Carnegie Mellon, WiCyS host Women in Cybersecurity Conference

This past week, students may have noticed various conference rooms and hallways clogged with the important-looking attendees of Energy Week. But Carnegie Mellon hosted a far larger conference that those wandering campus could not stumble upon: the annual Women in Cybersecurity conference that was centered in the Wyndham Grand in downtown Pittsburgh.

Women in Cybersecurity, or WiCys as it is frequently abbreviated, was founded in 2013 by Dr. Ambareen Siraj with a National Science Foundation grant at Tennessee Tech. It now has over 4,000 members according to its website and is supported by mostly corporate sponsors such as Cisco, Facebook, and Fidelity.

These sponsors were featured prominently at the conference, with logos found on various meal provisions or sponsored swag. Many of the speakers were prominent women within these companies, with mealtime keynote addresses given by Michele Schochet, Security Director at Facebook; Wendy Nather, Head of Advisory CISOs and Duo Security at Cisco; Patricia Denno, VP Global Intelligence Operations at Fidelity Investments; and Dr. Dawn Beyer, Senior Fellow at Lockheed Martin.

The other presences at the conference were academic presenters, with students presenting posters of their security research, faculty presenters from Carnegie Mellon and other universities, and a small group of military attendees, some in uniform, whose cybersecurity work might have a more national security focus than the corporate cybersecurity that seemed to dominate the conference.

There was a mixture of members of WiCys who were already in the professional world, and student attendees, many of whom applied for the 500 student scholarships available. This meant that the conference largely aimed to cater to the needs of these two groups of attendees.

The conference suggested four different focuses for attendees: Today’s Technology Challenges, which focused on updating people on the state-of-the-art in cybersecurity; Looking Ahead, focused on R&D in the industry; Best Practices, which looked at current industry behavior; and Career Development, aimed at students and younger attendees. These paths manifested themselves through several breakout sessions that allowed conference-goers to choose a schedule that catered to their particular interests.

This produced some moments of juxtaposition in the subject matter attendees consumed at the conference. At one Friday breakout session, a talk titled “We Can Do It! Becoming a 21st Century Rosie the Riveter” ran alongside one titled “Security and Privacy Challenges for Connected and Autonomous Vehicles.”

Though the talks of empowerment might seem like hollow “lean in” advice in a field that experiences a gender disparity as extreme as only 20 percent female representation, according to one 2017 study by Cybersecurity Ventures, it is worth noting that this number has almost doubled the 2013 estimate, which is partially attributed to the support of professional networks like WiCyS.

The keynote speakers, who had all achieved success in their cybersecurity careers, often noted times at which this low number of women in the field affected their path. Nather noted that at one meeting, she realized that she was the only woman in the room not working as a waitress. Dr. Lorie Faith Cranor, head of Carnegie Mellon’s CyLab, shared that her path to working in the field of usable privacy and security started accidentally, after not liking her high school computer science class because there were “hardly any girls.”

The student attendees seemed to be more diverse than either the speakers at the conference or the Carnegie Mellon computer science program as a whole, which could perhaps signal some future improvement in diversity within the field of cybersecurity.