General security

Women in cybersecurity — a mini Who’s Who

Susan Morrow
May 6, 2019 by
Susan Morrow

I started my career in science. When I left the pharmaceutical industry in the mid-‘90s, I was one of seven women in a pharmaceutical manufacturing plant with over 200 men. So when I came into the tech industry, I had some experience of being a lone female in a sea of male faces.

However, when I first became involved in cybersecurity back in the ‘90s, I was shocked at the lack of females anywhere. At Infosec Europe back in 1998, I felt like I was the only woman in the whole exhibition — apart from the “booth babes,” of course. 20 years later, things haven’t changed much. This Twitter discussion on the matter by cybersecurity consultant Jane Frankland shows that even now, women are presented at shows as a kind of prize for the male attendees:

You can’t help but feel like an outsider. I suffer from “only woman in the room” syndrome to this day. In a recent technical meeting I attended, there were 22 people in the room — I was the only female.

I know that there will be some folks, male and female, reading this, sighing and thinking “Oh, no, not another whining woman.” But I’m not here to whine about the lack of female representation in the industry, even with less than one-quarter of the workforce being female. No, I am here to celebrate the amazing women who are contributing, along with their male colleagues, to an industry that is blossoming.

Before leaping into my list of interesting and clever women in cybersecurity, I want to stress something. This list only shows a small subset of women in this industry. These women here have already achieved a high profile, but they are not alone.

There are women coming fast behind them, raised by women who have had a career already in the space. By women supporting school and college projects to encourage women into cybersecurity. And there are those who are the quiet ones, diligently working on their cybersecurity projects but not on social media; to those women, you may not be in my list, but you are trailblazers and pioneers all the same and I salute you!

Ten-woman starter list: Contributors to cybersecurity awareness

The following list of women is in no particular order. They do, however, represent women who work across many aspects of the cybersecurity industry. It is a diverse industry, so it deserves a diverse workforce. The women below are entrepreneurs, programmers, analysts, speakers, writers and facilitators. All of them show incredible passion for their work and I find them inspirational — I just wish I could match their energy.

Dr. Jessica Barker

Jessica is the Socio-Technical Lead and co-CEO for security consultancy firm Cygenta. Dr. Barker really understands the human-centered nature of cybersecurity; Cygenta demonstrates the balance of human and technical needed in modern security threat mitigation. Jessica is a prolific speaker and has a lot of engagements. In 2017, she was named among the top 20 women of influence in cybersecurity in the UK.

Jacqui Loustau

Jacqui Loustau is Head of Security Influence and Outreach, ANZ and a founder of the Australian Women in Security Network. Jacqui is very active in cybersecurity as an evangelist and door opener for other women — and boy, do we need them. She is part of the Security Job Profile Project, which aims to demystify the security sector in order to encourage more to enter it.

Chani Simms

Chani is an energetic entrepreneur. She is a founder of Meta Defence Labs and the information security mentoring and management platform SHe CISO Exec.™ She also recently won the (ISC)2 Women in Information Security Professional award.

Erin Jacobs, aka SecBarbie

Erin Jacobs (and her alter ego SecBarbie) is a Founding Partner at Urbane Security. She tweets it how it is with statements like “Career Tip: Apply for roles that you actually care about and want to have. Half-assing comes across loud and clear to hiring managers. Plus, don't you want to be passionate about where you work and what you do?”

Tailor Tolliver

Tailor describes herself as a “Life-sized bratz doll with a passion 4 hackin’” — I love that so much. I’m predicting that Tailor will really shake things up; she is fast becoming an influencer on social media. She is a security engineer with a passion, describing how she came into the sector as “It was really love at first sight.” Check out her security mentorship consultancy at The Digital Empress.

Tracy Z. Maleeff, aka InfoSec Sherpa

InfoSec Sherpa is a cyber-analyst for GSK. Like many of us in infosecurity who prefer to write rather than talk, Tracy blogs over on Medium and manages an information security news journal. She is also a guest editor at Information Security Magazine. Her forte is making information security accessible.

Helen Yu

Helen has her fingers on the pulse of technology — she understands the intersection of tech with human beings. She is the founder and advisor at Tigon Advisory Corp, and she has enormous input into strategic technology decisions in more companies that I can list here. Helen is an influencer who evangelizes about cybersecurity — definitely one to watch.

Jane Frankland

Jane is a cybersecurity entrepreneur and advisor to CISOs, as well as promoting a fair playing field in cybersecurity. In 2017, she was named the third most influential person in cybersecurity in the UK. Her book InSecurity, an Amazon bestseller, looks at why it is important to have women enter the profession. Jane is also a speaker at conferences worldwide.

Tanya Janca

Tanya is a Cloud Security Advocate for Microsoft and all-round evangelist for the cybersecurity/DevSecOps industry. Tanya is an accomplished speaker and an ethical hacker as well as being co-leader of the OWASP Ottawa chapter. She writes under SheHacksPurple on Medium.

Katie Moussouris

Katie is the CEO and founder of Luta Security. She helped to put together Microsoft's first bug bounty program, and her experience in bug bounty programs has allowed her to throw some cautious words about the practice. She works with a number of security organizations, including the UK’s National Cyber Security Centre (NCSC) and The National Security Institute (NSI).


2019 seems to be the Year of the Woman in Tech. Voices are being raised as awareness is raised. Twitter is alive with women and men shouting, “We need to have a diverse team to tackle cybercrime because it’s a diverse problem.”

But we shouldn’t think this means the balance is redressed already. As said earlier, less than 25% of the cybersecurity workforce is female, so there is still room for improvement. Together, we can create a truly awesome fighting force to tackle cybercrime. Together, we are better.

Susan Morrow
Susan Morrow

Susan Morrow is a cybersecurity and digital identity expert with over 20 years of experience. Before moving into the tech sector, she was an analytical chemist working in environmental and pharmaceutical analysis. Currently, Susan is Head of R&D at UK-based Avoco Secure.

Susan’s expertise includes usability, accessibility and data privacy within a consumer digital transaction context. She was named a 2020 Most Influential Women in UK Tech by Computer Weekly and shortlisted by WeAreTechWomen as a Top 100 Women in Tech. Susan is on the advisory board of Surfshark and Think Digital Partners, and regularly writes on identity and security for CSO Online and Infosec Resources. Her mantra is to ensure human beings control technology, not the other way around.