride myself on being a glorified problem solver and cybersecurity just seemed like another large problem that I could solve. It also seemed like a new learning adventure, so I said “Yes”. Ever since then, I never looked back. The field has never ceased to captivate

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry?

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? It’s a fact that women’s representation in leadership positions within cyber security is more than just diversity statistics: it underscores females’ unique perspectives and innovations.” When addressing women’s representation in leadership roles within cyber security context, professional desires versus personal obligations are important aspects to consider

TheCyberExpress

ISSUE 15

HER CYBER

among others.” The burden of managing careers alongside family responsibilities weighs heavily on many working women with limited resources or support networks to assist them juggle these conflicting interests.” Thus pressures from both sides act as barriers preventing female progression hence contributing to under-representation of women at the top. However, organizations often lack policies that truly support work-life balance such as flexible working hours, remote work opportunities and parental leave which are imperative for women striving to reach career heights while juggling family commitments. This leads to a funnel-like effect where numerous women join the industry at entry levels but their numbers reduce sharply in higher leadership ranks. Such high demands combined with limited support for blending career and life make many competent females choose between these two aspects most times sidelining their professional dreams. To address this gap and increase representation of women in cybersecurity leadership roles, more inclusive and supportive polices need to be adopted by organizations as well as the industry in general.” Consequently, there is a need for environments that foster work-life balance.’ These include flexible working arrangements, generous parental leave packages and childcare provisions.” Additionally, it is important to create a culture

ISSUE 15

TheCyberExpress

that does not penalize those decisions in terms of career progression. These support systems if integrated enrich the cybersecurity industry with diverse leadership perspectives that don’t exist currently among them. Women’s exclusive insights and experiences are vital when crafting innovative cyber security tactics thus improving the sector’s potentiality towards handling complicated challenges.” On this basis alone, promoting a better relationship between home life and work is enough to unlock the female potential for leading in cybersecurity so as to enhance progress and innovation in this field. Women who are leaders in cybersecurity have the ability to assist in establishing inclusive cultures, drive diversity of thought and encourage future generations. Women’s views play a significant role in the development of comprehensive cyber security strategies that can address an extensive range of threats and vulnerabilities to further strengthen the industry. What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? To overcome the primary barriers hindering women’s entry into cybersecurity roles, our comprehensive strategy involves various initiatives. We are actively addressing

challenges through scholarship programs, specialized training, and innovative recruitment practices. A key aspect of our approach is empowering women to participate prominently in industry conferences, both as attendees and speakers. This not only boosts their confidence but also facilitates valuable network building, exposes them to different facets of cybersecurity, and ensures continuous skill development. By combining these efforts, we aim to create an environment that not only removes obstacles but significantly enhances female representation in the cybersecurity field. 4.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? The primary barriers for women entering cybersecurity often include: Stereotypes- Many women don’t see themselves with a career in cybersecurity because they aren’t aware of just how many types of cybersecurity jobs are out there and the skills needed for these jobs. Similar to my original view of cybersecurity, many women think cyber is just male hackers Lack of role models- There aren’t many women in cybersecurity leadership to look up to Unequal access to Cyber education from childhood For these reasons, it is crucial

to handle these issues at their core by promoting STEM education among girls, encouraging mentorship programs, and highlighting successful females in the field. Moreover, the organizations should also strive for inclusive hiring practices as well as create environments that support women’s development towards senior positions.

with advancements like artificial intelligence, machine learning, and blockchain offering new ways to tackle security threats. Simultaneously, these technologies introduce complex vulnerabilities. To revolutionize cybersecurity, we must focus on developing adaptive, intelligent security measures that can anticipate and mitigate emerging threats.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry?

Staying informed is a complex endeavor, I personally stay up-to-date with news alerts, LinkedIn forums, constant communication and collaboration with industry leaders, and continual learning of new threats and new tech.

The cybersecurity landscape is constantly changing,

TheCyberExpress

ISSUE 15

HER CYBER

Camille Stewart Gloster Deputy National Cyber Director, Technology & Ecosystem Security at Office of the National Cyber Director, The White House Camille Stewart Gloster, Esq. is the Deputy National Cyber Director for Technology & Ecosystem for The White House. In her role, Camille advises the President and leads technology security, supply chain security, data security, emerging technology, and cyber workforce and education efforts for the Office of the National Cyber Director. Camille led the development and implementation of the 2023 National Cyber Workforce and Education Strategy, and an integral part of the drafting and current implementation of the National Cybersecurity Strategy, the A.I. Executive Order, and the U.S. National Standards Strategy for Critical & Emerging Technology. Camille sits on the White House AI Council and leads the Open Source Software Security Initiative. Camille is a cyber, technology, and national security strategist and policy leader whose career has spanned the private, public, and non-profit sectors. She joined ONCD from Google, where she most recently served as Global Head of Product Security Strategy, and before that as Head of Security Policy and Election Integrity for Google Play and Android.

ISSUE 15

TheCyberExpress

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My Dad is computer scientist so I started coding and taking Russian in kindergarten. I spent my academic career trying to figure out how to marry my love of technology with my interest in law and society. I was recruited to a cybersecurity company after law school and the realization that my legal skills were just as valuable as my technical acumen cemented my desire to work in the space. Not to mention, this work is intellectually stimulating and at the forefront of one of the greatest forces shaping out lives, technology.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? My differences are one of my greatest assets. That realization has helped me navigate bias and discrimination. Coupled with a

strong support system within the cybersecurity community and in personal life, I have been able to demonstrate my value in ways that have made me indispensable. 3.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? We need more women and gender minorities in cybersecurity leadership. While representation of women is improving there is still work to do particularly for women of color and gender minorities. Diversity is our greatest asset in understanding risks and opportunity. We would be better able to see and mitigate how our natural human biases make us vulnerable if we had more diversity in the industry.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field?

We need to stop making young girls feel like math is too hard for them so they’re willing to explore technical careers. But that is no the only pathway to cybersecurity. We must correct the misperception that cybersecurity roles are all deeply technical. Cybersecurity is multidisciplinary and we need a variety of skills sets – communications, law, marketing, policy, strategy, etc. – to combat threats and maximize opportunity. 5.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Artificial Intelligence is the topic of the day but the power and possibility of technology is only matched by the potential security risks. A.I. security is a topic cybersecurity professionals must educate themselves on, it will impact their work. There are a number of trainings available as well as the daily news and research releases are great sources of information. A cybersecurity career demands continued learning.

TheCyberExpress

ISSUE 15

HER CYBER

Confidence Staveley Founder at MerkleFence Confidence Staveley is Africa’s most celebrated female Cybersecurity Leader, API Security Professional, Talent Developer, International Speaker, and Inclusion advocate. She has achieved numerous professional certifications and industry recognitions. What sets Confidence apart is her innate ability to merge profound cybersecurity knowledge with impeccable communication finesse. She excels in translating intricate cybersecurity concepts into digestible, jargon-free insights for diverse audiences.

languages and felt very excited each time I was coding. I soon realized a career in tech was more what I wanted. So, I pitched to my parents to let me pursue a career in tech and they agreed. I went on to get a diploma in software engineering, a bachelor’s degree in information technology and business information systems and a master’s degree in information technology management. It was during my master’s that I took an elective course called cryptography. It was through that elective that I got introduced to the world of cybersecurity and I knew I wanted to further niche down to build a career in the field. I got my lecturer at the time to mentor me and started self-learning. I landed my first cybersecurity role, years after gaining experience on several short stints’ cybersecurity projects.

Her unique approach is brilliantly showcased in her YouTube series, “API Kitchen”. Here, she employs culinary metaphors to illuminate API Security intricacies. Within its debut season, this series amassed over half a million views across social media, as Confidence masterfully served up a banquet of API security wisdom. Her exceptional contributions are frequently celebrated, recently she clinched the title of Cybersecurity Woman of the World 2023. Her previous recognitions span awards like the Cybersecurity Woman of the Year for both 2021 and 2022, a nod as the International Security Journal 2023 Influencer, a spot in the Top Cyber News 40 under 40 in Cybersecurity, a LinkedIn Top Voice distinction, and a ranking amongst the Top 50 Women in Cybersecurity Africa, etc. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? I got into cybersecurity by sheer happenstance. My parents had always wanted me to study medicine but during my gap year just before university, they encouraged me to keep myself busy by taking basic computing classes at a nearby ICT learning center. It was ta that place I first got to use a computer and I loved it. I went on to begin to learn programming

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? I won’t say I have particularly directly faced discrimination, but I have experienced biases. People underestimate and expect me to suck at technical concepts. Considering that I have been tech all my adult life, this is laughable. I have however taken a positive perspective to this. I keep growing my knowledge and continuously honing skill sets in the field. Consequently, being underestimated almost always means I will outperform expectations most times. I have however seen many other women being passed over for roles and discriminated against because of their gender. I have also seen men try to take advantage of young women by trying to offer

TheCyberExpress

ISSUE 15

HER CYBER

mentorship sessions at weird places like hotel rooms and presenting that as the only option if the lady is “serious” about being mentored by them.

Women’s perspectives contribute to and enhance the cybersecurity industry by fostering creativity, resilience, and inclusivity. Diverse teams are better equipped to identify and mitigate risks, develop more comprehensive solutions, and effectively communicate with diverse stakeholders. By embracing and empowering women in leadership roles, we can create a more dynamic and resilient cybersecurity ecosystem.

It is my dream that one day, women will be seen for their competence and our industry will get and retain great talents, rid itself of discrimination, bias and harassment. I dream of a cybersecurity industry where women can feel safe, bring their best selves to work and be supported through all phases of their lives as we jointly strive to win the war against cybercrime. 3.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women hold only 5% of leadership roles in the IT industry. The data gets even worse when you consider women of colour. The data also shows that organizations are more profitable when they have women in every part of the business, especially in its leadership. So, it makes business sense to be intentional about hiring qualified women into cybersecurity leadership roles. Not only do women have the innate ability to drive better collaboration between other business units and the information security teams, but women are also very dedicated and skilled. The challenges however are that we are not keeping women long enough in the workforce to reach these leadership positions. With time poverty being a real issue women face, and lip service being paid to establishing mentorship programs and care support in the workplace, many women often have to pick between their careers and raising a family. I also believe that women’s representation in cybersecurity leadership roles is crucial for the industry’s growth and effectiveness. Currently, women are significantly underrepresented in leadership positions within cybersecurity, which is a missed opportunity for diversity of thought and innovation. Challenges such as unconscious bias, lack of mentorship opportunities, and gender stereotypes often hinder women’s advancement in this field. Women bring unique perspectives, problem-solving approaches, and collaborative skills to the table, which are invaluable assets in addressing the complex and evolving cybersecurity landscape.

On the bright side, given the heavy focus on diversity and inclusion, more gender-focused cybersecurity capacity building programs and communities have sprung up in the last few years to attract and support women to come into the industry. If we continue with this momentum, we stand a good chance to change the narrative on women’s representation in the coming years.

ISSUE 15

TheCyberExpress

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? We must create programs that catch girls young, upstream and educate them about the prospects of a career in cybersecurity. In my opinion, the biggest barriers to women’s representation in this industry can be coined into an acronym, which is BAR. B - Believe A – Access (access to vital learning infrastructure (internet subscriptions, etc.), digital tools (laptop, vouchers for learning platforms, etc.)). Girls are also less likely to get basic education in the first place. R – Representation Dismantling these barriers will require targeted investments in communities delivering cyber capacity programs, more visibility female role models in the industry, showcasing success stories of young women thriving in the industry. There also needs to be more programs that prioritize access to tools, education and communities that upskill women and support them to enter the workforce. While entering the workforce is the first step, it is not the end. We must also create programs that support women to stay in the workforce and provide the support required to transition to leadership roles.

The primary barriers to entry for women in cybersecurity roles include a lack of representation and visibility, limited access to resources and opportunities, and systemic biases within the industry. To remove these obstacles and enhance female representation in cybersecurity, proactive measures are needed at both organizational and societal levels. Firstly, organizations must prioritize diversity and inclusion initiatives, including targeted recruitment efforts, mentorship programs, and leadership development opportunities for women. Creating inclusive work environments where women feel supported, valued, and empowered to succeed is essential. Secondly, educational institutions and industry stakeholders should collaborate to promote STEM education and cybersecurity training for women from an early age. Providing scholarships, internships, and mentorship programs can help bridge the gender gap in cybersecurity talent pipelines. Additionally, challenging gender stereotypes and unconscious biases through awareness campaigns, advocacy efforts, and cultural shifts is crucial for fostering a more inclusive cybersecurity workforce.

Ultimately, achieving gender parity in cybersecurity requires a collective effort from all stakeholders, including government agencies, industry leaders, educational institutions, and individual professionals. By working together to address the root causes of gender inequality and create more equitable opportunities, we can build a stronger and more resilient cybersecurity workforce for the future. 5.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? I believe artificial intelligence and quantum computing have the greatest potential of changing how we tackle cybersecurity threats and vulnerabilities in this decade. For a fact, today’s defenses will not suffice to defend against most threats in 2 years. With higher computing power available to everyone, we will need stronger encryption algorithms, ubiquity of passwordless systems and innovative use of AI to combat cyber threats. While we discuss the future and all the changes to ome with advancement of technology, I will also like to add that organizations must today first prioritize implementing the nonnegotiable controls, without which they’ll become fruits on the ground to the adversaries and not even and not low hanging fruits.

TheCyberExpress

ISSUE 15

HER CYBER

Alexandra Mercz Founder, Synterra Asia Alexandra Mercz brings an impressive blend of expertise in cybersecurity, corporate governance, and Environmental, Social, and Governance (ESG) principles, with significant experience across the global banking and fintech sectors. As a seasoned Chief of Staff and Transformation Leader, she has held pivotal roles in several Chief Information Security Officer (CISO) and Chief Operating Officer (COO) offices, demonstrating a commitment to advancing secure and ethical business practices. With a notable career that spans strategic leadership and operational excellence, Alexandra’s work is characterized by a unique ability to merge sustainable business strategies with robust cybersecurity measures, ensuring that companies not only achieve their business objectives but also contribute positively to society and the environment. In her role, Alexandra has been instrumental in guiding businesses through the complexities of online security, emphasizing the critical importance of safeguarding digital information. Her strategic insight, coupled with practical solutions, has helped companies navigate the ever-evolving tech landscape successfully. A passionate advocate for diversity, equity, and inclusion (DEI) in the tech industry, Alexandra has been a vocal supporter of increasing women’s representation in cybersecurity. Through mentorship programs like ISC2 Singapore Mentorship Program, she has actively contributed to creating a more inclusive and balanced professional community. Her dedication to mentoring extends beyond professional guidance, focusing on mental health, human dignity, and neuro-diversity. As a respected public speaker and committed volunteer in the cybersecurity field, Alexandra is at the forefront of promoting better diversity and inclusion practices. Her

ISSUE 15

TheCyberExpress

advocacy for self-development and breaking barriers has made her a role model for women in cybersecurity and beyond. Alexandra Mercz’s leadership and vision in combining cybersecurity with sustainable and ethical business practices make her an invaluable asset, driving forward secure, responsible, and inclusive business operations in the digital age.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey to cybersecurity was driven by a desire to tackle future challenges, leveraging my extensive experience in technology and business. This combination of multi-disciplinary skills became particularly relevant as the cybersecurity landscape began to shift, especially within the financial sector. Financial institutions manage vast amounts of sensitive data and financial transactions, making them prime targets for cyber threats. Recognizing the need for sophisticated security strategies that encompass both technical and business insights, I was drawn to the field. The opportunity to contribute to the protection of digital infrastructures and to ensure the integrity of online transactions motivated my move into cybersecurity. It was clear to me that effective cybersecurity goes beyond technical defenses; it requires a comprehensive understanding of how technology impacts business operations and customer trust.

TheCyberExpress

ISSUE 15

HER CYBER

This realization guided my commitment to cybersecurity, a field where I could make a significant impact by safeguarding digital assets and fostering a secure online environment for businesses and their clients. 2.

My career progression has been significantly influenced by active advocacy, sponsorship, and a strong belief in my potential. These elements have been crucial in overcoming challenges and navigating a maledominated industry. Rather than focusing solely on the barriers, I’ve committed to continuous professional growth and learning, seeking mentorship across the board and engaging in initiatives that promote diversity and inclusion. By advocating for equal representation and fostering an environment where merit drives recognition, I aim to dismantle outdated stereotypes. This approach not only challenges the status quo but also highlights the importance of diversity as a strength in cybersecurity. My journey reflects a commitment to professional excellence and an unwavering belief in the potential of every individual in the field. What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women’s representation in cybersecurity leadership is crucial for fostering diverse perspectives and innovative solutions. Despite some progress, women still face

Women bring unique viewpoints, problem-solving skills, and empathy to leadership roles—qualities that enhance team dynamics and drive effective cybersecurity strategies. Promoting gender diversity in leadership not only strengthens cybersecurity defenses but also encourages a more inclusive and dynamic industry culture.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? Yes, in my journey within the cybersecurity field, I’ve faced gender discrimination and biases, a common challenge for many women in STEM. Despite these obstacles, I’ve always maintained a professional outlook, focusing on the skills and contributions of each individual, rather than their gender. This perspective has shielded me from imposter syndrome, reinforcing my belief that everyone deserves their place in cybersecurity, regardless of gender or any other factors.

significant underrepresentation and challenges, including biases and limited access to leadership opportunities. However, the opportunities for women to contribute to and lead in cybersecurity are immense.

