Woman-to-Woman: Watch Us Hack

Some of the most powerful women in cyber security—including IBM’s chief information security officer and McAfee’s senior vice president in charge of endpoint protection—will share their insights with other women on how to enter the high-demand field during a two-day conference at the New York University Polytechnic School of Engineering.

“Career Discovery in Cyber Security: A Women's Symposium” is believed to be the first conference of its kind, designed to explain the types of jobs available and provide basic information on how to pursue education in cyber security or to change career paths to enter the field. Attendees will include potential computer engineers and scientists, as well as those in management, law, law enforcement, business, public policy, and other fields that provide springboards to careers in digital security and forensics.

The conference will be held in Downtown Brooklyn on Friday and Saturday, October 17 and 18, 2014.

The shortage of information security experts protecting consumers, business, infrastructure, and national security is acute and growing and the need for women is widely acknowledged. The U.S. Department of Labor projects job demand for analysts alone will grow 37 percent over the next 10 years—far faster than most other fields. Yet a recent survey by Raytheon and Zogby Analytics showed a relative lack of interest in the field among young people—especially women. Estimates of the number of women in the workforce vary but are exceptionally low: 8 to 15 percent. Yet salaries are high, and women in leadership positions earn as much as males—$105,000, according to a report by (ISC)2 and Symantec using data collected by Frost & Sullivan.

“Those of us who teach entry-level engineering courses quickly realize that the few women in the room often start out at a disadvantage—they may not know as much about coding or jargon, and that makes them reluctant to join the classroom discussion. But they quickly overcome that small entry hurdle to become stars—indeed, the NYU Polytechnic School of Engineering has educated women who have gone on to significant cyber security roles in business, government, the financial sector, and academia,” said Professor Nasir Memon, chair of the Department of Computer Science and Engineering. “I am proud that several will be addressing this symposium. But we as a nation need far, far more researchers and professionals capable of protecting our privacy and security.”

He continued, “This symposium will give women a foundation and demonstrate the many opportunities that exist—not just for young women who are in school, but for mid-career professionals and those re-entering the workforce.”

IBM Chief Information Security Officer and Vice President for IT Risk Joanne L. Martin will close the symposium with the keynote address, “Today’s CISO: Part Technologist and Part Executive.” She will explain how the role of the chief information security officer has evolved from a technology-oriented position, with responsibility to understand and implement new security products, to a business-oriented executive position. She will outline the new responsibilities—
understanding, quantifying, and modulating information security risks—and  discuss personal and career decisions that support growing into this type of leadership role.

"The demand for skilled cyber security professionals and leaders is at an all-time high,” Martin said. “This presents tremendous opportunities for women. For those interested in pursuing management and executive paths, information security knowledge, combined with business acumen and management skills, are a powerful combination. To emerge as a leader in the field, you need more than technical know-how. You need to be able to help your C-suite executives determine an acceptable level of risk and balance that with business goals.”

Candace Worley, McAfee Senior Vice President and General Manager for Endpoint Security, will open the conference with her keynote address, “Cyber Security:  A Career with a Social Conscience!” She will share her insight on the cybersecurity track, the career opportunities it presents, and her experience as a leader in the industry.

“Over the next several years there will be an exponentially higher number of IP-enabled devices in the world making the lives of millions around the globe better and brighter,” Worley said. “The dark side of this connected reality is that it also makes them more vulnerable to hackers, malware writers, and cyber criminals. Cyber security is an industry that appreciates talent regardless of what form it comes in and rewards innovation and creativity while at the same time satiating our need to make a difference in the world.”

Speakers for the plenary sessions will include NYU School of Law Senior Fellow and Founding Member of GermanoLawLLC Judith H. Germano; Facebook Security Engineer Eleni Gessiou; PricewaterhouseCoopers Information Security Consultant Kristen Hayduk; Live Nation Entertainment Vice President of Information Security Shyama Rose; and Rakoku Holdings Entrepreneur in Residence Kelly Shortridge.

Leading workshops that outline a day in the life of different kinds of security professionals will be George Washington University Assistant Vice President of Information Security and Compliance Amy Butler; Accuvant Labs Research Scientist Ben Nell; Google Information Security Engineer-Android Security Natalie Silvanovich; Johnson & Johnson Worldwide Information Security Department Technology Manager-Security Engineering Carol Suchit-Hudson; U.S. Secret Service Electronic Crimes Task Force Special Agent; and Yahoo CISO Chief of Staff Regina Wallace-Jones. 

Executive sessions will offer question-and-answer opportunities. Joining the panel will be moderator and McAfee Sales Systems Engineer Briana Farro; and Bishop Fox Managing Security Associate-Enterprise Security Christie Grabyan.

The conference will include speed-mentoring sessions and will close with hands-on educational contests and training that will help participants judge whether they will enjoy actually working in the field. Heading these sessions will be Foundstone Professional Services (McAfee, Intel) Research Manager Brad Antoniewicz; Etsy Network Security’s Ben Hughes; Tumblr Security Engineer Kelly Lum; and Etsy Security Engineer Raj Umadas.

Intel Security (McAfee) will award a $2,000 scholarship for the current study of any STEM (science, technology, engineering and mathematics) degree to one applicant at the event. Details on applying will be posted on the event website.  For more information or to register for “Career Discovery in Cyber Security: A Women's Symposium,” visit https://cybersymposium.isis.poly.edu.

Support for the symposium is provided by Etsy, IBM, McAfee, and Trail of Bits.

The career symposium is part of a wider initiative at the NYU Polytechnic School of Engineering to fill the cyber security talent gap by reaching beyond the university.

Recognizing that students need to engage early to prepare for difficult coursework ahead, the school runs the world’s largest cyber security competition for high school students, the Cyber Security Awareness Week (CSAW) Digital Forensics Contest. Last year the youth-friendly event attracted more than 1,500 high school students who competed to win a trip to New York to participate in the finals in November. To prepare for CSAW, high school and college teachers attend a summer program supported by the National Science Foundation, in which they develop cyber security programs for their own schools. The high school teachers specifically commit to developing female CSAW teams. In addition, the National Security Agency and the Alfred P. Sloan Foundation support summer CSAW bootcamps for high school girls.

The NYU School of Engineering was one of the first universities to develop a cyber security program, launching its master’s degree in cyber security in 2009. The school also offers numerous cyber security courses and extra-curricular opportunities for undergraduates. It has received all three Center of Excellence designations from the National Security Agency and the United States Cyber Command. Its cyber security program was previously singled out by the Sloan Consortium as the outstanding graduate online program.