Security Watch

Infosec's Feminine Side

Gathering of female execs sets standard for meetings and plain ol' manners.

• By Roberta Bragg
• 09/20/2004

So what goes on at an all-women, all-executive, information security conference? The same thing that goes on at any gathering of executives with information security responsibilities: expert sessions about future trends, worst fears, outsourcing and privacy; vendor-sponsored "Birds of a Feather" meetings; keynotes, parties and plenty of networking. Beverly Harris, author of "Black Box Voting," raised awareness of security issues concerning digital voting machines. Female executives from Deutsche Bank, Allstate Insurance, Hewlett-Packard, Merck & Co., Guardent, Neohapsis, Nike, Sun Microsystems, Oracle, Procter & Gamble, Computer Associates, Microsoft, Symantec, Bank of America, Ernst and Young, and others led sessions or participated in panels. Barbara Poole, an executive coach with Success Builders, led a session on executive coaching.

It wasn't the same, however, as the overwhelmingly male information security and information technology conferences I've attended. Participants seemed more outgoing, information more free-flowing, and discussions more congenial. There was less chest-thumping, less insistence; I didn't see any disconnect between the public faces and private feelings of the people around me. Their eyes looked at each other with a "hello" instead of doing a quick body scan. No one was claiming to have all the answers or demanding prima donna treatment.

Please don't take this wrong. I'm not saying that women have the lock on how to do information security, that mixed gender events don't cut it for me, or that anyone was giving away company secrets or elevating their organizations' risk by discussing sensitive information. I'm also not claiming that women executives are perfect. I'm just commenting that it was a much better sharing, learning and networking environment. Even though I'm not one of those C-level executives, I felt a lot more welcome and relaxed throughout the event.

I heard and read a few comments before I went, and I'm sure you'll provide me with a few more, that say it's stupid to have an all-women event like this. Sort of like reverse sexism you'll say, or perhaps that any woman who needs to have an all-female event to ask questions and learn shouldn't be in infosec. Maybe you even see it as a separation, a further isolating event for women seeking more influence and higher-paying IT jobs. Well, do you really think that special-interest groups should be prevented from meeting where and when they want? Sometimes we all have to seek people we can relate to in order to make us better participants and leaders in more hostile environments.

Finally, I believe that we can have better mixed-gender events—events that produce the same type of experience. I think information security requires strong male-male, female-female and female-male partnerships. It's going to take a lot of work on the part of organizations and event sponsors, speakers and participants. It'll probably require a major shift in business and management philosophy and culture. It's not going to happen tomorrow, but I hope you're interested in being a part of such a movement. I hope we see some events that attempt that.