ISSUE 15

TheCyberExpress

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? The primary barriers to entry for women in cybersecurity include persistent gender stereotypes, a lack of visible female role models, and limited access to sponsorship and mentorship. To remove these obstacles, it’s essential to cultivate an inclusive culture that actively promotes diversity from the educational level to the workplace. Initiatives like mentorship programs, scholarships, and awareness campaigns can inspire and support women’s entry and advancement in cybersecurity. Encouraging women’s participation in tech communities and leadership roles can also help dismantle barriers and ensure a more gender-diverse industry. Adding to this, setting clear Key Performance Indicators (KPIs) for diversity, coupled with sponsorship, mentorship, and active advocacy, makes a tangible difference alongside awareness efforts. These measures provide a framework for tracking progress and ensuring accountability, which is crucial for driving real change. By prioritizing these actions, organizations can not only attract but also retain female talent, creating a more balanced and inclusive cybersecurity field. This approach emphasizes the importance of not just opening doors for women but supporting their journey through meaningful engagement and opportunities for professional growth.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Cybersecurity is rapidly evolving, with advancements like artificial intelligence, machine learning, and blockchain technology offering new possibilities for threat detection and prevention. These innovations have the potential to revolutionize the industry by enhancing the efficiency and effectiveness of cybersecurity measures.

Staying informed about the latest cyber threats and vulnerabilities is critical for addressing these advancements. I engage with a variety of sources, including cybersecurity journals, conferences, online forums, and professional networks, to keep abreast of new trends and technologies. Continuous learning and collaboration with peers in the industry are essential for navigating the dynamic cybersecurity landscape effectively.

TheCyberExpress

ISSUE 15

HER CYBER

Dasha Diaz Founder and CEO at itrainsec Dasha Diaz, founder and CEO of itrainsec, started the company with one aim to provide the best cyber security training and events. For the past 10 years, she has been organizing top-class IT security conferences and training for cybersecurity professionals around the world. This invaluable experience had enabled her to build a network with some of the best and brightest experts and trainers. Before founding itrainsec, Diaz spent nearly 12 years at one of the world’s top cybersecurity companies, Kaspersky. She began her career there as a PR manager, then joined the Global Research and Analysis Team (GReAT) to do threat research communications and organise the Security Analyst Summit. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey into cybersecurity was kind of unexpected. It all started when a lady from a hiring agency encouraged me to apply for a PR job at a top antivirus company. I was young, shy, and unsure about my career, especially after my first maternity leave. Plus, I didn’t know much about cybersecurity back then. So, my path began with a big change in how I saw things. I really thought cybersecurity was boring and only for techy/geeky people, and actually I considered it as a men career path only. I started off doing public relations, but then I got interested in the research and analysis side of things. Even though I never saw myself as a tech expert, I found myself really intrigued by how everything worked together in cybersecurity. I’ve been working closely with cybersecurity pros for over 14 years now. It’s been a wild ride of learning from scratch, but it’s also been the most exciting part of my career.

ISSUE 15

TheCyberExpress

The most impactful thing for me was organizing a conference. When we’ve done it for the first time, the success has blown my mind. When you see the grateful audience that found new contacts, learnt new things, got connected with someone to collaborate on things it was very impactful, and I realized I finally have found what I’d like to do in life. 2.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? I have definitely noticed the gender gap in cybersecurity ever since I started in this field. In my role, where I organize international cybersecurity conferences, I’ve reached out to many women to submit their research. Surprisingly, I’ve received numerous personal messages from them, questioning whether they should even bother submitting. Their reasons range from feeling shy to lacking confidence in their work. One of the biggest challenges I’ve faced is this profound mindset that holds us back and makes us doubt ourselves. It’s a barrier for many of us, especially women, but we have to overcome. I’m glad to see that there are now many organizations dedicated to supporting women in cybersecurity. They’re showing us that the opportunities are there for all of us. We just need to take that leap of faith, give it a shot, and be part of the change we want to see. Yet, I don’t want vendors and businesses to hire women for the sake of statistics and trends. It should be a conscious choice and support.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Lately women’s representation in cybersecurity leadership roles is improving, but there’s still a way to go. The cybersecurity industry is facing a shortage of staff at all levels, and the problem is getting worse as the demand for professionals grows. I honestly believe that having women in cybersecurity leadership roles is important for many reasons: they simply have a different mindset, they find the ways of solving problems with a very creative, unusual approach, and they are good at working together. Well, at least this is my own experience:) But, IMHO, diverse teams can understand and tackle a wider range of security threats.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? First, we must challenge stereotypes and encourage women to explore cybersecurity, and this can already be done at schools when the kids get introduced to the computer science. It’s a very important step in the whole education, because we also teach the kids how to stay safe while using any kind of gadgets. Creating more cross-programs in the universities, so the young women could explore the cybersecurity field. Second, creating supportive environments within the industry, like mentorship programs and networking events for women, is crucial. It will allow them to develop certain skills, to grow professionally, and to grow confidence. Third, addressing the shortage of cybersecurity professionals by investing in training programs and offering scholarships or internships to women interested in the field is essential. Overall, promoting diversity and inclusion through policies like flexible work arrangements and bias-free recruitment processes will help make the cybersecurity industry more welcoming to women.

ISSUE 15

TheCyberExpress

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? I think it’s an inexhaustible topic of the conversation as everyone has their own opinions. I believe advancements like AI and ML are not only promising for faster threat detection, bit it’s our future that actually is here already. Quantum cryptography offers solutions that are theoretically unhackable, ensuring secure communication channels. And of course, Blockchain Technology, IoT and Cloud security - they are all valuable and important innovations that have only been expanding and already have made a change in cybersecurity. As for the second part of the questions, I think the most important thing is learning and networking: attending conferences, training, workshops, seminars allow professionals to talk with peers, learn about new technologies, stay updated on industry trends, new tools, and create collaborations. This way of continuous communication, education and training helps to enhance the skills and stay abreast of evolving threats and defensive strategies.

TheCyberExpress

ISSUE 15

HER CYBER

Dr. Christine Izuakor Founder and CEO at Cyber Pop-up Dr. Christine Izuakor is the Founder and CEO of Cyber Pop-up, the ultimate cybersecurity concierge for small businesses. She has over a decade of experience leading cybersecurity functions within the Fortune 100 space. Christine earned a Ph.D. in Security Engineering, becoming the youngest student and first African-American woman to do so.

marking the beginning of a newfound passion. This exhilarating experience was the spark that ignited my interest in cybersecurity, leading me to switch my major and embark on a dedicated educational journey from undergraduate to Ph.D. studies in the security space. Simultaneously, I recognized the importance of practical experience alongside academic learning. As I delved deeper into the cybersecurity realm, I conducted extensive research to understand the career landscape, including potential earnings and future opportunities. A decade ago, the industry was still picking up steam, with projections showing immense growth potential — a trajectory that continues to this day.

In 2024 Dr. Izuakor was named in the Top 25 Cyber Influencers by Ciberobs – Make Africa Safe. Dr. Izuakor’s scholarly research has been published in multiple international journals, and her original contributions to the security industry have been presented at international conferences from South Korea to Italy. Her rapid growth in the technology industry landed her spots on numerous change-maker lists, including Business Crain’s Tech 50 List and the Crains 20 in their 20s List. She has also been featured in The Wall Street Journal, Cheddar News, Hemispheres Magazine, MyStart TV, and more. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey into cybersecurity was a shift from a predestined career in medicine that didn’t pan out. Initially, I was on my way to becoming an eye doctor, a path I’d chosen largely due to family and societal influences and expectations. In hindsight, the failure was pivotal; it prompted me to explore beyond the medical field, diving into various school electives like finance, marketing, and accounting in search of my true calling. During this exploratory phase, I stumbled upon a cybersecurity class. The moment of revelation came from an encryption assignment; it was an unexpected yet thrilling challenge that felt more like a game than academic work. The excitement of deciphering encrypted messages kept me up till the early hours,

This blend of personal discovery, academic pursuit, and the vibrant outlook of the cybersecurity field solidified my decision to pivot my career path. Today, I cherish being part of an ever-evolving domain that not only challenges me intellectually but also plays a crucial role in safeguarding digital assets and infrastructures across the globe. This is not just a profession; it’s a passion that fulfills my desire to contribute meaningfully while engaging in continuous learning and problem-solving.

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? Throughout my career, I have faced many challenges relating to bias and discrimination. From trusted mentors who told me I was too young to pursue a Ph.D. at 22 to leaders who often disregarded or overlooked my capabilities to contribute value to the technology space as a Black woman. Early in my academic and professional career, I often found myself in classrooms and corporate meetings in which I was the only woman and the only person of

TheCyberExpress

ISSUE 15

HER CYBER

color. Navigating this took courage and determination. It forced me to take on a mentality that I maintain to this day - “Be so good that people can’t ignore you.” I had to put myself in a position where I could no longer be ignored. This meant going above and beyond to build my credentials, resume, and accolades to be so superior that no matter what gender I was or what color my skin was, I’d be well respected in the industry. Once I’d done that and grew rapidly in my career as a result, it also became my mission to forge a path for others who looked like me and open doors for them that were easier to get into than my prior experience. It became my mission to ensure that people who came after me were able to thrive in rooms where people from diverse backgrounds filled the rooms they were in. My presence in these underrepresented spaces is not merely a display of my tenacity but a catalyst for inspiring change and fostering inclusivity within the industry. Facing and overcoming these challenges has been pivotal, transforming them into valuable lessons and opportunities for personal and professional growth. This journey has equipped me with a unique perspective and resilience, preparing me to tackle and thrive amidst any challenge as a woman in cybersecurity. 3.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? In my nearly fifteen years of experience in the cybersecurity industry, I have witnessed a significant evolution in terms of gender diversity and women’s representation in leadership roles. While there are still challenges to be overcome, I am optimistic about the opportunities available for women and am a strong advocate for their increased involvement in leadership positions. Historically, cybersecurity, like many other technical fields, has been male-dominated, and women have faced various barriers to entry and advancement. These challenges range from cultural biases and lack of mentorship to underrepresentation in the field, which can deter women from pursuing careers in cybersecurity. However, the landscape is changing. There’s a growing recognition of the need for diversity in leadership positions, and women are increasingly

ISSUE 15

TheCyberExpress

being embraced and celebrated for their unique talents, skills, and perspectives. It’s also important that cyber professionals reflect the same diversity of the hackers they defend against, if not more. The inclusion of women in cybersecurity leadership is not just a matter of equity but also brings substantial benefits to the industry. Women’s perspectives contribute immensely to the field by fostering diverse thinking, which is crucial for developing innovative solutions to complex security challenges. Diversity in thought and approach is essential in cybersecurity, where the ability to anticipate and counteract various threats is paramount. 4.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? To really make a difference in boosting female representation in the world of cybersecurity, it’s crucial that our organizations step up and develop a wellrounded strategy. This starts with first understanding the fundamental barriers to entry for women. It’s high time we dug deeper to really understand what’s keeping different minority groups from entering this space. The more we know, the better we can effect change in tangible and impactful ways. Once those barriers are clear, the next step is going all in on resolution – from actively seeking out and exposing more women to the industry, especially those who haven’t had their fair opportunity due to their backgrounds, to setting up strong frameworks around education, mentoring and experience building for job readiness. It’s also about cultivating a space where everyone feels valued, where different backgrounds are celebrated, and where working together with diverse groups becomes the norm. It’s not just about laying out a welcome mat; it’s about making sure there are clear, accessible paths into the industry. Young girls need to see successful women in this space growing and thriving. This effort is critical to paving a new way forward, not just for this generation but for the ones to follow, to ensure a richer, more varied cybersecurity world. I’m excited to play a role in making that happen.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Cybersecurity is a very fast-evolving industry, and every day seems like a race to stay ahead of hackers. The most interesting trends that I believe are changing the game are around artificial intelligence and insurtech. Starting with AI, it’s an exciting time because it’s revolutionizing how organizations can prevent and defend against attacks. With artificial intelligence, we can sift through huge amounts of data and spot trends, which means we can catch and deal with cyber threats faster. It’s also concerning because, of course, hackers are using AI to get better at attacking companies and individuals. We’ve seen this, especially in the rise of Deepfake use in attacks and more advanced social engineering, for example. When it comes to insurtech, it’s a growing domain that is really shaking up the way businesses

and consumers handle cyber risks. Specifically, when it comes to cyber insurance, it’s an industry that is growing rapidly and driving a better culture of awareness in cyber. When entities mix cybersecurity with cyber insurance, they not only step up their online security game but also give themselves a financial backup plan. This combination is critical in today’s digital landscape. On staying up to speed with trends, I’m an eternal student at heart and love continuous learning! I’m constantly updating my cybersecurity knowledge and skills to stay ahead of the curve. This involves regularly participating in webinars, engaging in online forums, staying informed through the latest industry publications, and attending training sessions when possible. Lastly, networking with fellow cybersecurity professionals is crucial—it’s an excellent opportunity to exchange advice and gain insights into the latest industry trends and real-world challenges.

TheCyberExpress

ISSUE 15

HER CYBER

Judy Ngure Senior Information Security Consultant, Sabi Judy Ngure is an esteemed cybersecurity expert and global speaker dedicated to advancing women’s initiatives in the cybersecurity realm. With a commitment to driving security in the fintech industry, Judy serves as a security consultant specializing in DevSecOps, cloud security and automation, enterprise security, and API security. In addition to her consultancy work, Judy plays a pivotal role on the boards of cyberSafe Foundation—an initiative empowering girls to excel in cyberspace—and Beba Beggie, an IoT company. Leveraging her extensive experience in the cybersecurity industry, Judy identified gaps in the African market and founded BugBounty Box—an organization facilitating ethical hackers’ compensation for vulnerabilities found in organizational assets. Judy’s contributions to the cybersecurity field have been recognized through various areas, including being named one of the Top 100 Women in Cybersecurity Africa by the Communication Authority of Kenya, receiving the Hacker of the Year 2021 award, and being a finalist for Global Cybersecurity of the Year 2023 and CISO Awards. Her passion for nurturing the next generation of cybersecurity experts underscores her commitment to this ever challenging industry 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? So, we got hacked! lol and being the developer who had built the platform that was hacked, I had to restore our services since the service was serving our global market. I spend over 72 hours trying to understand the situation, solved it and I was hooked. and the rest is history as they say.

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? I like to view all the challenges I faced and continue to face as a woman in cyber security as an opportunity to grow. Everyone faces challenges whether male or female! So, depending on your mindset as an individual, how you handle the challenge is what differentiates you from the lot. If it was easy everyone would do it.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? If you do not include the other half of the world population in solving any level of the problems, then your solution will not make sense. The representation of women in leadership is a global problem which I think the gap is getting bigger and bigger by the day. They say only women can understand women challenges. I believe we are heading the right direction.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? One thing i believe will allow more women in the cyber security space is to actively engage women in leadership to push for more women in the tech space. we definitely need more women in cyber security, the numbers are too low.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Artificial intelligence in cyber security I believe will drive cyber security into a new era of innovation. Security is such a reactive area that if we allow AI to drive the reactive area, we can focus on being proactive. This in turn results in innovations.

TheCyberExpress

ISSUE 15

HER CYBER

Pooja Shimpi Founder and CEO of SyberNow Pooja Shimpi, an astonishing individual who wears multiple hats with grace and expertise. She is the Founder and CEO of SyberNow, an accomplished cybersecurity expert with a global reputation. She has expertise in managing human aspects in cybersecurity & believes it is important to understand & strengthen the human element to defend against sophisticated cyber-attacks. Shimpi is in the process of establishing her own startup called SyberNow, which specializes in cybersecurity awareness and mindfulness trainings for corporates and help elevate organization’s security culture.

understanding of this field’s ever-evolving nature and increasing threats.

She has recently chosen to be a judge for the prestigious Global Security Buyer Awards 2024! She is an Award winning Diversity, Equity and Inclusion advocate and an inspiration to many individuals. She has led various programs such as “Global Mentoring for Cybersecurity Program”, “Protege for Women in Cybersecurity”, ISC2 Mentorship Programs.

“I am driven by the powerful belief that the rate of cyber-attacks will continue to escalate in various industries, necessitating a heightened focus on security awareness. With a strong mission to empower organizations and individuals, our startup aims to provide the necessary tools and knowledge to navigate the digital realm safely and with confidence,”.

Her prior roles include VP, ISO for APAC region with expertise in Governance, Risk & Compliance domain and has worked with MNC’s such as Citi Bank, State Street Bank, ANZ Bank, Macquarie Bank and she is an international speaker on wide range of topics in cybersecurity.

“So overall the idea for my cybersecurity startup prospered from the recognition of the critical need for cybersecurity awareness and a strong security culture. My education, practical experience, and continuous learning have equipped me with the knowledge, skills, and mindset necessary to be an entrepreneur and leader in the cybersecurity field,”

Pooja’s Turning Point to Become an Entrepreneur The daily reports of data breaches and the unfortunate incidents where people lose their life savings to scams deeply dishearten me. Witnessing the emotional and mental trauma caused by these losses, all because of misplaced trust in online entities has motivated me to establish this mission-driven startup.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field?

I have made the life-changing decision to relocate from Singapore to Australia. However, a strong inner calling nudged her towards embarking on the entrepreneurial journey in the cybersecurity domain. Driven by a deep sense of purpose, I redirected my path, returned to India, and began laying the foundation for my cybersecurity startup - SyberNow.

Hailing from a small town in India, I landed a campus placement at a prestigious tech firm as the only female candidate from my college, which motivated me further to demonstrate my abilities, and led to develop a strong resolve to prove myself. While exploring different roles, I came across the concept of cybersecurity, early in my career I did move laterally to get into security related role and dedicated countless hours to improving the required skills and

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry?

