Mar 2, 2023

SecurityWeek Advancing Women in Cybersecurity – One CMO’s Journey Anna Tutt, CMO of Oort, shares her experiences and perspectives on how we can accelerate growth of women in cybersecurity. By The number of women in cybersecurity is on the rise. Recent research finds women hold 25% of cybersecurity jobs globally in 2022, up from 20% in 2019, and projected to reach 30% by 2025 and 35% by 2031. While the trend is moving in the right direction, women are still underrepresented. As an industry, we are leaving untapped talent on the table which we can ill-afford to do given the ongoing cybersecurity workforce gap . March is Women in Cybersecurity month and March 8 is International Women’s Day . So, I thought I’d take the opportunity to speak with a woman who has grown up in cybersecurity, Anna Tutt , CMO of Oort, to share her experiences and get her perspective on how we can help accelerate this growth. How did you get into cybersecurity? I started my career in the technology consulting space. But I quickly moved into cybersecurity when I was recruited by Sourcefire to do revenue operations rollout which was my background. In that role, I worked with all parts of the organization—sales, marketing, executive management—and got to grow quickly into a global programs role before the company was acquired by Cisco. Sourcefire was a great experience as a beginner in cybersecurity. I was surrounded by great mentors and industry leaders who I learned a tremendous amount from. I got hooked on the high growth environment and have used that to drive me in my career going forward. Every company I’ve joined since has been in a different area of cybersecurity. From the network to threat intelligence and OSINT, and most recently identity security. Each time, I’ve jumped into a whole new world I’ve had to learn. What do you see as the greatest challenges the industry faces right now? The environment we operate in is super noisy. I feel this as a marketing professional – with all the vendors out there it’s hard to know where to start – and security practitioners feel this too. The outcome of that is that you have security teams spinning their wheels, responding to red flags across all their systems and not working efficiently. And organizations are missing the basics. Last year 80% of hacking-related breaches used stolen and/or weak passwords, according to the Verizon 2022 Data Breach Investigations Report. We’re leaving the front door open. That’s why I joined Oort. I believe that identities are the easiest way in, and the most often ignored attack surface. Helping companies get a complete view of their identities is critical in order to stop account takeover and eventually moving towards zero trust. What uniquely valuable insights or perspectives do you think women bring to cybersecurity? Women often have an innate ability to multi-task and organize so we can get our arms around a lot, which is important in this profession. We also bring additional perspective and creativity which can help drive different solutions. Criminals are coming up with creative ways to attack us and we need creative ways to prevent them. Finally, empathy is very important. Being able to keep the customer in mind and humanize challenges changes discussions and helps us connect to our audiences better, which creates a win-win for vendors and users. There’s a lot of FUD out there. What makes you optimistic about the war on cybercrime? Despite all the economic uncertainty this year, cybersecurity is proving to still be a priority. Companies are still planning to invest in additional security technologies and services. And vendors are getting funding to come up with creative ways to solve problems. I think that’s a testament to how much innovation and need there is in this space. At the end of the day there are more good guys than bad guys, and as long as the good guys keep investing and getting funding to fight against it, the bad guys are going to be on their back foot. What advice can you share with women thinking about getting into cybersecurity or still early in their careers? First, even if you’re not in a technical role, invest in building up your cyber acumen. The more you understand how security teams operate, the better you can do your job. Second, trust your gut when joining a company and know your worth. Women tend to go in with imposter syndrome. Do your homework and go in prepared and confident. And third, find a trusted resource – a mentor or two you can turn to for advice navigating opportunities and challenges and setting boundaries. I’ve been lucky to have great mentors in my career who have really helped me. Hold onto these people. The theme for International Women’s Day is #EmbraceEquity. Do you have any advice for employers on recruiting and retaining women? Here again, I have gotten lucky and have found that the most successful employers are those that understand their values, define their policies and then live those values. Make diversity integral to your culture, talk about your policies in the interview process so candidates don’t have to ask and, starting at the top, walk the walk. If you don’t do these things, you risk ignoring a huge population that is wondering if you are looking at them differently. When you can leave those questions at the door, you can talk about what is important.