We know that it's very challenging to design and implement systems that are highly resistant to malicious activity. We also know that diversity in teams produces better results. Why are there so few women and minorities in IT security?
In January I spoke alongside women leaders from NetApp, Symantec and Google on a panel at OWASP AppSec California. An audience member said, “The best managers I've had have been women. Are women better managers? Why?”
In my 10-plus years as a security practitioner, product manager and consultant, I've been told that I am calm in a crisis. That I'm an effective communicator. That I'm a great team leader. That I handle and resolve conflict well.
I happen to be a woman. My gender doesn't matter, but my skills and actions do. The IT security field is full of interesting problems to solve. In this industry, there are far more jobs that need to be filled than there are qualified people to do the work.
The advice that I give to students, friends and colleagues aspiring to be IT security leaders is the same regardless of gender or race:
Be committed. Make sure you really understand the problem you're trying to solve, then apply your talents and work hard.
Learn everything you can. Attend community events and listen to the people that you respect. Study their work. Ask questions! Join industry groups. Take on a side project, or two.
Be opportunistic. If your job sucks, find a better one. Seek and leverage mentors who can see your potential and advise you beyond your own experience.
Take care of yourself. You will deliver the highest quality work when your heart, mind and body are well.
Leadership is about teamwork. The best teams are diverse. That's all there is to it.
Caroline Wong, security initiative director at Cigital is the author of Security Metrics, a Beginner's Guide.