TheCyberExpress

ISSUE 15

HER CYBER

Yes, I have encountered gender discrimination and biases during certain stages of my cybersecurity journey, often finding myself as the lone woman in the team. However, I chose to stand up for myself in these situations. At times, I made the difficult decision to leave toxic work environments, realizing that my time and efforts were better spent elsewhere. During these challenges, I sought support from professional assistance programs to help navigate through the rough patches. Looking back, I would advise my younger self to focus on the bigger picture and to overcome the imposter syndrome by staying true to myself. It’s important to showcase one’s capabilities and achievements proudly, recognizing that age or gender should not define success. While I always held leadership qualities, I now wish I should have been even more proactive in networking and socializing with experts in the field. This proactive approach could have opened doors to new opportunities and enhanced my growth within the industry. 3.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? In the world of cybersecurity leadership, women’s role is like a puzzle slowly coming together. Despite progress, there are still barriers holding them back, like hidden obstacles in a maze. But within these challenges lies a world of opportunities waiting to be discovered. I believe, women bring fresh perspectives to cybersecurity, like adding colours to a dull painting. Their insights sometimes help see risks that might have been overlooked before. Incorporating women’s perspectives into cybersecurity leadership not only enhances the industry’s effectiveness but also aligns with broader societal goals of equality and inclusivity. Encouraging diversity in cybersecurity leadership not only helps fill skill gaps but also makes organizations stronger and more adaptable against cyber threats. It’s crucial for industry leaders to support mentorship, foster inclusive cultures, and remove barriers that hold women back. By prioritizing diversity and inclusion, we can create a cybersecurity field that’s better equipped to tackle future challenges.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? Diversity and Cybersecurity It’s been proven that gender diversity in any field results in higher productivity and better profits. Representing over half of the world’s population, women have a unique way of dealing with risk. Then, why the number of women in cyber security is so low? According to ISC2 report, the percentage of women in cybersecurity is roughly 25%. It may seem that the numbers are growing but is it fast enough to keep up with the demands? Additionally, women are also more likely to experience discrimination, feel under-valued, suffer burn-out and pay gap also remains a challenge. The percentage of women among STEM workers has increased from a mere 8% in 1970 to 27% in the U.S. in 2019, but it is far from ideal as women make up 48% of the U.S. workforce. Are we firing up all cylinders to encourage women to join the cyber security work force? The cybersecurity industry has the capability and offers a lot of scope for women to thrive in the industry. How do we get more females on-boarded? 1. Straight out of school: To make more girls take up computer science and engineering at the college level, there needs to be greater diversity among faculty and mentors. There is a need of mentors or female role models who can guide young girls through these fields. 2. Career progression: There are many pathways to cybersecurity. One of the pathways is to start in IT/ technology roles and then move to cybersecurity role 3. Certifications: In the cyber security industry, certifications show the cyber security skills you have and can be absolutely critical to your cyber security career route. The most commonly requested certifications by cyber employers are CISSP, CISM, CCSP. 4. Career transition — women want to get into this

ISSUE 15

TheCyberExpress

field and don’t know how? Take some basic courses to get general idea about technology and explore for cybersecurity concepts. Cybersecurity isn’t all about becoming a code jockey; critical thinking skills, curiosity, and problem-solving abilities go a long way toward success in the field Its also important for job seekers and managers to note, while hiring or job posting do not stress for lengthy checklist of technical skills, degrees and certifications as a must. Instead, look for other valuable soft skills and enthusiastic individuals who are excited to join cybersecurity field. Popular misconceptions hold that getting into cybersecurity with a nontechnical background is impossible. It’s not true! 5. Career gap — There are several reasons why women take a career break and it isn’t just working mums who do so to care of kids. Whatever the reason for taking a break, it can seem daunting for them to return to work after some time off because of different perceptions. Is it possible for women to get into cyber security post their break? I would recommend the women, to do decent research of the topics of interest as this is a very vast field with so many opportunities. They should explore and start an exciting journey without self-doubt (as it’s definitely not rocket science), and I strongly believe anyone with right attitude and passion can be a part of this world Another advice is to network with people from this industry and get mentored as it will help gain valuable insights and guidance for all queries or doubts. I personally have benefited from mentorship and I am also part of Women in Cybersecurity Singapore

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? I believe several advancements and trends have the potential to revolutionize cybersecurity. One significant trend is the rise of artificial intelligence (AI), Generative AI and machine learning (ML) in cybersecurity solutions. In addition to technological advancements, improving security culture and managing human risk are crucial aspects of revolutionizing cybersecurity. A strong security culture ensures that every individual within an organization understands their role in maintaining security and is equipped with the knowledge and tools to do so effectively. By fostering a culture of security awareness and accountability, organizations can reduce the likelihood of human error leading to security breaches. Furthermore, managing human risk involves not only educating employees about cybersecurity best practices but also understanding and addressing the psychological factors that influence human behaviour. I strongly believe that passion is the most crucial attribute when pursuing a career in cybersecurity. This dynamic field presents new challenges every day! While qualifications can provide a solid foundation, practical industry experience is invaluable. Therefore, I encourage everyone to be prepared to dive into handson work. I keep myself up to date with industry trends through regularly reading LinkedIn Articles, posts, various blogs & News articles, listening to podcasts, attending industry events, webinars and conducting my own research on my topics of interest.

TheCyberExpress

ISSUE 15

HER CYBER

Dr. Iretioluwa Akerele Co-founder at CyBlack

Dr. Iretioluwa Akerele is not just a name but a force to be reckoned with. With over a decade of experience as a cybersecurity consultant, academic researcher, and industry practitioner, she has not only excelled but also carved a path for others to follow. Dr. Akerele’s journey into cybersecurity wasn’t just a career choice; it was a calling fueled by her passion for protecting digital spaces. Beyond her professional accomplishments, Dr. Akerele’s impact shines brightest in her role as a mentor and advocate for diversity in cybersecurity. As a career coach, she has been a guiding light for countless beginners, nurturing their talents and empowering them to realize their full potential in the field. Driven by her unwavering commitment to fostering diversity and inclusion, Dr. Akerele co-founded CyBlack, a vibrant cybersecurity community dedicated to empowering Blacks professionals across the globe in cybersecurity. Through it’s internship program, CyBlack has become a beacon of hope and support for aspiring Black cybersecurity professionals seeking to thrive in the industry. Dr. Akerele’s dedication to making a difference extends beyond professional realms. As a member of the advisory board of Cybersafe Foundation, an organization focused on protecting the most vulnerable individuals and businesses from cyber-attacks. In her quest to bridge the gap between cybersecurity expertise and practical solutions, Dr. Akerele founded Cybarik Limited. Through this venture, she offers top-tier

ISSUE 15

TheCyberExpress

cybersecurity consulting and training services, empowering organizations to fortify their defenses against cyber threats while nurturing a culture of security awareness and resilience. Dr. Iretioluwa Akerele’s journey in cybersecurity is not just a story of individual success but a testament to the power of passion, mentorship, and community. As she continues to push boundaries and break barriers, she remains an inspiration to all, reminding us that with dedication and determination, anything is possible in the ever-evolving landscape of cybersecurity. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? I stumbled into my career unintentionally. I initially applied for a Masters in Business Information Systems but switched last minute to Information Security and Computer Forensics. Despite the unplanned journey, I graduated with distinction, surprising even myself.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? I’ve encountered gender discrimination but overcome it by upskilling, staying confident, and excelling at work. My approach highlights that competence is attractive, regardless of gender. As a strong advocate for gender equality, I promote balanced cybersecurity initiatives to support women entering the field.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women have significantly shaped the cybersecurity landscape, with thriving initiatives started by them, benefiting many. Despite gender bias challenges, women in cybersecurity leadership roles showcase the industry’s progress. Opportunities arising amid challenges offer hope to the next generation. The industry is enhanced by top women voices known for their impactful contributions.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? Cybersecurity initiatives such as training, internships, and mentorship pave the way for women to enter the field. Personally, I contribute by ensuring gender balance in opportunities, like an annual mentorship program for 40 individuals, with 20 women selected. Encouraging women to boldly pursue cybersecurity careers, I envision a future where the industry is no longer male-dominated.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? The synergy of artificial intelligence and machine learning in cybersecurity has significant potential for transforming the field. These technologies boost threat detection, automate responses, and dynamically adapt to evolving risks. To stay informed about the latest cyber threats and vulnerabilities, I actively engage in continuous learning through reputable sources such as industry publications, cybersecurity professional groups, subscription to cybersecurity news and participation in cybersecurity events, conferences and forums. Collaborating with peers, networking within the cybersecurity community, and leveraging online platforms for knowledge exchange also contribute to my proactive approach in addressing emerging challenges.

ISSUE 15

TheCyberExpress

ISSUE 15

HER CYBER

Dr. Hoda A.Alkhzaimi Co-Chair for Global Future Council for Cyber Security, World Economic Forum Hoda Alkhzaimi is an experienced, motivated and innovative leader in industrialization, economic development, green field projects development and tech development. With over seventeen years of successfully driven numerous technological investments internationally and Locally especially in the UAE. Alkhzaimi has successfully led various projects towards achieving strategic, financial and operational efficiencies and synergies worldwide. She has a particular focus in leading and motivating tech-based industrial investments globally. Through her strategic, financial, and operational insight, she has overseen the successful turnaround of multiple largescale projects, facilitated the research and development process while creating growth potential for each prospect Additionally, Hoda has an expertise in developing industrial prospects that respects different technology readiness levels and curate economic growth strategies based on those prospects. Furthermore, she takes a special interest in sustainable development goal and value-based investments. Currently she is holding the position of CO-chair for the World Economic Forum Global Cyber Security Future Council on Cyber Security and Director and founder for (EMARATSEC) NYU’s Center for Emerging Advanced Research Acceleration for Technology, Director and founding member at NYUAD’s Center of Cyber Security, and holds a research assistant professorship at NYU, her work in research, development for multiple portfolios ,including yet not limited to, cryptology, AI and cyber security initiatives have allowed her to make significant contributions to these field.

ISSUE 15

TheCyberExpress

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey into cybersecurity began with a passion for critical and necessary sectors, coupled with a desire to innovate within my own localized industrial sphere. Excelling in STEAM subjects, particularly mathematics, while also appreciating the arts, I found a natural fit in cryptology and cybersecurity. This field’s interdisciplinary nature and significant impact drew me in, especially given its potential for growth and development. I firmly believe in the importance of breadth alongside depth in knowledge acquisition, and cybersecurity, with its intersection with economic backgrounds and emerging technologies, offers precisely that.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? In my journey through both industry and academia, particularly in international projects, I have faced discrimination, often stemming from being perceived as a foreign actor with different perspectives. This discrimination, while challenging, has been addressed by staunchly highlighting and confronting such biases and confronting the system of them who helped generate them. I firmly believe in not giving up and holding the system accountable to foster an environment where everyone, regardless of gender or background, can thrive in human prior to professional manner.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women’s representation in STEM, technology , critical highly paid sectors as cybersecurity leadership roles is disproportionately low, mirroring broader trends in technology and STEM sectors. Accessing these roles often requires strong political capital and networking skills, alongside merit, which can be a challenge as women prioritize merits rather than anything else. However, maintaining and motivating a focus on merited representation is crucial to ensuring diversity and inclusivity in leadership positions. Women bring unique perspectives to the any industry in general and cyber and critical industries as financial and economic roles, characterized by a high sense of accountability, attention to detail, and a focus on societal impact and value. These perspectives enhance the industry by ensuring that technical advancements are not developed in isolation but are aligned with broader societal needs and ethical considerations.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? To remove barriers to entry for women in any field including cybersecurity, it is essential to have more women in leadership positions and authentic, transparent support systems. Holding institutions accountable for failures in supporting diversity and providing resources for accelerated success are crucial steps toward enhancing female representation in the field.

ISSUE 15

TheCyberExpress

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Staying informed about advancements, innovations, and industry trends in any industry as in cybersecurity involves remaining connected to the wider scientific and industrial developments, particularly those related to emerging technologies and industries. Actively seeking pathways for contribution and involvement, rather than passively consuming information, is key to effectively addressing new cutting edge trends and risks especially cyber threats and vulnerabilities in the globally evolving landscape.

TheCyberExpress

ISSUE 15

HER CYBER

Saltanat Mashirova Advanced Cyber Security Architect/Engineer at Honeywell Saltanat Mashirova is an Advanced Cybersecurity Architect at the Honeywell Center of Excellence and is a member of the Operational Technology Cybersecurity Expert Panel Member, Cyber Security Agency of Singapore (OTCEP). She has extensive on-site experience, primarily in the oil and gas sector. She has been actively involved with SAT, FAT, integration of brownfield and greenfield assets, cybersecurity assessment, ISA/IEC 62443 compliance, project engineering, network installation and configuration, commissioning and start-up supervising, and cybersecurity vulnerability assessments. In her current role, Saltanat provides consulting services such as cyber security risk assessment for hazardous operations and executes and leads global projects. She assesses OT network design for vulnerabilities on attack surfaces and provides advice for effective controls and safeguards through cyber-attack scenarios. She also trains Honeywell cybersecurity engineers and asset owners around the globe to execute cybersecurity-related activities on new projects and at mature assets. Saltanat develops implementation procedures and guides field-deployed cybersecurity engineers. In addition to that, she leads compliance and governance from a product perspective. Furthermore, Saltanat conducts workshops with asset owners to discuss the challenges and provides a platform to build mature cybersecurity plans collaboratively. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? I have grown up in the region which is rich for oil and gas and mining. Dad and all my relatives worked

ISSUE 15

TheCyberExpress

mostly in oil and gas, and OT is quite natural for me. Witnessing the transition of OT from isolation to connectivity, automation, and digitalization has revealed both the benefits and the emergence of new cybersecurity risks. Moreover, OT encompasses various disciplines beyond cybersecurity, such as safety, operational process knowledge, familiarity with diverse vendor-specific architectures, and basics of electrical and mechanical engineering. It also involves understanding industry protocols, among other facets. With threats and vulnerabilities constantly evolving, addressing these challenges demands an extensive amount of knowledge. That’s why I am here. 2.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? I haven’t personally faced discrimination in this industry, but I do recognize that the path for women in Cybersecurity can be more challenging. As a mother of two, I’ve experienced firsthand the difficulty of balancing family and work. It depends mainly on the cultural characteristics of the country, the nation, in some cultures the main values for a woman are a child, a husband and housework. In other words, limiting career growth for women can become an internal psychological barrier, which should be, first, to prioritize family responsibilities over professional growth. However, I firmly believe that with determination and motivation, it’s possible to achieve success in both realms - as a woman, a mother, and a valued partner while pursuing one’s career goals.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women historically have had a very low representation in cybersecurity, and yet we remain critical to the mission of security. As threats are global in nature, we must continue to diversify and respond to workforce needs. Challenges faced by women looking at OT Cybersecurity careers are very similar to the challenges they face in any engineering career. It is very important to build up your support network of peers and advocates. They can help you navigate career stages and provide additional perspective. Cybersecurity in general can seem like an intimidating field to break into. It may seem like there are no entry-level positions in cybersecurity. The other main challenge is figuring out what type of role suits you. Talk to people working in cybersecurity and ask them about their jobs. Be curious and seek out free training, podcasts, and capture the flags competitions to see what interests you. Despite these challenges, this field is growing and has different roles within cybersecurity. Companies are doing a better job of supporting and creating an inclusive work environment. In this field, you never stop learning and try to make this world a safer place to live. Moreover, cybersecurity is a field full of brilliant and intelligent people, and when you become part of this field, no one cares as much about who you are but more about what you can do. Therefore, women should always seek mentors, ask for help, be confident, and keep learning. This field – as one of my mentors told me – requires motivation, patience, persistence, and dedication.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? The main problem isn’t that there are too many male colleagues in the industry, but rather that there are not enough women in this industry. Most companies are already doing a great job supporting women by having several programs and plenty of vacancies available where women have not previously applied. In addition to that, there are a lot of communities and institutions who are giving scholarships to females to

ISSUE 15

TheCyberExpress

pursue careers in cybersecurity. One barrier is the lack of female role models in the field. Therefore, female leaders and executives should be encouraged to act as role models and mentors for younger colleagues and students. I hope the day will come when companies don’t see gender inclusion as an obligation. 5.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? If I focus in OT Cybersecurity, next big things in OT Cybersecurity are: •

Artificial Intelligence will be used to create OT malware for cyber-physical systems to achieve physical consequences.

•

Governments around the world are now fully committed to reducing the risk. Owners and operators should expect governments in many jurisdictions to issue new cybersecurity regulations

•

Attacks with physical consequences will increase.

•

Cloud and Software as a Service powers Digital Transformation.

I stay informed about the latest cyber threats and vulnerabilities by monitoring security feeds, alerts, blogs, and forums, participating in information sharing initiatives, attending conferences and workshops, continuously training and educating myself, analyzing security reports and whitepapers, and collaborating with industry peers to collectively address emerging threats and vulnerabilities.

