Women hack into the boys club
females outnumber males in ‘white hat’ positions aimed at preventing breaches and strengthening technology defences
Tiffany Rad is turning software-industry gender stereotypes on their head. Rad is a white hat, a hacker who specializes in looking for security holes so that they can be fixed. The attorney turned her computerhacking hobby into a career in 2008, when she submitted a research proposal to an underground security conference in New York. Rad’s talk there propelled her into the industry, and she is now manager of threat research for ThreatGrid, a specialist in malicious software analysis that Cisco Systems Inc. bought in May.
“To be able to present at these conferences has been fantastic in jumpstarting my career,” said Rad, who speaks regularly at security events and has worked for top cybersecurity firms. “Now I meet many more women doing the same.”
Over the last decade, women like Rad have become increasingly prominent in white hat roles at technology companies, including Apple Inc., Microsoft Corp. and startups, reflecting the rising profiles of females throughout the security-technology industry. Several of them have taken leadership positions, including Heather Adkins, who joined Google Inc. in 2002 as one of the founding members of the company’s security staff and now manages the team that responds to hacking attacks against its corporate networks.
Women outnumber men in the specific jobs of analysts and advisers working on preventing breaches and strengthening technology defences, according to 2011 and 2013 studies from the International Information Systems Security Certification Consortium, or ISC2. Female attendees at security conferences have also risen to hundreds or more at key events like Black Hat and DefCon, from nearly none 15 years ago, according to organizers of the events.
That contrasts with trends in the larger technology industry, where 74 per cent of U.S. workers in computer and mathematical occupations last year were men, according to the Bureau of Labor Statistics. Silicon Valley companies including Google and Facebook Inc. have recently been embroiled in a debate over the lack of female employees, releasing data that show women make up less than 40 per cent of their workforces.
In the early days of hacking conferences, “it was really rare if there were maybe a couple of women in- volved who were credible and knew their stuff,” said Jeff Moss, who founded DefCon in 1992 and Black Hat in 1997 and advises the U.S. Department of Homeland Security. “Nowadays there are too many to mention.”
Helping to drive the rise of women white hats is the meritocracy of security-technology conferences, where participants present papers and discuss flaws in code.
That helps show their chops immediately, as opposed to other technology gatherings where companies hawk their wares and don’t give attendees opportunities to discuss their findings.
Female trailblazers also have helped set a precedent for counterparts to enter the industry as mounting concern over cybersecurity lures a rush of investment and creates jobs.
In total, the security industry will top $85 billion US in worldwide revenue in 2016, up 68 per cent from $51 billion in 2010, according to Gartner Inc.
“The number of women in leadership positions in security is growing dramatically,” said Julie Peeler, director of ISC2’s foundation in Clearwater, Florida.
Among Rad’s white hat female counterparts today are Adkins at Google; Window Snyder, who has held security roles at Microsoft, Mozilla Corp. and Apple; Katie Moussouris, who had senior positions at Symantec Corp., Microsoft and is now chief policy officer at a startup called HackerOne Inc.; Joanna Rutkowska, founder and chief executive officer of Invisible Things Lab, a research organization in Poland; and security consultant Jen Savage.
“In the security industry, you are judged on your skills alone,” said Nico Sell, a DefCon organizer and CEO of Wickr Inc., a San Francisco-based company that makes a smartphone application for sending encrypted messages. “This offers an opportunity for smart women because there is no denying your talent,” she said.