However, what was lacking in was that I wasn't EFFECTIVE. Specifically, I needed to learn how to get information to people based on how THEY wanted/needed to receive it -- not based on how I wanted to give it. That was the best advice I ever got - learn how to be effective in your delivery of information.
One to Watch
The 2011 "One To Watch" is Katie Moussouris, Senior Security Strategist Lead with Microsoft.
Moussouris leads the Security Community Outreach and Strategy team at Microsoft. Her team's work encompasses industry-leading programs such as Microsoft's BlueHat Prize (www.bluehatprize.com the industry's first and largest prize for defensive security research), the BlueHat conference, security researcher outreach, and Microsoft's Vulnerability Disclosure Policies. Moussouris also founded and runs Microsoft Vulnerability Research, which is responsible for Microsoft's research and reporting of vulnerabilities in 3rd party software. Moussouris recently was voted the editor of a new draft ISO standard on Vulnerability Handling Processes, following her work over the past 4 years as the lead expert in the US National Body on an ISO draft standard on Vulnerability Disclosure.
Prior to working for Microsoft, Moussouris was a penetration tester for several Fortune 500 companies, as a senior security architect for @stake when it was acquired by Symantec. At Symantec, Moussouris founded and ran Symantec Vulnerability Research.
What is the biggest challenge for women in security professions today?
The biggest challenge for women in many professions, not necessarily limited to security, is risk aversion. We must try to understand the limitations we impose on ourselves such that we can adapt and overcome them. We often don't take opportunities that will help us grow and develop professionally, due to an internally-imposed lack of confidence and an unwillingness to take risks. We mistakenly think we need to be perfect, or take care of every detail, when that thinking limits us and discourages us from taking risks.
While we may stumble along the way, and I certainly have at points in my career, we learn more from those failures than we ever would from our successes, thereby enabling us to reach even further next time. Men do this in business all the time. Women should take heed and take more risks. Borrowing wisdom from Wayne Gretsky, "You miss 100% of the shots you don't take."
What advice would you give to those in considering security as a profession, or who are in security but want to take their career to the next level?
Master the power of networking. A great leader is a great communicator, so hone those skills, as well as your ability to solve problems strategically as well as technically.
Sign up for CIO Asia eNewsletters.