TheCyberExpress

ISSUE 15

HER CYBER

Shamane Tan Chief Growth Officer at Sekuro A visionary influencer, Shamane is passionate about uniting minds and experiences, excelling in aligning C-Suite and Board members with cyber security imperatives. As the author of “Cyber Risk Leaders,” she unravels executive communication nuances and distills C-Suite expectations. Her work extends to “Cyber Mayday and the Day After,” a roadmap for navigating crises by mining the wisdom of C-level executives from around the globe. It’s filled with interviews with managers and leaders who’ve braved the crucible and lived to tell the tale. Her most recent book, “Building a Cyber Resilient Business: A Cyber Handbook for Executives and Boards,” was featured on Forbes Australia’s top list of books for CEOs. Shamane has also founded a transcontinental cyber risk and executive meetup spanning Sydney, Melbourne, Perth, Singapore, the Philippines, and Tokyo, fostering mentorship, women’s empowerment and thought leadership. As a strong advocate for the importance of having a voice and helping others use theirs, Shamane Tan has spoken at TEDx, global conferences and Fortune 500 and ASX companies like MasterCard and Atlassian, the Parliament of New South Wales, FS-ISAC, RSA, ISACA Silicon Valley and many more. Recipient of the IFSEC Global Top 20 Cybersecurity Influencer award and named among the 40 under 40 Most Influential Asian-Australians, Shamane is also the Chief Growth Officer at Sekuro, a leading cyber security and digital resiliency solutions partner, and leverages her unique fusion of technical prowess and business acumen to help organizations progress on their security maturity journey. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field?

ISSUE 15

TheCyberExpress

My journey into cybersecurity was a convergence of curiosity and circumstance. My transition into cybersecurity was notably influenced by the cofoudners of a cybersecurity company, who recognized my potential and transferable skills, encouraging me to explore this dynamic field. They offered me a unique opportunity to dive into various cybersecurity dimensions, from Governance, Risk, and Compliance (GRC) to security testing, enabling me to understand the intricacies of executing a CISO’s strategy effectively. This hands-on exposure was pivotal in shaping my cybersecurity perspective. Moreover, my interactions with the vibrant community of the Australian Women in Security Network opened my eyes to the diverse pathways leading into cybersecurity. Meeting accomplished professionals from varied backgrounds such as law, mathematics, and psychology, who have successfully carved out their niches in cybersecurity, was incredibly inspiring. Witnessing their journeys and understanding the broad spectrum of skills and perspectives they brought to the field underscored the immense possibilities within cybersecurity. It was this realization, combined with the support and encouragement from my mentors and peers, that convinced me to make the leap. Seeing cybersecurity as a blank canvas for diverse talents made me eager to contribute my own skills and learnings to this ever-evolving landscape. This decision was further inspired by the challenges and stories I encountered, which I later detailed in my book “Cyber Risk Leaders: Global C-Suite Insights,” offering a deeper look into the strategic mindset required in our digital age.

TheCyberExpress

ISSUE 15

HER CYBER

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? The journey within cybersecurity can be a multifaceted challenge that many face in tech industries, where diverse voices can be underrepresented or overlooked. This is where my personal strategy, which I like to call the ABCDs of career resilience, comes into play, aiding not just myself but also advising others in similar situations. A (Assess): The first step involves assessing the situation and environment. This means understanding the dynamics at play and recognizing the unique value one’s own perspective brings. It’s about identifying opportunities for growth and areas where one’s voice can make a difference, regardless of the existing biases or barriers related to age, background, or gender. B (Brave): Being brave is crucial. It’s about speaking up and sharing your ideas and opinions, even when it feels daunting. This bravery isn’t just about combating direct discouragement; it’s about asserting your presence and value in spaces where diversity of thought isn’t traditionally celebrated or recognized. Drawing from my own experiences, which I shared in my TEDx talk, “The Imposter Syndrome of the Tall Poppies”, overcoming these obstacles was not an individual journey; it involved the support and solidarity found within the communities, where collective experiences and advice foster a nurturing environment for emerging professionals. C (Calm): Staying calm and composed is essential, especially when facing resistance or when your contributions are undervalued. This component of resilience is about maintaining patience and poise, giving the leadership and the environment time to adapt and recognize the importance of diverse voices. D (Dedicate): Finally, dedication is key. It’s about committing to your path and collaborating with others to achieve mutual goals, despite the challenges. This dedication involves setting clear objectives and working persistently towards them, demonstrating that diverse perspectives are not just beneficial but essential for the growth and success of any organization.

ISSUE 15

TheCyberExpress

The ABCDs have been instrumental in guiding me through moments of discouragement and in helping elevate the voices of others facing similar challenges. This approach fosters an environment where diversity is viewed as a strength, encouraging a culture of inclusivity and respect across all levels of an organization. 3.

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women’s representation in cybersecurity leadership remains a work in progress. Women in leadership not only enrich the decision-making process but also bring varied approaches to strategy and problemsolving, enhancing the overall efficacy of cybersecurity measures. However, overcoming the challenges often associated with attaining these leadership positions requires more than just individual effort; it necessitates the support and advocacy of allies. This is where the significance of allyship becomes most apparent. In the CISO Tribe, for example, I’ve witnessed firsthand how seasoned CISOs have actively taken aspiring leaders under their wing, offering guidance, support, and opportunities for professional development. This kind of mentorship and sponsorship is invaluable and can be an empowering force in accelerating career trajectories. Allies, whether they are within leadership positions or peers, play a crucial role in amplifying women’s voices, advocating for their advancement, and challenging the status quo. By providing platforms for visibility, endorsing their skills, and including them in critical conversations, allies help break down the systemic barriers that may have hindered progression in the field. Being part of the change means fostering an environment where everyone, regardless of gender, can thrive and contribute to our collective cybersecurity efforts. It’s about creating spaces where aspiring leaders can be seen, heard, and supported. Through my work with the CIOs and CISOs, keynotes, and my books, I hope to continue to encourage the next generation of cybersecurity leaders and emphasize the critical role of allies in this journey. It’s through these concerted efforts that we can move closer to a truly inclusive and equitable cybersecurity community.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? Barriers for women entering cybersecurity often stem from misconceptions and a lack of visible role models. To combat this, I stress the importance of assessing personal and professional environments for growth opportunities, as highlighted in my ABCDs of resilience. Initiatives I’ve championed, like the Global Mentorship Program via Cyber Risk Meetup, provide platforms for visibility and discourse, breaking down these barriers and fostering a more inclusive industry landscape.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? Staying ahead of cybersecurity advancements is imperative. The intersection of technology, such as AI and quantum computing, with cybersecurity, presents both opportunities and challenges that require constant vigilance and innovation. The advancements, innovations, and industry trends that have the potential to revolutionize the cybersecurity space are multifaceted and continuously evolving. In my view, the integration of Artificial Intelligence (AI) and Quantum Computing into cybersecurity strategies holds transformative potential. These technologies can significantly enhance threat detection capabilities, automate complex security processes, and develop more robust defense mechanisms against sophisticated cyber-attacks. The success and global expansion of communities like the Cyber Risk Meetup and CISO Tribe underscore the critical importance of collaboration and knowledge

sharing in addressing these advancements. By bringing together leaders from various sectors and regions, these platforms facilitate the exchange of insights, showcase diverse approaches to cyber challenges, and promote innovative solutions. The collaborative learning and collective pursuit of security resilience found in these communities help members stay ahead of emerging threats and adapt their strategies to the rapidly changing landscape. Furthermore, the growing involvement of business leaders, such as CEOs, in cybersecurity discussions highlights the recognition of cyber risk as a fundamental business issue. This shift is evident in the reception of my latest book, “Building a Cyber Resilient Business: A cyber handbook for executives and boards,” which aims to bridge the gap between executive management and cybersecurity. Its acknowledgment by Forbes Australia as one of the top books for CEOs signifies the expanding awareness and proactive engagement of business leaders in fostering cyber resilience. To stay informed and effectively address the advancements in cybersecurity, I actively participate in the global dialogue through these communities and continue my research and education. This continuous engagement is a humbling journey that allows me to stay connected with the evolving landscape of cyber threats and vulnerabilities. It’s a constant learning process that helps in offering guidance that I hope is relevant and timely for both the cybersecurity and executive communities. The ever-changing nature of this field reminds us that vigilance and a willingness to adapt are not just professional requirements but a collective responsibility shared by all of us in the cybersecurity community.

TheCyberExpress

ISSUE 15

HER CYBER

Venessa Henriis Co-founder at Henri & Wolf

Venessa Henriis an attorney specializing in data governance, product security and supply chain risks, as well as the co-founder of Henri & Wolf, a law firm specialized in cybersecurity.

Recognized among Canada’s Top 20 influential women in cybersecurity in 2020, she has since garnered significant accolades, including the Canadian Women in Cybersecurity Trailblazer award for her entrepreneurship.

As a woman in the cybersecurity industry, I have faced gender-related challenges. Navigating these obstacles involved building a robust support network, participating in global conferences, and delivering training at the intersection of law and technology for various professional associations. By actively contributing to the industry and breaking down stereotypes, I’ve aimed to address biases and champion diversity and inclusion.

Vanessa is also an experienced board member, a published author, and a global keynote speaker. She often participates in advisory board for industry conferences such as Blackhat and is part of Quebec’s Cybersecurity Ministry’s committee of industry experts. 3. 1.

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? My journey into cybersecurity was sparked by a growing recognition of its crucial role in our interconnected world. The realization that cyberthreats could have significant impacts on individuals and organizations motivated me to delve into this dynamic field. While there wasn’t a single defining moment, the continuous evolution of cyber challenges and the need for proactive measures to safeguard digital assets inspired me to pursue a career in cybersecurity.

ISSUE 15

TheCyberExpress

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry?

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? Women’s representation in cybersecurity leadership roles is crucial for fostering diversity of thought and innovation. Despite being a field predominantly dominated by men, I’ve actively worked towards breaking barriers. My role as the co-founder of Henri & Wolf, the first law firm specializing in data governance and cybersecurity, emphasizes the significant contributions of women in managing cyber threats. Women’s perspectives bring unique insights, creativity, and problem-solving skills, enhancing the overall effectiveness of cybersecurity strategies.

TheCyberExpress

ISSUE 15

HER CYBER

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? Recognizing the barriers women face in entering the cybersecurity field, I’ve taken proactive steps to remove obstacles. Initiatives such as mentorship programs, educational outreach, and creating a supportive workplace culture are essential. My involvement as a Governor of the Future at the Barreau du Québec and mentorship in programs like Next AI reflects my commitment to enhancing female representation by providing guidance and support.

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? As the co-founder of Henri & Wolf, staying informed about the latest advancements in cybersecurity is crucial. Conferences like Code Blue in Tokyo or the SecTor in Toronto provide valuable insights. Additionally, content curation for conferences like BlackHat CISO Summit and active participation in podcasts and interviews keep me abreast of industry trends. Embracing emerging technologies like AI and staying engaged in global initiatives, such as advising the Minister of Cybersecurity and Digital Affairs, allows me to address the evolving cyber threats effectively. The multidisciplinary approach at Henri & Wolf ensures that we are at the forefront of industry developments and can contribute meaningfully to the cybersecurity space.

ISSUE 15

TheCyberExpress

ISSUE 15

HER CYBER

Anitha S. Ibrahim AWS Global Public Policy - Americas, Senior Manager for Cybersecurity & Data Protection Anitha joined AWS’s public policy team in September 2021 and focuses on public policy issues related to cybersecurity, data protection, privacy, and trust & safety. Prior to joining AWS, Anitha spent three years in Yahoo’s legal department as a Senior Director, overseeing the operational and policy aspects of the organization’s global compliance framework regarding government requests for user data and trust & safety policies.

2018, and Department of Homeland Security, Excellence in Law Enforcement Award in 2012. Anitha holds a law degree from the University of California, Hastings College of the Law, and a bachelor’s degree from the University of Colorado. 1.

Anitha started her legal career in 2007 as a federal prosecutor in the U.S. Department of Justice where she spent over a decade prosecuting technology facilitated criminal activity and working on key cyber and electronic evidence policy issues, both domestic and international. During her time at DOJ, she advised DOJ leadership as Senior Counsel to the Assistant Attorney General, and served as counsel in the Computer Crimes and Intellectual Property Section as well as the Electronic Surveillance Unit. Anitha also served as a Trial Attorney in DOJ’s Child Exploitation Section, where she focused on investigating and prosecuting transnational child sex trafficking cases. Anitha currently serves as a board member of the CrossBorder Data Forum, and on the experts advisory committee to the Future of Privacy Forum’s Privacy and Cybersecurity Group. Anitha has received a number of awards over her career including being named a Forbes Women in Watch in Cybersecurity in 2022, Yahoo’s Trust Builder Award in 2020, U.S. Department of Justice Attorney General’s Award in

ISSUE 15

TheCyberExpress

What sparked your interest in cybersecurity and led you to pursue it? Was there a specific moment that inspired you to choose this field? I was introduced to the cybersecurity field through my legal career, where I served as a federal prosecutor in domestic violence, child exploitation, and computer crimes. Through these experiences, I saw the critical role of technology safety and security in shaping peoples’ lives for the better, which led me to a career in cybersecurity and privacy.

Have you encountered gender biases in cybersecurity, and if so, how did you address them, especially as a woman in a male-dominated industry? The world of cybersecurity is still male-dominated, and it can at times make you feel out of place, particularly as a woman of color. However, throughout my career, I have found that if you take the time to be a true subject matter expert in a topic, you will be respected by your peers — no matter your background. There is also a growing number of cyber women superstars in the DCarea, and we make the effort to support each other.

TheCyberExpress

ISSUE 15

HER CYBER

What are the challenges and opportunities for women in cybersecurity leadership roles, and how do their perspectives enhance the industry? I believe we all benefit from diverse leadership in cyber and beyond — whether it is diversity in gender, race, country of origin, age, socio-economic background, work experiences and many other areas. I absolutely believe women’s perspectives enhance and contribute to cybersecurity. For example, almost all the victims I worked with as a prosecutor were women and girls. I learned immensely from them, and it taught me how to help them protect themselves in the digital world. Now, as a mother to three kids myself, I am constantly influenced by the way I see my children and their peers interact with technology, and I use those experiences to help inform my work.

What do you think are the main barriers for women entering cybersecurity, and how can these obstacles be removed to increase female representation in the field? I think the key is introducing girls and teens in elementary and middle school to technology and coding, and teachers that foster an inclusive environment. My 12-year-old daughter is in a computer science class and has an incredible teacher, and it is her first experience with coding. She may not pursue a career in computer science, but I know she won’t be intimidated by the subject because of her very supportive teacher. The other key is mentorship — women who are in the field must take the time to mentor the younger generation and give them guidance to help pull them up.

ISSUE 15

TheCyberExpress

What do you think will revolutionize cybersecurity in the future, and how do you stay updated on emerging threats and innovations in the industry? The rapid advancement of AI technologies poses both tremendous opportunities and new challenges to online safety and security. I see industry collaborating effectively in this space on a number of fronts, which I believe is a very positive trend. For example, a number of companies recently signed onto the “Tech Accord to Combat Deceptive Use of AI in 2024 Elections.” In my role at AWS public policy, I have the privilege of participating in a number of industry groups and publications that help me stay connected to the latest developments in the cyber threat landscape.

TheCyberExpress

ISSUE 15

HER CYBER

Elcin Biren Cyber and Information Risk Manager, CISRO at UBS

Elcin Biren is a dedicated Cyber and Information Risk Manager, currently serving at UBS as part of their CISRO team. With a passion for Cyber Security that ignited during her first Ethical Hacking training in 2006, Elcin has dedicated nearly two decades to protecting the digital world. Throughout her career, Elcin has held various roles including Cyber and Information Security Officer & Risk Manager, IT Lead Auditor, Penetration Tester & Ethical Hacker, and Security Engineer & Consultant & Presales & Operations Analyst. Her diverse experiences have allowed her to close security gaps, conduct awareness trainings, develop security policies, and translate cyber risks for stakeholders.

ISSUE 15

TheCyberExpress

Beyond her professional responsibilities, Elcin is committed to promoting diversity in the cybersecurity field. She actively speaks at conferences, aiming to attract more women to the industry and challenge gender biases. Elcin’s dedication extends to personal growth, constant learning, and enjoying hobbies like surfing in her free time.

TheCyberExpress

ISSUE 15

HER CYBER

Fatimah Adelodun Senior Manager Security Operations, Ontario Power Generation

Fatimah Adelodun is an esteemed Cyber Security Leader with over 12 years of expertise in navigating diverse cybersecurity landscapes. Renowned for her award-winning leadership, Fatimah has a proven track record of building and deploying robust security programs that align with industry best practices, safeguarding organizations against emerging cyber threats and enhancing overall security posture. With a deep understanding of the ever-evolving cybersecurity landscape, Fatimah excels in leading organizations’ cybersecurity efforts across both public and private sectors. Her experience spans nationwide project cycles and specialized initiatives, making her a trusted advisor in crafting and implementing Monitoring, Detection, and Response (MDR) programs. She specializes in fostering a comprehensive approach to Threats and Vulnerability Management, leveraging her proficiency in SOC operations, Disaster Recovery, and stakeholder management to ensure cybersecurity strategies seamlessly align with business objectives.

ISSUE 15

TheCyberExpress

Beyond her role in organizational leadership, Fatimah extends her impact as a Cybersecurity Instructor at LinkedIn Learning. Here, she shares her wealth of knowledge and experience in leading Cyber & information security strategies, curating and developing cybersecurity courses to equip learners with the latest insights and skills needed to navigate the cybersecurity landscape effectively.

