Careers & People

10/10/2018
08:00 PM
Kelly Sheridan
Kelly Sheridan
Slideshows
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Meet 5 Women Shaping Microsoft's Security Strategy

Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.
Previous
1 of 6
Next

(Image: Microsoft)

(Image: Microsoft)

It's all too easy to get discouraged by the gender gap in cybersecurity. Women - who make up 11% of the industry - hold few leadership roles in security. The World Economic Forum says it could be 217 years before women and men achieve global economic parity, while in the security field some 63% of women make less than their male counterparts, the Cyentia Institute and Cybrary found.

Even so, there are many women in security doing important work. Over time, many have moved into leadership positions, where they can bring in members of the next generation, educate them, and push for more inclusivity.

But it's not just leaders who are responsible. Diversity is a company-wide initiative, and it takes an organizational effort to move those negative numbers in a positive direction. Microsoft, for one, this year appointed Lindsay-Rae McIntyre to the role of chief diversity officer (CDO), a role in which she will be responsible for driving initiatives to promote a more diverse culture.

It's also a bit of a rocky time for Microsoft, which came under the spotlight last month when officials learned a high-profile gender discrimination lawsuit filed against the company may get another chance to become class action status. The case, Moussouris v. Microsoft, has been going on for three years and accuses Microsoft of gender discrimination, particularly in the way it handles promotions and performance reviews. Plaintiffs seek to add at least 8,600 women to the case.

Microsoft denies the claims. "We continue to believe that the judge made the right decision in denying class certification," a spokesperson says, pointing to the ruling against a class action suit, made earlier this year. "There is no bias in Microsoft's pay and promotion practices."

At a time to be determined, the 9th Circuit Court of Appeals will hear plaintiffs' appeal to reconsider the ruling.

Given Microsoft's role in enterprise software and cybersecurity, its female leaders are in a position of power to not only influence security, but diversity as well. To get to know them a little better, we spoke with some of the women leading Microsoft's security efforts and learned about their careers, skillsets, priorities, and roles in driving inclusivity. Read on to learn more.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Previous
1 of 6
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
High Stress Levels Impacting CISOs Physically, Mentally
Jai Vijayan, Freelance writer,  2/14/2019
Valentine's Emails Laced with Gandcrab Ransomware
Kelly Sheridan, Staff Editor, Dark Reading,  2/14/2019
2018 Was Second-Most Active Year for Data Breaches
Jai Vijayan, Freelance writer,  2/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-8948
PUBLISHED: 2019-02-20
PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script injection via the user interface, aka PC-15163.
CVE-2019-8950
PUBLISHED: 2019-02-20
The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices with firmware 1.46p1-0028 allows an attacker to login to the admin account via TELNET.
CVE-2019-8942
PUBLISHED: 2019-02-20
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an _wp_attached_file Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image c...
CVE-2019-8943
PUBLISHED: 2019-02-20
WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (who has privileges to crop an image) can write the output image to an arbitrary directory via a filename containing two image extensions and ../ sequences, such as a filename ending with the .jpg?/../../file.jpg substring...
CVE-2019-8944
PUBLISHED: 2019-02-20
An Information Exposure issue in the Terraform deployment step in Octopus Deploy before 2019.1.8 (and before 2018.10.4 LTS) allows remote authenticated users to view sensitive Terraform output variables via log files.