TheCyberExpress

ISSUE 15

HER CYBER

Kirsten Davies Chief Information Security Officer at Unilever Kirsten Davies, Chief Information Security Officer at Unilever, is a seasoned professional with over 15 years of exemplary experience in the realms of Information Security, Data Privacy, IT, and Digital Transformation. With a profound focus on business enabling and risk management, Davies brings a uniquely global perspective to her role. Throughout her illustrious career, Davies has consistently showcased her proficiency in transformative vision casting and strategy setting. Her expertise extends to operational and organizational excellence, complemented by a meticulous risk-based approach to enterprise enablement. Having lived and worked across four continents, Davies’ leadership is enriched by a broad global understanding. Widely acknowledged as a thought leader in the transformational journey, Davies excels in refining enterprise-wide practices, reimagining organizational cadence and culture, and spearheading dynamic talent development initiatives. Furthermore, her adeptness in innovating and optimizing security processes and riskmitigating controls has earned her recognition across industries. With a proven track record of guiding global teams, Davies has seamlessly navigated diverse sectors including manufacturing, finance, energy, telecoms, and media & entertainment. Her prior roles include distinguished positions such as Senior Vice President & Chief Information

ISSUE 15

TheCyberExpress

Security Officer at The Estée Lauder Companies Inc, Managing Director and Group Chief Security Officer (CSO) at Barclays Africa Group Limited/ABSA, Vice President and Deputy CISO at Hewlett-Packard, and Global Deputy CISO at Siemens. At Unilever, Davies’ leadership continues to be a catalyst for innovation and excellence in information security. Her unwavering dedication to navigating the complexities of an evolving digital landscape has significantly contributed to the company’s success. Kirsten Davies’ career trajectory exemplifies not only her expertise but also her commitment to advancing the field of information security. Her wealth of experience, spanning various continents and industries, underscores her status as a distinguished leader in the cybersecurity domain.

TheCyberExpress

ISSUE 15

HER CYBER

Lisa Forte Partner at Red Goat Cyber Security LLP Lisa Forte is a multifaceted professional, renowned as a speaker, trainer, entrepreneur, and high-altitude climber. As a partner at Red Goat Cyber Security LLP, Lisa specializes in running cyber crisis simulations and assisting companies in bolstering their operational resilience against cyber attacks. Passionate about the “tech for good” philosophy, Lisa co-founded Red Goat Cyber Security with a mission to support smaller charities in enhancing their cybersecurity posture. Her commitment to social impact extends to her co-founding of Cyber Volunteers 19, a “cyber for good” movement that provided pro bono assistance to hospitals across Europe during the COVID-19 pandemic, amassing nearly 3000 volunteers. In addition to her impactful work in cybersecurity, Lisa is a prominent figure in the media landscape, frequently appearing on BBC news, radio, and national papers. Her expertise and insights have made her a sought-after commentator on cybersecurity issues.

ISSUE 15

TheCyberExpress

Lisa’s adventurous spirit extends beyond the digital realm, as she also explores some of the world’s highest peaks and seeks out remote climbing spots for adrenaline-fueled adventures. Through her multifaceted endeavors, Lisa Forte exemplifies a commitment to excellence, innovation, and social responsibility, leaving an indelible mark on both the cybersecurity industry and the world of adventure.

TheCyberExpress

ISSUE 15

HER CYBER

Maryam Bechtel Chief Information Security Officer at AGL Maryam Bechtel is a distinguished leader in the cybersecurity industry, boasting over 17 years of extensive experience in information security. With a global footprint spanning multiple continents, Maryam has left an indelible mark through her strategic insights and transformative leadership. Currently serving as the Chief Information Security Officer at AGL Energy, Maryam plays a pivotal role in safeguarding one of Australia’s most critical infrastructures. Responsible for protecting the nation’s energy supply and ensuring the energy and telco needs of over 4 million customers are met, Maryam’s contributions are instrumental in maintaining operational resilience and security. Prior to her tenure at AGL Energy, Maryam served as the Executive Manager of IT Security Operations at NBN Co, where she drove operational excellence across all IT security services. Her career journey encompasses two distinct phases, including over a decade of consulting with prestigious firms such as Deutsche Telekom and Deloitte.

ISSUE 15

TheCyberExpress

During this time, Maryam collaborated with C-level executives to define and implement comprehensive cybersecurity strategies, gaining invaluable industry-wide experience across various domains. In recent years, Maryam has emerged as a hands-on leader, focused on building high-performance cybersecurity teams renowned for their innovation and operational efficiency. A staunch advocate for diversity and inclusion, Maryam actively supports initiatives such as the Australian Women in Security Network (AWSN) and provides mentorship to aspiring women in the industry.

TheCyberExpress

ISSUE 15

HER CYBER

Meg West Cybersecurity Consultant at CrowdStrike

Meg West is a Senior Cybersecurity Consultant at CrowdStrike, bringing a wealth of experience and expertise to the forefront of the industry. With a background in Cybersecurity Incident Response, Meg has previously served on IBM’s X-Force Incident Response team and held the role of Global Cybersecurity Incident Response Manager at another Fortune 100 company. Meg holds esteemed certifications including CISSP, CCSP, and Security+, alongside a Master of Science degree in Cybersecurity. Her specialization lies in Incident Response and SAP Security, areas in which she has delivered presentations at prestigious international cybersecurity conferences such as ISC2’s Security Congress and SAP’s SAPPHIRE NOW.

ISSUE 15

TheCyberExpress

Outside of her professional commitments, Meg is passionate about mentoring college students seeking to enter the cybersecurity field. She actively contributes to the cybersecurity community by creating free cybersecurity content on platforms like YouTube and Twitter, showcasing her dedication to knowledge sharing and industry advancement. Meg’s multifaceted approach to cybersecurity, combining expertise, mentorship, and community engagement, positions her as a respected leader and influencer in the field.

TheCyberExpress

ISSUE 15

HER CYBER

Megan Samford VP, Chief Product Security Officer Energy Management at Schneider Electric

Megan Samford is a distinguished security executive specializing in industrial control systems security and critical infrastructure protection. Currently serving as the Vice President and Chief Product Security Officer for Energy Management at Schneider Electric, Megan drives the product security strategy and program for the company’s business unit. With a wealth of experience, Megan has held key leadership positions at prominent organizations, including Global Director of Product Safety and Security at Rockwell Automation and Product Security Leader at GE Global Research. Her public sector contributions include serving as the Critical Infrastructure Protection Coordinator for the Commonwealth of Virginia under Governors Tim Kaine and Bob McDonnell.

ISSUE 15

TheCyberExpress

Megan’s expertise is enhanced by her commitment to bridging traditional critical infrastructure protection concepts with cybersecurity frameworks. She champions initiatives like the Incident Command System for Industrial Control Systems (ICS4ICS), aiming to establish a standardized approach to cyber incident response. Megan holds a bachelor’s degree in homeland security and emergency preparedness, along with a master’s in public administration, both earned from Virginia Commonwealth University. Megan’s dedication to enhancing cybersecurity resilience in critical infrastructure underscores her status as a leader and innovator in the field.

TheCyberExpress

ISSUE 15

HER CYBER

Noureen Njoroge Director of Global Cyber Threat Intelligence at Nike Noureen Njoroge is a distinguished Cybersecurity Executive Professional renowned for her extensive experience navigating multi-faceted, fast-paced environments across both public and private sectors. As a strategic thinker, she boasts a proven track record of leadership in Cybersecurity, AI, ML, Data Privacy, Blockchain, IoT, Cloud Security, and Metaverse digital wallet Identity and Security. With a keen ability to deliver strategic solutions and negotiate mitigation measures, Noureen consistently achieves client and business success. Her expertise lies in proactive threat prevention and fostering creativity and judgment in complex scenarios. As the Global Director of Cyber Threat Intelligence at NIKE, she leads highperformance teams to address evolving cybersecurity challenges. Noureen’s influence extends beyond her role at NIKE. She is a sought-after Global Keynote Speaker and ranks among the Top 50 Cybersecurity Influencers, recognized by Engatica Global leaders’ platform, Europe IFSEC, and Rocheston. Her contributions have earned her the prestigious titles of 2020 and 2021 Cybersecurity Woman of the Year, as well as the 2019 Cisco Cybersecurity Champion.

ISSUE 15

TheCyberExpress

Moreover, Noureen’s impact resonates in the UK cybersecurity landscape, where she is listed among the Top 30 Most Admired Minority Professionals. Her commitment to mentoring others underscores her dedication to fostering talent and sharing industry insights generously. Noureen’s academic background includes a Bachelor’s degree in Information Technology from the University of Massachusetts, complemented by an Executive MBA from Harvard Square and a MIT Cybersecurity Diploma. Her academic pursuits mirror her commitment to excellence and ongoing learning in the cybersecurity domain. In her career, Noureen exemplifies resilience, adaptability, and a relentless pursuit of excellence. She sets a compelling example for her peers, demonstrating unwavering dedication to staying ahead in a rapidly evolving industry. Her unwavering commitment to protecting businesses and data in an increasingly complex world underscores her status as a leader and visionary in the field of cybersecurity.

TheCyberExpress

ISSUE 15

HER CYBER

Sivan Tehila Founder & CEO at Onyxia Sivan Tehila is a distinguished cybersecurity expert and entrepreneur with over 15 years of industry experience. Currently serving as the CEO of Onyxia, a Cybersecurity Strategy and Performance platform, she also holds the position of Program Director and cybersecurity professor for the MS in Cybersecurity program at Katz School of Science and Health, Yeshiva University.

monitoring systems for both Information Technology (IT) and Operational Technology (OT).

Tehila’s career began with a decade-long tenure in intelligence and cybersecurity roles within the Israel Defense Forces (IDF), where she served as an Intelligence Officer, CISO of the Research and Analysis Division, and Head of the Information Security Department of the Intelligence Corps, earning an honorable discharge as a Captain. In these roles, she spearheaded the development and management of comprehensive Cybersecurity strategies, encompassing policies, compliance, risk assessment, training, and operational and technical projects.

Beyond her professional endeavors, Tehila is deeply committed to fostering diversity and inclusion in the Cybersecurity field. She founded Cyber Ladies NYC and developed a unique cybersecurity program for Manhattan High School for girls. Her dedication to this cause has been recognized by SC Media, which honored her as a Woman to Watch and one of the 25 influential women in IT Security for 2020.

Transitioning to the private sector, Tehila joined RAFAEL, an Israeli defense technology company, as an Information Security Officer and profiler. Subsequently, she served as a cybersecurity consultant for Israel Railways, where she established the Cyber Security Operation Center (CSOC)

ISSUE 15

TheCyberExpress

Tehila’s journey continued as she assumed the role of Director of Solution Architecture at Perimeter 81, contributing her expertise to the advancement of cybersecurity solutions.

An esteemed speaker and educator, Tehila conducts technical workshops, speaks at conferences worldwide, and contributes to leading information and cybersecurity publications. Through her multifaceted roles and tireless advocacy, Tehila continues to make significant contributions to the cybersecurity industry while championing the advancement of women in the field.

TheCyberExpress

ISSUE 15

HER CYBER

Amber DeVilbiss Founder, Chief Executive Officer at Teach Kids Tech Amber DeVilbiss is a cybersecurity advisor with over 15 years of experience in the field. Passionate about making cybersecurity accessible and enjoyable for all ages, she founded Teach Kids Tech, a foundation dedicated to providing technical education to underserved communities. Amber is also the author and illustrator of “The Little Cyber Engineer,” a children’s book aimed at introducing cybersecurity concepts to young minds. Starting her career with no formal background in technology, Amber worked her way up from an entrylevel compliance analyst to roles such as Security Analyst, Security Engineer, Solutions Architect, and SOC Manager. Today, as a Security Advisor, she advises clients on strategically building robust security programs. A firm believer in giving back, Amber serves on the board of directors for LIFT Women in Security and is actively involved in charitable projects. Her creativity and quirkiness shine through in her educational content, including TechTok videos that earned her recognition as the #1 most-watched cybersecurity video creator on TikTok. Amber’s journey is fueled by her dedication to her son, who serves as her inspiration in both life and work.

ISSUE 15

TheCyberExpress

ISSUE 15

HER CYBER

Danielle Jablanski OT Cybersecurity Strategist at Nozomi Networks Danielle Jablanski is an OT Cybersecurity Strategist at Nozomi Networks, where she conducts extensive research on global cybersecurity issues and advocates for awareness of operational technology (OT) and industrial control systems (ICS) cybersecurity across the industry. Additionally, she serves as a nonresident fellow at the Cyber Statecraft Initiative of the Atlantic Council’s Scowcroft Center for Strategy and Security. With a commitment to advancing cybersecurity standards and education, Jablanski is a staff and advisory board member of the nonprofit organization Building Cyber Security. In this role, she leads initiatives focused on cyberphysical standards development, education, certifications, and labeling authority to enhance security, safety, and privacy in both public and private sectors. Furthermore, Jablanski represents Nozomi Networks in various industry communities such as the OTCC, ISAGCA, and ISAC, as well as government relations efforts.

ISSUE 15

TheCyberExpress

Jablanski’s professional journey has involved conducting academic and market research on emerging technologies. She has provided independent consulting services to the US government and a technology startup, focusing on innovative technology applications for military, Department of Defense, and commercial sectors. Earlier in her career, Jablanski evaluated cyber technology impacts on nuclear weapons policy and use worldwide at the Stanley Center for Peace and Security. Before transitioning back to physical and industrial cybersecurity, she served as a senior research analyst with Guidehouse Insights and contributed to the establishment of the Stanford Cyber Policy Center at Stanford University.

TheCyberExpress

ISSUE 15

HER CYBER

Dr Magda Chelly Managing Director I Chief Information Security Officer at Responsible Cyber Dr. Magda Chelly is a renowned speaker and cybersecurity professional with extensive experience in the industry. As the Managing Director and Chief Information Security Officer at Responsible Cyber, she is passionate about sharing her knowledge and expertise with audiences worldwide. Dr. Chelly understands the challenges of building a company from scratch and believes in the rewarding nature of entrepreneurship.

Dr. Chelly’s dedication extends beyond her work with Responsible Cyber. She has authored three books on cybersecurity topics, covering areas such as cyber risk quantification, diversity and inclusion in the industry, and cybersecurity investments. By sharing her expertise through these publications, she empowers others to adopt a proactive approach to cybersecurity and prioritize responsible cyber practices.

With a background in founding companies, Dr. Chelly knows firsthand the dedication and perseverance required to succeed in the cybersecurity field. She is committed to making a meaningful impact in the industry, recognizing the constant evolution of challenges and the high stakes involved.

Ultimately, Dr. Chelly’s mission is to create a safer and more secure world for everyone. Through her leadership at Responsible Cyber and her advocacy efforts, she strives to instill a culture of cybersecurity awareness and responsibility across organizations and communities.

At Responsible Cyber, Dr. Chelly focuses on promoting cybersecurity awareness and responsibility. She spearheads initiatives like IMMUNE, a groundbreaking SaaS product that revolutionizes third-party risk management. Through innovative solutions like IMMUNE, she aims to help businesses navigate the complexities of cybersecurity and minimize disruptions in their digital supply chains.

100 ISSUE 15

TheCyberExpress

ISSUE 15 101

HER CYBER

Dr. Bushra Al Blooshi Advisor Chief Executive at the Dubai Electronic Security Center Dr. Bushra Al Blooshi is the Advisor Chief Executive at Dubai Electronic Security Center and the first Arab member to join the World Economic Forum’s network of Global Future Councils in Cybersecurity. In December 2023, Sheikh Hamdan bin Mohammed bin Rashid Al Maktoum, Crown Prince of Dubai and Chairman of the Executive Council, congratulated Dr. Bushra AlBlooshi of the Dubai Electronic Security Center (DESC) on her appointment as the head of the World Bank Group for Cloud Computing. Dr Bushra was also selected in recently to join a team of experts in setting the digital agenda for G20 crosspresidency meeting and also contributed to several reports, a recent one was the international report that addresses challenges of cybersecurity presented at the Davos summit 2024. Dr. Blooshi leads many strategic initiatives in the city such as Dubai Cybersecurity Strategy, Dubai Cybersecurity R&D Agenda, and Dubai Cybersecurity Policies. She has more than 18 years of experience in digital transformation, cybersecurity, and strategy management. Dr. Blooshi has held different positions in different industries and has

102 ISSUE 15

TheCyberExpress

participated in many local and international conferences. Also, she is currently a member of several advisory boards and committees locally and internationally. Dr. Blooshi holds a Ph.D. in Electrical and Electronic Engineering and a Master in Information Security from Khalifa University, and another Master in Political Science from Mohammed Bin Rashed School of government in collaboration with Harvard University. Dr.Blooshi’s research interests include cloud computing, cyber security, digital forensics, and cryptography. Dr. Blooshi earned two patents in memory forensics and cloud security. She was recently awarded as the Best Executive in Cybersecurity in the Middle East by the Women in Cybersecurity Middle East Organization and the cybersecurity thought leader of the year in AcceleratorsX Awards 2022. She was also the lead author of a Cybersecurity report published recently by the World Economic Forum in collaboration with international experts around the world.

TheCyberExpress

ISSUE 15 103

HER CYBER

Katie Nickels Senior Director of Intelligence Operations at Red Canary Katie Nickels is the Senior Director of Intelligence Operations at Red Canary, bringing nearly a decade of experience in Security Operations Centers and cyber threat intelligence to her role. With degrees from Smith College and Georgetown University, Katie’s journey into cybersecurity began at the U.S. Department of Defense (DoD), where she found her passion for understanding the human element behind cyber threats. Throughout her career, Katie has held positions at prominent organizations including The MITRE Corporation, Raytheon, and ManTech, focusing on cyber threat intelligence, network defense, and incident response. Outside of her professional commitments, Katie is deeply involved in initiatives to inspire exploration and learning in cybersecurity and STEM, serving as the Program Manager at Cyberjutsu Girls Academy (CGA). Through CGA, Katie helps teenage girls discover the exciting possibilities within cybersecurity and STEM fields, fostering a new generation of talent.

104 ISSUE 15

TheCyberExpress

In addition to her role at Red Canary and her involvement with CGA, Katie hosts the SANS Threat Analysis Rundown (STAR), a popular webcast series delving into the current threat landscape and cyber threats. When she’s not immersed in cybersecurity projects, Katie finds balance through baking, cake decorating, and CrossFit workouts, embracing diverse interests outside of the digital realm.

TheCyberExpress

ISSUE 15 105

HER CYBER

Kelly Shortridge Senior Principal Engineer, Office of the CTO at Fastly

Kelly Shortridge is a Senior Principal Engineer in the Office of the CTO at Fastly, where she spearheads innovative approaches to cybersecurity. Renowned as the lead author of “Security Chaos Engineering: Sustaining Resilience in Software and Systems” (O’Reilly Media), Kelly is celebrated for her expertise in resilience within complex software systems and the application of behavioral economics to cybersecurity. With a diverse background as an enterprise product leader, startup founder (with an exit to CrowdStrike), and investment banker, Kelly brings a unique perspective to her work. She frequently advises Fortune 500 companies, investors, startups, and federal agencies, sharing her insights as a keynote speaker, author, and advisor.

106 ISSUE 15

TheCyberExpress

Kelly’s contributions to the field have earned her recognition as a top DevOps leader and a “Big Thinker” in cybersecurity. Her research, featured in prestigious publications such as ACM, IEEE, and USENIX, spans topics including behavioral science in cybersecurity, deception strategies, and the ROI of software resilience. She also serves on the editorial board of ACM Queue. A sought-after speaker, Kelly has presented at over 40 conferences in 7 countries across 4 continents, addressing audiences ranging from technology professionals to C-suite officers. Her work and expertise have been featured in prominent media outlets worldwide, solidifying her status as a leading figure in cybersecurity and technology innovation.

TheCyberExpress

ISSUE 15 107

HER CYBER

Lili Ana CISO Transformation Lead at Trellix Lili Ana is the CISO Transformation Lead at Trellix, known for her versatile leadership in overseeing regulatory, thirdparty, and organizational compliance and risk management requirements. With a focus on guiding strategy for program maturity and recruiting top talent, Lili Ana collaborates closely with C-level executives to ensure the protection of digital information assets and drive organizational change. A Doctor of Education from the University of Southern California, Lili Ana specializes in information security education, organizational change, and leadership. Her dissertation, titled “A Research Study of Employee Perceptions on Identifying Phishing Attacks in Financial Organizations,” showcases her expertise in qualitative research methods and will be published in April 2024. In addition to her academic achievements, Lili Ana is the author of “Xander Sloan: Braver Than Monsters,” a captivating story aimed at introducing the concepts of privacy and security to children.

108 ISSUE 15

TheCyberExpress

She has developed comprehensive lesson plans for grades K-3 and collaborates with principals and educators to implement information security education initiatives, demonstrating her commitment to fostering a culture of cybersecurity awareness from an early age.

TheCyberExpress

ISSUE 15 109

HER CYBER

Octavia N. Howell VP, Chief Information Security Officer at Equifax Canada Co

Octavia N. Howell serves as the Vice President and Chief Information Security Officer at Equifax Canada Co, where she brings extensive expertise in Governance, Networking, and Cyber Security. With a focus on fostering operational excellence and building motivated cross-functional teams, Octavia is dedicated to supporting the career growth of her colleagues and peers. With a Bachelor of Science Degree in Computer Science and Mathematics from Spelman College, Octavia holds several industry certifications including CISSP, GISP, GCWN, and GSLC GIAC. Beyond her role at Equifax Canada Co, she is the Founder and CEO of Augustus Redefined, an organization dedicated to advancing Black Women in Cyber. Octavia is an active member of various professional associations including Alpha Kappa Alpha Sorority, Incorporated, ISACA, ISC², and the Executive Women’s Forum (EWF), among others.

110 ISSUE 15

TheCyberExpress

Committed to mentorship and community engagement, Octavia believes in the power of collaboration and uplifting others on their journey to success. In her spare time, she enjoys traveling, spending quality time with her family, and providing guidance and support to aspiring professionals. Octavia lives by the motto, “No man conquers alone,” emphasizing the importance of collective effort and support in achieving goals. She is guided by the principle of “Lift while you climb,” embodying a commitment to empowering others as she continues her own journey of growth and excellence.

TheCyberExpress

ISSUE 15 111

HER CYBER

Rachel Tobac Chief Executive Officer at SocialProof Security Rachel Tobac is a hacker and the CEO of SocialProof Security, where she specializes in helping individuals and companies safeguard their data through training and penetration testing on social engineering risks. With an impressive track record, Rachel has achieved 2nd place in DEF CON’s Social Engineering Capture the Flag contest for three consecutive years. Her expertise has led her to share real-life social engineering experiences with prominent media outlets such as NPR, Last Week Tonight with John Oliver, The New York Times, CNN, and NBC Nightly News with Lester Holt.

112 ISSUE 15

TheCyberExpress

Beyond her professional endeavors, Rachel dedicates her spare time to contributing to the cybersecurity community. She serves on the CISA Technical Advisory Council and holds the position of Chair of the Board at Women in Security and Privacy (WISP), a nonprofit organization focused on advancing women’s leadership in the field. Through her leadership roles and advocacy efforts, Rachel is committed to promoting cybersecurity awareness and empowering women to excel in the industry.

TheCyberExpress

ISSUE 15 113

HER CYBER

Rana Khalil Application Security Engineer Lead at C3SA Cyber Security Audit Rana Khalil is an accomplished Application Security Engineer Lead at C3SA Cyber Security Audit, where she plays a pivotal role in ensuring digital safety within Canada’s dynamic public and private sectors. Armed with cuttingedge expertise, she not only secures applications but also spearheads the advancement of cybersecurity nationwide. With a Bachelor’s and master’s degree in computer science under her belt, along with OSCP certification, Rana is wellequipped to navigate the complexities of cybersecurity. She has showcased her research prowess at numerous local and international conferences, earning several awards and honorable mentions for her contributions to the cybersecurity community.

114 ISSUE 15

TheCyberExpress

In addition to her professional endeavors, Rana is the founder of an online academy dedicated to teaching web application penetration testing. Her mission is to democratize cybersecurity education, making it accessible and affordable while fortifying the digital landscape one application at a time.

TheCyberExpress

ISSUE 15 115

HER CYBER

Roya Gordon Operational Technology (OT) at Hexagon Asset Lifecycle Intelligence

Roya Gordon is a seasoned cybersecurity professional specializing in Operational Technology (OT) and Internet of Things (IoT). As an Executive Industry Consultant for OT Cyber at Hexagon Asset Lifecycle Intelligence (ALI), Roya leverages her extensive experience to advise Fortune 100 companies on safeguarding their critical assets. With a background that includes roles at Nozomi Networks, Accenture, and the Idaho National Laboratory, she brings a wealth of knowledge to her current position. Roya is a sought-after speaker at global conferences, where she addresses crucial topics such as OT/IoT vulnerabilities, ransomware resilience, and cyber threat actors’ tactics. Her

116 ISSUE 15

TheCyberExpress

insights and recommendations for reducing susceptibility to attacks have earned her recognition as a thought leader in the cybersecurity community. In addition to her speaking engagements, Roya actively collaborates with various industry Information Sharing and Analysis Centers (ISACs) and has played a key role in shaping US government cybersecurity strategies and policies. Her academic background includes studying Global Affairs with a focus on Cyberwarfare at FIU, and she also has experience serving in the US Navy as an Intelligence Specialist.

TheCyberExpress

ISSUE 15 117

HER CYBER

Zinet Kemal Associate Cloud Security Engineer at Best Buy

Zinet Kemal is an Associate Cloud Security Engineer at Best Buy, where she focuses on securing cloud infrastructure and advocating for online safety and cybersecurity career paths. Coming from a legal background, Zinet made a career change to cybersecurity and has since become a multi-award-winning practitioner, children’s book author, LinkedIn Learning instructor, and TEDx speaker. In her role, Zinet designs and implements security measures to protect organizations’ cloud-based assets and data. She holds a master’s degree in Cybersecurity from Georgia Tech University, as well as Bachelor of Science degrees in Computer Science and Law (LLB). As a mother, Zinet is deeply committed to educating and empowering children about online safety, reflected in her award-winning children’s books such as “See Yourself in Cybersecurity” and “Oh, No … Hacked Again!” Zinet’s contributions to cybersecurity and online safety have earned her recognition from various platforms and organizations. She has been featured on Good Morning America, BBC, ABC News, and other media outlets, and has received honors such as the Most Inspiring Women in Cyber, Top 25 Cybersecurity Leader, and Minneapolis/St. Paul Business Journal 40 under 40 honoree.

118 ISSUE 15

TheCyberExpress

Furthermore, Zinet is passionate about sharing her knowledge and experiences to empower others in the industry. She has delivered a TEDx talk titled “Hack-Proofing Childhood: Ensuring our Children’s Online Safety” and created a LinkedIn Learning course titled “Building Your Personal Brand in Cybersecurity.” With a strong belief in the power of collaboration and community impact, Zinet actively seeks opportunities to connect with others and make positive contributions to the cybersecurity field and beyond.

TheCyberExpress

ISSUE 15 119

HER CYBER

Christina Cacioppo CEO and Co-founder at Vanta

Christina Cacioppo is a multifaceted entrepreneur and investor with a diverse background in technology and venture capital. She played a pivotal role in bringing Dropbox Paper to market and developed tools to simplify programming during her early career. Starting off at USV in early-stage venture capital, Christina initially found enjoyment in the field. However, she eventually realized the profound impact of the internet on society, leading her to believe that the future belongs to those who actively create. Her internet journey began in the mid-90s, exploring Beanie Baby forums and engaging in early eBay transactions. Hailing from the Midwest, Christina maintains a strong connection to her roots and has a penchant for books, microeconomics, and Renaissance, Dutch, Haitian, and Magritte oil paintings.

120 ISSUE 15

TheCyberExpress

Beyond her professional pursuits, Christina enjoys running, following the NBA, and appreciating 80s and 90s women’s gymnastics. She also maintains an interest in contemporary East African politics. Additionally, Christina is an active angel investor, focusing on areas she understands well. Her investments span team collaboration tools, programming interfaces, infrastructure in Africa, vertical SaaS, and security solutions, reflecting her commitment to supporting innovation and technological advancement.

TheCyberExpress

ISSUE 15 121

HER CYBER

Dr. Keeper Sharkey the Founder and CEO of ODE, L3C

Dr. Keeper L. Sharkey is the founder and CEO of ODE, L3C, a social enterprise dedicated to advancing quantum science, technology, and research. She is recognized as a leading authority in the field, serving as the Chair of Quantum Applied Chemistry at Quantum Security Alliance and Vice-Chair of Cyber Security in Quantum Computing and Quantum’s Effect on Current Architectures with IEEE. Dr. Sharkey is also a civilian member of the US Quantum Industry Coalition and serves as the point of contact for ODE’s co-founding membership of the Quantum Economic Development Consortium (QED-C). She earned her PhD in Chemistry and her BS in Mathematics and Chemistry from the University of Arizona, where she distinguished herself with honors such as the National Science Foundation (NSF) Graduate Research Fellowship and participation in the NSF I-Corps program. Dr. Sharkey’s expertise is underscored by her prolific research contributions, including over 30 publications in esteemed peer-reviewed journals. She has received widespread acclaim for her work on non-BornOppenheimer quantum mechanical finite-nuclear mass variational algorithms, with over 400 citations to her name. Her commitment to advancing the field is further

122 ISSUE 15

TheCyberExpress

demonstrated through her active participation in events such as Quantum Business Europe and the Department of the Air Force Information Technology conference (DAFITC), where she has shared insights on quantum technology and cybersecurity.

TheCyberExpress

ISSUE 15 123

HER CYBER

Natalia Spinu Director at European Institute for Political Studies of Moldova

Natalia Spinu serves as the Director of the European Institute for Political Studies of Moldova (EIPSM), where she spearheads initiatives related to cybersecurity and international security. With over 12 years of experience in cybersecurity, Natalia has played a pivotal role in establishing and managing the Cyber Security Center CERTGOV-MD. In this capacity, she has been instrumental in safeguarding the national information infrastructure and providing cybersecurity services to public authorities. Throughout her career, Natalia has demonstrated a commitment to professional development, earning multiple certifications and honors in cybersecurity, ethical hacking, and business continuity. Her expertise spans various domains, including cybersecurity strategy and policy, cyber defense and incident response, information security governance and compliance, as well as international and European security affairs.

124 ISSUE 15

TheCyberExpress

Passionate about advancing Moldova’s cybersecurity and international security agenda, Natalia leverages her knowledge and experience to support EIPSM’s mission of promoting democratic values, human rights, and European integration. She collaborates closely with stakeholders from the public and private sectors, academia, and civil society to drive impactful initiatives that enhance cybersecurity resilience and contribute to regional security efforts.

TheCyberExpress

ISSUE 15 125

VIEWPOINT

Trends Shaping the Future of Cybersecurity Marketing - By Florie Lhuillier Head of Cybersecurity, CCGroup

Working in the cybersecurity industry is like training for a marathon on a constant basis. At the start, you are anxious but excited to launch yourself into something new. Then soon the challenge of what you have set out to do becomes crystal clear. There are not many people you can rely on to do this but yourself, the increasing threat of picking up niggles and injuries is very real and external factors such as bad weather and heat are putting roadblocks into your training. You also keep seeing more and more runners signing up for the same event, making your goal of standing out and

126 ISSUE 15

TheCyberExpress

finishing in the top 10% even more difficult. The reality for today’s cybersecurity professionals can feel just as relentless. The talent shortage is worsening, geopolitical events and new technologies such as AI are making attacks more likely and increasingly sophisticated while global economic uncertainty continues, and new cybersecurity startups are emerging. These trends are making the role of those tasked with promoting solutions extremely challenging, leading them to rethink their strategies. Let’s take a closer look.

TheCyberExpress

ISSUE 15 127

VIEWPOINT

The Skills Shortage is Real According to this report, both UK and US enterprises that have reported a decrease in investment last year, stated talent shortages as the main reason. Recent research by the UK government also found that 50% of all UK businesses have a basic cybersecurity skills gap and over 160,000 cybersecurity jobs were posted in 2023—an increase of 30% from 2022. The skills gap in the industry is real and will only continue to increase unless organisational resources are redirected to the security department for support or companies develop talent from within and upskill their employees through proper training.

The Attack Surface is Expanding The economic downturn and geopolitical conflicts that the world is experiencing is also driving an expansion of the attack surface. Pro-Russian hackers are launching attacks with political motives on western infrastructure while cybercrime groups are ramping up their efforts and knocking on more doors, particularly those from smaller organisations. They need to make money too and even more so during a turbulent economic situation. Technological advances such as Generative AI are another reason behind increasing attacks. From business email compromise attacks and malicious chatbots to deepfake phishing, the creation and proliferation of AI-driven hacker tools like WormGPT and FraudGPT are lowering the barrier for entry and democratising the execution of different types of attacks. This is making the need for enterprises to keep up with threats even more important.

128 ISSUE 15

TheCyberExpress

Significant Investments are Made but Challenges Remain Despite the world entering what experts have called a “polycrisis” (inflation, climate change, the war in Ukraine), the market for cybersecurity products remains buoyant – at least, at first glance. The same report mentioned above shows 78% of enterprises in the US and 58% in the UK have increased their investments in the last year. Meanwhile 81% of enterprises overall are looking to work with new cybersecurity technology suppliers in the next 12 months. Enterprises are also identifying gaps in their existing cybersecurity solutions and looking for vendors that can better address their needs, particularly in the endpoint security, application security and fraud prevention space. Looking ahead, however, 37% of US enterprises expect to see a cut in the next 12 months. Similarly, 24% of UK enterprises are set to reduce their spending. The main reason on both sides of the pond being that the change is in line with their revenues. This means that cybersecurity vendors will need to double down on their sales and marketing efforts and emphasise the uniqueness and cost effectiveness of their offering even more if they want to get on their buyers’ radar.

The Provider Landscape is Changing Finally, the proliferation of attacks, causing trillions of dollars of damage every year, is also making cybersecurity a big market opportunity to seize. Analyst firm Gartner predicts that the end-user spending for the information security and risk management market will reach $267.3 billion in 2026.

According to IT-Harvest, there are more than 3,740 cybersecurity vendors in the world and new startups being created every day that want a piece of the pie, making the provider landscape extremely competitive and dynamic. All these factors mean cybersecurity vendors need to reappraise their marketing efforts to engage and help enterprises deal with a growing skills gap, manage cybersecurity threats and limit, if not eliminate, their exposure to risk ensuring business resiliency.

Adapting Cybersecurity Marketing Strategies To do this, marketing teams need to analyse, adjust and adapt what they do regularly, with what’s happening in the market – from their overall strategy to new technologies, tools and trends. To go back to the running analogy, anyone’s marathon training can never be perfect, bumps in the road are part of the journey. However, what’s important is not what’s going to happen, if you are going to get injured or not or finish a run, but how you react to it and what you learn from it. As a marketer, you need to first identify where you want to be in 12- or 24-months’ time and where you are right now. Do you want to build awareness or improve your conversion rate of RFPs? Is your current channel and content strategy aligned with this goal? What you need is to take the time to sit down, ideally with a third party like a coach, and analyse what you’ve done (or not done) and what you could have done better. Much like when a race, despite all the training, didn’t go to plan. Did you have the right gear, clothing and fuel that day? If not, make sure to adjust your strategy and programme before the next one and adapt it to external factors. It’s only then that you will have the best possible chance of success.

TheCyberExpress

ISSUE 15 129

THE COVER

AMPLIFYING VOICES FOR GENDER EQUITY IN THE TECHNOLOGY INDUSTRY - By Shalini Nair Co-Founder and Board Director, Ennoventure, Inc.

In this digital era, where innovation and progress stand as the driving forces propelling us into the future, the tech industry finds itself entangled in a persistent challenge – the formidable gender disparity that obstructs its true potential. The call for gender equity in technology extends beyond a mere social justice imperative; it has evolved

130 ISSUE 15

TheCyberExpress

into an economic necessity, serving as a catalyst for groundbreaking advancements. As we chart our course through the intricate terrain of the tech landscape, it becomes increasingly crucial to elevate perspectives that not only advocate for but actively champion gender equity.

TheCyberExpress

ISSUE 15 131

THE COVER

Creating Inclusive Cultures: Cultivating a Foundation for Change A pivotal element in magnifying voices for gender equity is nurturing a culture of inclusion within tech organizations. Companies must prioritize building environments that are welcoming, diverse, and devoid of discrimination. This entails not just adopting inclusive practices but ensuring women feel empowered to contribute their unique perspectives. By amplifying the voices advocating for inclusive workplace cultures, we can spark transformative changes across the industry.shift towards recognizing the human element as a critical factor in defense. Combining technical expertise with strong interpersonal skills is the new frontier in fortifying organizations against the ever-growing sophistication of social engineering threats.

Leadership Matters: Resonating Voices from the Pinnacle Leadership, a linchpin in shaping organizational culture, demands the amplification of women’s perspectives in technology’s upper echelons. Recognizing and championing women who shatter glass ceilings not only offers role models but challenges entrenched biases. By sharing the tales and insights of female tech leaders, we inspire the next generation of women to tread the technological path, instigating a positive industry shift.

Empowering Through Education: Nurturing the Talent Pipeline Education is evolving into a fundamental instrument for dismantling gender stereotypes

132 ISSUE 15

TheCyberExpress

and enticing young girls into STEM fields. The amplification of voices from educators, mentors, and organizations dedicated to fostering STEM education for girls is becoming indispensable. Initiatives that offer hands-on experiences, mentorship, and exposure to successful women in tech are progressively shaping career choices. By empowering these influential voices, we are progressively bridging the gender gap at its roots, creating a more inclusive pipeline for future tech leaders.

Intersectionality Matters: Embracing Diversity in All Its Manifestations Recognizing gender’s intersectionality with other aspects of diversity – race, ethnicity, and socio-economic background – is paramount. Empowering the voices of women from diverse backgrounds ensures gender equity efforts are genuinely inclusive. Embracing diversity in its entirety, the tech industry can weave a tapestry of perspectives and experiences, propelling innovation and progress.

A Call to Action: Rallying for Equity and Innovation Amplifying voices for gender equity in the technology industry is a multifaceted endeavor demanding concerted effort. Fostering inclusive cultures, championing women in leadership, dismantling systemic barriers, supporting educational initiatives, and embracing diversity create an industry thriving on equity and innovation. Now is the time to resonate with these voices, striving for a future where the technology sector mirrors the diversity and potential of the world it innovates within

TheCyberExpress

ISSUE 15 133

HOT SEAT

Why is Gender Diversity Important in Cybersecurity? - By Camellia Chan and May Chng We talk about the skills gap and the lack of talent in the cybersecurity industry, but do we actually grasp just how dire the situation is? According to Cybersecurity Ventures , the number of unfulfilled cybersecurity roles stood at an estimated 3.5 million positions in 2022, and is expected to persist into 2025. That’s approximately the population size of Uruguay, and more than Lithuania - to put that into perspective. What percentage of the cybersecurity workforce is female? The same report found that women held just 25 percent of cybersecurity jobs globally. A clear solution to filling the talent gap is to encourage more women to enter the cybersecurity field because their contributions will

134 ISSUE 15

TheCyberExpress

not only close the shortage of skilled talent but also add valuable perspectives and dynamics to the industry. As female leaders of the industry, we have a front-row seat to the challenges women face in joining this industry. Since there are already many amazing female tech leaders sharing their strategies for advancing female involvement in the industry, we’re taking a slightly different route here. In the hopes of inspiring more to step forward and play a part in this essential industry, we want to answer the ‘Why’. In this article, we share some important contributions that women can and are already making in the cybersecurity landscape.

TheCyberExpress

ISSUE 15 135

HOT SEAT We Are All in This Together, And A Woman’s Perspective Matters Just as personalisation is the baseline for service-based industries, tailored attacks are the norm for hackers in today’s digital landscape. They exploit our differentiated weaknesses, whether it’s through phishing emails crafted to appeal to specific demographics or targeted malware campaigns aimed at exploiting vulnerabilities unique to certain groups. In such a scenario, having diverse perspectives and understandings of how different attack and victim groups might act is paramount. Consider the case of the “romcom” cyberattack in October last year. This campaign specifically targeted women, including political leaders,

136 ISSUE 15

TheCyberExpress

leveraging their interests and personal information to craft convincing phishing emails and social engineering tactics. Such examples underscore the need for a more comprehensive and nuanced approach to cybersecurity, one that takes into account the diverse experiences and vulnerabilities of all potential targets.

Evolving With Hackers, No Longer The Old Boy’s Club Do cybercriminals do it better than cyberdefenders? Given the anonymity of hacker forums, it may be accurate to say that skills matter more than gender in the criminal world. In the ongoing debate over diversity and the inclusion of women in cybersecurity, it’s disheartening to

realize that this conversation is still necessary in the 21st century. While we continue to make the case for diversity, hackers operate in the shadows, exploiting our weaknesses with impunity. In the shrouded criminal world of cybercrime, it stands to reason that skills often matter more than gender. Cybercriminals are recruited or operate independently based on their abilities, not their gender. Perhaps it’s time for the cybersecurity industry to evolve beyond the outdated notion of the “Old Boy’s Club” and embrace a more inclusive and meritocratic approach to recruiting and upskilling talent. By prioritizing skills and diversity of thought over traditional gender norms, we can form a stronger, more cohesive, and more perceptive view of tackling cybersecurity challenges.

Bridging Communications Across The Organization Within a corporate setting, women are the majority in areas such as human resources, communications, and public relations. In America, 70% is the proportion of female public relations practitioners, according to a 2020 study by Public Relations Society of America . So is it just an issue of being better suited for certain job scopes? In our opinion, this is a mindset that is slowly changing, and needs to change even quicker. This status quo is largely due to the perceived skillsets required for the abovementioned job scopes, involving communication, empathy, and relationship-building. Is this confined to women? No. These are attributes that many men possess and can demonstrate at work too. Both men and women often limit themselves, based on these preconceived notions of what roles suit their gender better. But what happens if individuals from any gender, age, race or background are spread evenly across an organisation? We are then able to break free of invisible “Us” and “Them” chains, and work far more seamlessly within an organisation. Without unconscious gender barriers between departments, communications and mutual understanding can be created more smoothly, resulting in more efficient output and performance.

This also means leaders must work hard to remove negative stereotypes and experiences that can damage an employee’s early experience in the industry - such as not being taken seriously, being asked to fetch coffees, or anything else that may diminish their abilities as an equal at the table.

A United Workforce Against Cybercrime, At All Times The importance of gender diversity in cybersecurity cannot be overstated. It’s not just about closing the skills gap or filling vacant positions; it’s about harnessing the full potential of a diverse workforce to confront the everevolving threats posed by cybercriminals. As we strive to build a safer and more secure digital future, let us recognize that a woman’s perspective matters—not just on International Women’s Day, but every day in the fight against cyber threats.

About the Authors: Camellia Chan (L) and May Chng (R) at the World Intellectual Property Organisation’s (WIPO) Global Awards ceremony in 2023. Camellia Chan and May Chng are the co-founders of hardware cybersecurity and memory storage specialist, Flexxon. Since founding the company in 2007, Camellia and May have grown Flexxon into an international business with offices in Singapore, the US, Malaysia, Taiwan, and Hong Kong. The company holds over 40 patents for its innovative hardware-based cybersecurity solutions that utilise Artificial Intelligence and Machine Learning to proactively detect, respond to, and remediate cyberattacks.

TheCyberExpress

ISSUE 15 137

DIGEST

Breaking Codes and Glass Ceilings: The Legacy of Women in Cybersecurity - By Augustin Kurian

In a recent homage to Women’s History Month, the US Cyber Command cast a spotlight on Judy Parsons and the unsung heroines of World War II, known as the “Code Girls.” Their story, deeply interwoven with the theme of International Women’s Day 2024, #InspireInclusion, serves as a

138 ISSUE 15

TheCyberExpress

reminder of the pivotal role women have historically played in keeping the world safer. This tribute not only honors their legacy but also bridges the past with the present, showcasing the continuum of women’s contributions to cybersecurity.

During the throes of World War II, a group of remarkable women, including Judy Parsons, were instrumental in the Allied forces’ intelligence efforts, breaking ciphers and providing crucial information that led to the sinking of 95 German U-boats.

TheCyberExpress

ISSUE 15 139

DIGEST

These women, meticulously selected from the Seven Sister colleges for their exceptional skills in mathematics, languages, and sciences, were America’s original ethical hackers. Yet, for decades, their contributions remained veiled in secrecy, their stories untold, and their achievements unrecognized.

The Code Girls: A Closer Look The story of the Code Girls begins in 1941, when mysterious letters arrived in the mailboxes of select students at the Seven Sister colleges. These letters, which would change the course of their lives, invited them to meetings where they were asked if they enjoyed crossword puzzles or had wedding plans. Unbeknownst to these women, they were being recruited for a top-secret mission that would leverage their unmatched skills in a bid to serve their country in an unprecedented way. These women were about to become part of a covert operation, breaking the codes and ciphers of the Axis powers. Working in secrecy, they embarked on a challenge that was as intellectually demanding as it was crucial to the Allied war effort. Their achievements, including the breaking of codes that

140 ISSUE 15

TheCyberExpress

led to significant naval victories, were monumental. Yet, the recognition of their contributions was delayed for decades, their stories untold, and their achievements unrecognized until recent years. The comparison of the Code Girls to their counterparts at Bletchley Park, including Alan Turing, and the acknowledgment of their similar achievements in breaking complex codes, serves to elevate their status in the annals of history. Despite facing bureaucratic rivalries and administrative sexism, these women persevered, showcasing their prodigious intellect and dedication to their work. Liza Mundy’s book, “Code Girls: The Untold Story of the American Women Code Breakers of World War II,” provides a detailed account of their efforts and the challenges they faced. The book’s revelations about the volume of intercepted and decoded messages, and the strategic impact of their work, offer a glimpse into the critical role these women played in the war effort. The notion of the Code Girls as America’s first ethical hackers and the modern-day equivalents of the intellectual women of the 18th century, the bluestockings, is a compelling comparison. It highlights the continuity of women’s contributions to intellectual and security fields, despite

societal expectations that often sought to limit their roles. The reflections of Ann Caracristi on the nature of the work and the fulfillment it brought underscore the personal impact of this service on the women involved. Their transition back to civilian life, with many unable to continue in high-level positions, points to the broader societal challenges faced by women at the time.

Bridging the Past and Present The narrative of the Code Girls is not merely a historical recount but a testament to the intellectual and innovative prowess of women in the realm of cybersecurity. Despite facing bureaucratic hurdles and administrative sexism, these women persevered, deciphering complex codes and creating deceptive intel to mislead enemy forces. Their work laid the foundational stones for modern cybersecurity practices and underscored the indispensable role of women in the field. Fast forward to today, the landscape of cybersecurity continues to evolve, with women like Tayse Orlovas, Director of Security & Resilience at Kyndryl, and Anna Collard, SVP of Content Strategy and Evangelist at KnowBe4 Africa, at the forefront. Their journeys, akin to those of the Code Girls, are marked by innovation, resilience, and a profound passion for cybersecurity. Tayse Orlovas, with three decades of experience in Information Technology, offers a unique perspective on the role of women in cybersecurity. “As a woman in STEM, my journey has been about overcoming doubts and leveraging my strengths to make a meaningful impact in the field of Information/Cyber Security,” Orlovas shares. Her insights into the qualities that women bring to cybersecurity—passion, optimism, organization, empathy, and collaboration— echo the theme of #InspireInclusion.

Orlovas emphasizes that these traits are not just beneficial but essential for success in cybersecurity, a field that thrives on diverse perspectives and innovative problemsolving. Anna Collard’s journey from doodling cartoons to becoming a cybersecurity leader is equally inspiring. Collard’s transition into the tech world was marked by a blend of creativity and determination. “I was driven by imposter syndrome to work as hard as I could and keep on studying in order to keep up with my mostly male engineering colleagues,” Collard recalls in one of her columns in The Cyber Express. Her innovative approach to cybersecurity education, combining her love for cartoons with her expertise in the field, highlights the diverse pathways into cybersecurity and the importance of creative thinking in developing effective security solutions. Both Orlovas and Collard emphasize the importance of inclusion and diversity in driving innovation and effectiveness in cybersecurity. Their stories, along with those of the Code Girls, serve as a powerful reminder of the contributions women have made—and continue to make—in the field. As we celebrate International Women’s Day 2024 under the theme #InspireInclusion, it’s crucial to recognize and honor the achievements of women in cybersecurity, from the pioneers of the past to the leaders of today. The legacy of the Code Girls, coupled with the contributions of women like Tayse Orlovas and Anna Collard, illustrates the transformative power of inclusion in cybersecurity. Their stories not only celebrate the past achievements of women in the field but also highlight the ongoing need for diversity and inclusion in shaping the future of cybersecurity. As the cybersecurity landscape continues to evolve, the stories of these remarkable women serve as a beacon, inspiring future generations to pursue careers in tech and cybersecurity.

TheCyberExpress

ISSUE 15 141

TRENDS

BREAKING BARRIERS: HOW A NON-TECHNICAL BACKGROUND LED TO A

CYBERSECURITY CAREER - By Samiksha Jain

In today’s digitally driven world, the importance of cybersecurity cannot be overstated. With businesses and individuals alike reliant on digital platforms for communication, commerce, and entertainment, the threat of cyberattacks looms large. As organizations strive to fortify their defenses against evolving

142 ISSUE 15

TheCyberExpress

cyber threats, the role of women in cybersecurity is garnering increased attention and recognition.

management, Dorota’s journey into cybersecurity was both deliberate and transformative.

Dorota W róbel, Chief Research and Development Officer at G2A.COM, embodies the spirit of innovation and resilience in the cybersecurity world. With a diverse background spanning economics, marketing, and

In an interview with The Cyber Express, Wróbel shares her insights on the intersection of gender diversity and cybersecurity, shedding light on the unique contributions that women in cybersecurity bring to the table.

TheCyberExpress

ISSUE 15 143

DIGEST TRENDS

On Women in Cybersecurity One of the key insights from Dorota Wróbel’s experience is the importance of diversity in cybersecurity teams. She emphasizes the need for interdisciplinary backgrounds, highlighting how women’s attention to detail complements men’s risk-taking tendencies. In a field dominated by male voices, Dorota’s perspective offers a refreshing take on the potential of diverse teams to tackle cybersecurity challenges effectively. “When I first entered the cybersecurity realm, I was struck by its masculine-dominated culture. However, I saw an opportunity to leverage my skills and perspective to make a meaningful impact,” reflects Dorota. “Women possess a keen attention to detail, which is invaluable in identifying and mitigating cyber threats. By fostering diversity in cybersecurity teams, we can harness a wider range of perspectives and strategies to tackle complex challenges.”

Why Training and Mentorship is Important? Education emerges as a recurring theme in Dorota’s discussion, echoing the sentiment that awareness and training are paramount in combating cyber threats. With cybercrime projected to reach unprecedented levels, the need for cybersecurity education has never been more urgent. “Cybersecurity is a constantly evolving field, and staying ahead of emerging threats requires continuous learning,” she asserts. “Investing in employee training, establishing a culture of security awareness, and leveraging external partnerships are crucial steps in strengthening cybersecurity resilience.” Moreover, Dorota highlights the significance of mentorship and support networks for women in cybersecurity. While the industry may present unique challenges for women, she encourages aspiring professionals to speak up, seek guidance, and leverage their skills to make a meaningful impact.

144 ISSUE 15

TheCyberExpress

“Navigating a male-dominated industry can be daunting, but with the right guidance and encouragement, women can thrive,” she says. “By fostering a supportive environment and providing opportunities for professional development, organizations can unlock the full potential of their female talent pool.” Dorota’s advocacy for gender diversity extends beyond the world of cybersecurity. As a champion of women in technology, she believes in breaking down barriers and challenging stereotypes. “Women bring unique skills and perspectives to the table, enriching the cybersecurity landscape with fresh ideas and innovative solutions,” she affirms. “By embracing diversity and inclusion, we can build stronger, more resilient cybersecurity ecosystems.” Looking ahead, Dorota is optimistic about the future of women in cybersecurity. As awareness grows and barriers continue to be broken down, she envisions a landscape where women play a central role in shaping cybersecurity strategies and driving innovation. “As awareness grows and barriers are dismantled, we are witnessing a shift towards greater gender diversity in the cybersecurity workforce,” she observes. “By nurturing talent, fostering mentorship, and championing diversity, we can create a more inclusive and equitable cybersecurity industry.”

To Wrap Up Dorota Wróbel’s journey exemplifies the transformative potential of women in cybersecurity. Through her leadership, expertise, and unwavering commitment to excellence, she is paving the way for a more inclusive and resilient cybersecurity landscape. As organizations confront the challenges of an increasingly digital world, the role of women in cybersecurity will be instrumental in safeguarding our collective digital future.

TheCyberExpress

ISSUE 15 145

FROM MILITARY TO MENTOR:

COL. PADILLA-TABORLUPA

EMPOWERS WOMEN IN STEM In the ever-evolving realm of cybersecurity, where every click and keystroke holds the weight of security and innovation, there emerges a figure whose name reverberates with inspiration and trailblazing spirit: Colonel Francel Margareth Padilla-Taborlupa.

Anchored under the overarching theme of “Invest in women: Accelerate progress,” The Cyber Express embarks on a journey to explore the personal narratives of resilience and triumph from her shaping the contours of cybersecurity.

With a career spanning over 27 years, Col. Padilla-Taborlupa stands as a testament to the fusion of technology expertise and unwavering leadership, seamlessly navigating the complex world of both the military and cybersecurity domains.

In a recent conversation with The Cyber Express, she shared insights into her journey, the challenges faced by women in male-dominated fields, and the importance of gender diversity and inclusion in cybersecurity and the armed forces. Here is the excerpt from the interview:

146 ISSUE 15

TheCyberExpress

ISSUE 15 147

REGISTER Col. Padilla-Taborlupa’s Journey in Cybersecurity Reflecting on her journey, Col. PadillaTaborlupa reminisced about her beginnings in the Philippine Military Academy, where she specialized in the Signal Corps, focusing on command control, communications, and cybersecurity. She emphasized the importance of laying a solid foundation in information systems, stating, “Nobody can start with cybersecurity altogether; you have to have a foundation.” This foundational knowledge paved the way for her transition into cybersecurity in 2016, where she brought a unique perspective to the field, focusing on applications and collaborating closely with experts in networks and hardware.

Challenges Faced by Women in Cybersecurity Despite her numerous accolades, including being named Cybersecurity Woman Leader of the Year and ranking among the top women in cybersecurity in Asia and the Philippines, Col. PadillaTaborlupa remains acutely aware of the challenges faced by women in the industry. “From the very early days of the internet, cybersecurity has been mainly dominated by men,” she explained. “Women often face stereotypes and biases that can undermine their credibility and abilities.” One of the key challenges Col. PadillaTaborlupa highlighted is the pervasive stereotypes and biases faced by women in STEM fields. Despite being recognized as a cybersecurity leader, she emphasized the need to constantly prove oneself in a male-dominated industry. However, she remains undeterred, leveraging her position to advocate for gender diversity and inclusion in cybersecurity.

148 ISSUE 15

TheCyberExpress

Empowering Women in Cybersecurity Through Advocacy As a leader in cybersecurity, Col. PadillaTaborlupa recognizes the importance of visibility and representation. Through her achievements and leadership roles, she aims to inspire the next generation of women in cybersecurity. By serving as a mentor and providing guidance to aspiring professionals, she hopes to break down barriers and empower women to pursue careers in cybersecurity and the military. “Our presence challenges stereotypes and biases,” she asserted. “We demonstrate that women can succeed and excel in cybersecurity roles.” She emphasized the importance of visibility and representation, sharing, “I feel honored to have that followership. I make it a point to mentor younger generations and provide guidance and advice.” Gender diversity and inclusion are not just buzzwords for Col. PadillaTaborlupa; they are fundamental principles that drive her work. She highlighted the benefits of diverse teams in cybersecurity, stating, “Diverse teams generate innovative solutions and strategies that may not have been considered otherwise.” In the Armed Forces of the Philippines, she emphasized the importance of gender-diverse teams in enhancing operational effectiveness and resilience, ensuring that policies and strategies are inclusive and reflective of the population they serve. Col. Padilla-Taborlupa’s commitment to empowering women extends beyond her military duties. Through initiatives like the Cyber for Peace Initiative, she has spearheaded efforts to promote technology for development in underserved communities. “We

partnered with local governments to provide cybersecurity training and set up command and control centers for humanitarian and disaster relief operations,” she shared. Empowering Change: A Leader’s Legacy Throughout her career, Col. Padilla-Taborlupa has been instrumental in supporting women in cybersecurity and the military. From spearheading initiatives like the Cyber for Peace Initiative to partnering with universities and local governments to promote cybersecurity awareness and training, her dedication to empowering women is evident. As an international lecturer and moderator, Col. PadillaTaborlupa continues to engage diverse audiences, advocating for women’s participation in cybersecurity. “I

want to inspire more women to break glass ceilings and join the field of STEM and cybersecurity,” she declared. Through her captivating storytelling and unwavering passion, she ignites the flames of change and empowers future generations of professionals. In conclusion, Col. Francel Margareth Padilla-Taborlupa’s journey exemplifies resilience, determination, and leadership in the face of challenges. As a trailblazer in cybersecurity, she continues to pave the way for women in male-dominated fields, championing diversity and inclusion every step of the way. With her unwavering commitment and passion, she is shaping the future of cybersecurity and empowering women to thrive in the digital age. (Interviewed by Ashish Khaitan)

TheCyberExpress

ISSUE 15 149

PERSPECTIVES

Find Your Tribe:

Top 10

Communities for Women in Cybersecurity - By Samiksha Jain Communities have a unique knack for pooling together strengths that frequently slip under the radar. But in the cybersecurity arena, where women’s representation is on the rise, these supportive networks are becoming invaluable.

communities play. They are not just about offering guidance and accelerating the advancement of women in fields dominated by men; they’re about creating environments where acceptance and recognition flourish.

It’s high time to acknowledge and honor the vital role these

They are the backbone of empowerment, ensuring that every

150 ISSUE 15

TheCyberExpress

woman feels not just included but celebrated in her journey through the cybersecurity landscape. As we gear up to celebrate women in cybersecurity, it’s time to shine a spotlight on the incredible communities that provide unparalleled support to women in cybersecurity.

TheCyberExpress

ISSUE 15 151

PERSPECTIVES

With this year’s theme, “Inspire Inclusion,” urging us to champion and invest in women, we are propelled towards a future that’s not only fairer but more equitable. What better time to celebrate than now, spotlighting the vibrant communities where women thrive? Join The Cyber Express as we embark on a journey to unveil the top 10 communities where women in cybersecurity converge, collaborate, and thrive. These dynamic networks serve as powerful catalysts for empowerment, providing essential support, resources, and networking opportunities across all stages of a woman’s cybersecurity career. Whether you’re a seasoned professional or a newcomer to the field, we’ve curated a definitive list of communities where you can connect, learn, and evolve alongside likeminded women.

BlackGirlsHack BlackGirlsHack, founded in 2019 by Tennisha Martin, focuses on training to enhance diversity in cybersecurity. It bridges the gap between educational curriculum and industry demands. Emphasizing inclusivity, it envisions a cyber industry with diverse representation, including

152 ISSUE 15

TheCyberExpress

Black women in technical, leadership, and executive positions. Despite its name, membership is open to all genders and ethnicities. Martin, also the executive director, leads the organization towards its goal of creating an inclusive and reflective community within the cybersecurity sector, ensuring skills align with industry needs while advocating for underrepresented groups.

WiCyS (Women in Cybersecurity) Founded in 2013 by Ambareen Siraj, Women in Cybersecurity (WiCyS) operates as a non-profit, initially funded by a National Science Foundation grant to Tennessee Tech University. WiCyS is dedicated to recruiting, retaining, and advancing women in cybersecurity, offering networking, mentorship, and professional development resources. With a global presence since 2012, WiCyS hosts annual conferences, facilitating connections and knowledge sharing among women in the field. Through its initiatives, WiCyS aims to enhance diversity, inclusion, and equal opportunities in cybersecurity for individuals worldwide.

AWSN (Australia Women in Security Network) Established in 2014 by Jacqui Loustau, the Australia Women in Security Network (AWSN) is a nonprofit aiming to educate and increase the participation of women in Australia’s security sector. Loustau, also serving as the executive director, initiated the group after noticing the lack of women representation in cybersecurity events. With 2,817 members nationwide and chapters in major cities, AWSN facilitates informal gatherings and professional programs to foster connections and support among women in security. Over the past three years, AWSN has equipped over 1,300 professionals with various career-focused initiatives, including mentoring and technical skill development.

Breaking Barriers Women in Cybersecurity (BBWIC) Foundation Breaking Barriers Women in Cybersecurity (BBWIC) Foundation, originating as a Lean-In Circle in January 2021 by Aastha Sahni, aims to unite women entering the cybersecurity industry. Sahni’s initiative evolved into a non-profit

organization under the Canadian Not-For-Profit Act by October 2021 due to a surge in membership and global interest. BBWIC serves as a supportive network for immigrants to the US and Canada while offering guidance to women worldwide. Their focus lies in leadership development, awareness of opportunities, and providing a safe environment for addressing challenges and fostering overall personality growth through networking, education, and training initiatives.

SIA’s Women in Security The Security Industry Association’s (SIA’s) Women in Security Forum is a platform that fosters inclusivity and professional development for both women and men. Through various programs, networking events, and professional growth opportunities, the forum aims to support the involvement of women in cybersecurity. Key initiatives include the SIA Progress Award, recognizing individuals driving progress for women in security, as well as networking events and SECURE Perspectives, a monthly column highlighting successful women in the industry. Additionally, the forum promotes diversity through initiatives such as an all-women-authored edition of the SIA Technology Insights journal. These efforts contribute to creating an environment where women can thrive and contribute meaningfully to the security industry.

SheHacks KE

to providing women in the cybersecurity field with a supportive platform for professional development. The community, comprising women from various backgrounds and regions across Kenya, aims to address the lack of female representation in cybersecurity workplaces and conferences. SheHacks KE facilitates interaction, learning, and skill enhancement among women in cybersecurity, fostering an environment where members can collaborate and support one another in their professional endeavors. The initiative seeks to empower women to excel in the cybersecurity industry by creating opportunities for networking, knowledge sharing, and collective growth.

Girls Who Code Cybersecurity Club Girls Who Code is committed to fostering diversity, equity, and inclusivity in the tech sector. They recognize the historical and systemic barriers that have contributed to the gender disparity in computer science. Their focus extends to young women from marginalized backgrounds, including those from minority groups and low-income families, who may have limited exposure or access to computer science education. Additionally, Girls Who Code values the diversity of identities and experiences, welcoming individuals who identify as female, non-binary, or gender nonconforming into their programs. They prioritize creating an inclusive environment where everyone can participate and contribute to the advancement of technology.

SheHacks KE, established in 2016 by Laura Tich, Evelyn Kilel, and Patricia Jerotich, is a nonprofit organization dedicated

TheCyberExpress

ISSUE 15 153

DIGEST PERSPECTIVES Executive Women’s Forum (EWF) The Executive Women’s Forum (EWF), founded in 2002 by Joyce Brocaglia, managing director and global practice leader of cybersecurity at Alta Associates, is dedicated to advancing women’s careers in information security, IT risk management, and privacy. The EWF offers thought leadership programs and networking opportunities to its members, aiming to help them build their knowledge and professional networks. Through partnerships with corporations and collaborations with industry leaders, universities, and the U.S. government, the EWF works to promote diversity, equity, and inclusion within the cybersecurity sector. Its offerings include an annual conference, an online community called EWF CONNECT, a mentoring program (Lift Mentoring Program), regional meetings, forums, and a Women of Influence Round Table for senior executives. The EWF emphasizes inclusiveness and equal opportunity in its leadership, board, membership, initiatives, policies, and practices. Annual individual membership costs $1250, providing access to various resources and networking opportunities within the community.

FirstBoard.io FirstBoard.io is described as a handpicked network of female tech founders, CXOs, and operating leaders who collaborate to elevate female representation on corporate boards. Established in 2020 by Rita Scroggin, an executive search partner, the platform aims to increase the presence of female technology leaders on boards across various sectors such as cybersecurity, cloud computing, and artificial intelligence. It strives to achieve this by bridging the gap between qualified female leaders and companies seeking diverse board members. Unlike traditional

154 ISSUE 15

TheCyberExpress

membership-based models, FirstBoard. io operates on a unique approach, recruiting only board-ready individuals who actively contribute to the organization’s mission without charging any membership fees.

Chief Chief is a community designed specifically for executive women, offering a platform to connect with VP and C-Suite leaders across various industries and expertise. Founded in 2019 by Lindsay Kaplan and Carolyn Childers, Chief aims to support women executives by providing access to one-on-one executive coaching, powerful peers, and exclusive programming. The organization welcomes leaders who identify as women, transgender, nonbinary, and gender nonconforming, and its leadership vets applicants for executive seniority to ensure members can receive support from true peers. With a network spanning 10,000 companies, Chief boasts an impressive roster, with 77% of Fortune 100 companies represented and 40% of Chief members holding positions in their companies’ C-suites. Annual fees for Chief membership range from $5,800 to $10,900, depending on the selected level of access. The vibrant communities we’ve explored are more than just support systems. They’re launchpads for a future where women in cybersecurity are not just empowered, but architects of the digital landscape. By fostering collaboration, knowledge sharing, and leadership development, these groups are shattering stereotypes and paving the way for a more inclusive and innovative cybersecurity industry. So, don’t just find your tribe – help build it! Join a community, mentor a newcomer, or even start your own initiative. Every action, big or small, contributes to a future where the brilliance of women in cybersecurity is not a rarity, but the norm.

TheCyberExpress

ISSUE 15 155

INSIDER

Bridging the Gap:

Why Women Hold the Key to Cybersecurity’s Future - By Eng. Dina Al-Salamen Vice President and the Head of Cyber and Information Security at Bank ABC (Jordan)

In today’s rapidly evolving digital landscape, cybersecurity has emerged as a critical concern for organizations and individuals alike. Yet, despite the growing demand for cybersecurity professionals, the field remains largely male-dominated. This gender gap not only deprives industry of diverse perspectives and

156 ISSUE 15

TheCyberExpress

talents but also hinders its ability to effectively address the complex challenges of cybersecurity. In this article, we explore the pivotal role that women play in shaping the future of cybersecurity and why bridging the gender gap is essential for the industry’s success.

TheCyberExpress

ISSUE 15 157

INSIDER

The Untapped Potential of Women in Cybersecurity 1.

Unique Perspectives: Women bring a diverse range of perspectives, experiences, and insights to cybersecurity, enriching problem-solving approaches and fostering innovation within the industry.

Collaboration and Communication: Women’s strong interpersonal skills and collaborative nature make them well-suited for cybersecurity roles that require effective communication, teamwork, and coordination.

Attention to Detail: Women’s meticulous attention to detail and methodical approach to problem-solving are invaluable assets in cybersecurity, where precision and accuracy are paramount.

Resilience and Adaptability: Women demonstrate resilience and adaptability in the face of challenges, enabling them to navigate the rapidly evolving threat landscape of cybersecurity with agility and determination.

Leadership Potential: By empowering women to pursue leadership positions in cybersecurity, organizations can tap into a wealth of untapped leadership potential and foster a more inclusive and dynamic leadership culture within the industry.

Strategies for Bridging the Gender Gap in Cybersecurity 1.

Education and Outreach: Encouraging more women to pursue education and training in cybersecurity through targeted outreach efforts, scholarships, and mentorship programs can help bridge the gender gap from an early age. Mentorship and Support: Establishing mentorship programs and support networks that provide guidance, encouragement, and career development opportunities for women in cybersecurity can help them overcome barriers and achieve success in the field. Inclusive Work Environments: Creating inclusive work environments that value diversity, offer equal opportunities for advancement, and address gender bias and discrimination is essential for retaining and empowering women in cybersecurity roles.

158 ISSUE 15

TheCyberExpress

Advocacy and Awareness: Advocating for gender equality and raising awareness about the importance of women’s participation in cybersecurity through industry initiatives, events, and campaigns can help drive cultural and systemic change.

Recognition and Representation: Recognizing and celebrating the achievements and contributions of women in cybersecurity through awards, promotions, and opportunities for visibility and leadership can help promote their representation and visibility within the industry.

Women hold the key to cybersecurity’s future, bringing unique perspectives, talents, and leadership qualities that are essential for addressing the complex challenges of cybersecurity in the 21st century. By bridging the gender gap and empowering women in cybersecurity, we can build a more diverse, inclusive, and resilient workforce that is better equipped to safeguard our digital assets and protect our digital future. It’s time to recognize the invaluable contributions of women in cybersecurity and unlock their full potential for the benefit of all.

About the Author: Eng. Dina Al-Salamen is the Vice President and the Head of Cyber and Information Security at Bank ABC (Jordan). She has worked for multinational businesses such as Arab Bank and Bank ABC for over 17 years. She recently got the opportunity to be a member of the EC-Council International Advisory Board (CISO Program). She holds PECB Trainer and EC-Council Certified Instructor credentials. She is honored to participate as an advisory member in several cybersecurity and CBDC communities in Jordan’s financial sector. Dina has a genuine love for innovative technologies such as Blockchain, Big Data, and Artificial Intelligence. She gives keynote speeches on cybersecurity and has spoken at various international conferences, including GISEC in Dubai, LEAP & Blackhat MEA in Riyadh, and the Fintech Summit in Jordan.

TheCyberExpress

ISSUE 15 159

160 ISSUE 15

TheCyberExpress

ISSUE 15 161

SCAN AND STAY UPDATED WITH REAL TIME CYBERSECURITY NEWS To advertise with us, write to: marketing@thecyberexpress.com