11 Women to Know in Cybersecurity

Conservative estimates have the current cybersecurity workforce as about 25% female, but that number is growing.

The gender imbalance is still a glaring disparity, but it makes the contributions women have been making to cybersecurity all the more impactful.  

In honor of International Women’s Day, we decided to assemble a very non-comprehensive list, in no particular order, of some of the ladies making a name for themselves in cybersecurity and helping boost awareness and defenses across the world. 

We’ve also included some links to their social accounts, so you can follow them on the platform of your choice. And we’ve added some of their various media appearances as well. If you’re interested in learning more, definitely give them a follow or check out more of their work. 

And if you’re a woman who is either already in the industry, or considering joining, you’re not alone. There are organizations—like Women in Cybersecurity (WiCyS), Women’s Society of Cyberjutsu (WSC), or Women in Security and Privacy (WISP)—that can help guide and support you as you navigate the industry.

Katie Moussouris

The founder and CEO of Luta Security, Katie is a hacker with decades worth of cybersecurity experience. She has a unique perspective on security research, incident response, vulnerability disclosure, and bug bounties, and has advised several governments and large organizations around the world. She helped launch Microsoft Vulnerability Research, as well as the company’s first bug bounty program. Additionally, Katie co-authored and co-edited ISO 29147 (vulnerability disclosure) and ISO 30111 (vulnerability handling processes). Katie also worked with the Department of Defense to begin the U.S. government’s first bug bounty program: “Hack the Pentagon.” She also worked with the State Department to help renegotiate the Wassenaar Arrangement, focusing on changing the export control language to include technical exemptions for vulnerability disclosure and incident response.
Follow: @k8em0, @[email protected]

Rachel Tobac

Rachel is the founder and CEO of SocialProof Security, which focuses on security awareness training, specifically for instances of social engineering. Recognized for her prowess in the field, she clinched a win in DEFCON‘s Social Engineering “Capture the Flag” competition. Beyond her professional achievements, Rachel commits her time to fostering female leadership in the tech world as the Chair of the Board for WISP.
Follow: @RachelTobac, @[email protected]

Eva Galperin

Eva is a cybersecurity leader and the Director of Cybersecurity at the Electronic Frontier Foundation (EFF)— a non-profit organization that defends civil liberties in the digital world. She has been working in cybersecurity for over 20 years and is an expert in malware, digital forensics, and cryptography. She has written extensively about malware and digital forensics and worked on a number of high-profile projects, including the Surveillance Self Defense project. Eva is also co-founder of the Coalition Against Stalkerware and has been a keynote speaker at several conferences, including DEFCON and Black Hat USA. You can also read her writing at places like Wired.
Follow: @evacide, @[email protected]

Maddie Stone

Maddie is a security researcher and leads the Exploits team within Google’s Threat Analysis Group (TAG). She is a skilled reverse engineer and bug hunter with a deep understanding of malware and exploitation techniques. She is also a passionate advocate for open-source security and contributes to various open-source projects. Maddie has been profiled in places like Wired, and has a track record of discovering and responsibly disclosing critical vulnerabilities in software products—ranging from operating systems to web applications. Her work has helped to protect millions of users from potential cyberattacks.
Follow: @maddiestone, @[email protected]

Katie Nickels 

Katie is the Director of Intel at Red Canary and a SANS-certified instructor for FOR578. She is an influential figure in cybersecurity, and tends to focus on threat intelligence and incident response. Katie has worked on cyber threat intelligence (CTI), network defense, and incident response for organizations such as the U.S. Department of Defense (DoD), MITRE, and ManTech. She also hosts SANS Threat Analysis Rundown (STAR), a popular monthly webcast series that dissects the current threat landscape. She is also the Program Manager at Cyberjutsu Girls Academy (CGA)—a program for teenage girls that seeks to inspire exploration and learning in cybersecurity and STEM.
Follow: @LikeTheCoins, @[email protected]

Alyssa Miller

Alyssa is a hacker, security researcher, advocate, international public speaker, and all around expert in cybersecurity. She currently serves as chief information security officer at Epiq, and her career spans two and a half decades with some of the most recognizable names in financial services and consulting including FIS, EY, and S&P Global. Alyssa is also a member of WiCyS’s Racial Equity Committee, and participates in other organizations designed to build a more welcoming and cooperative culture in security.
Follow: @AlyssaM_InfoSec, @[email protected]

Amanda Rousseau

Better known as “Malware Unicorn,” Amanda is an offensive security engineer at Microsoft. A malware fanatic, Amanda has previously worked in security roles at Facebook and the Department of Defense Cyber Crime Center. She was among the first  malware researchers in the world to reverse-engineer the infamous 2017 WannaCry ransomware attack that hit hospitals across the United Kingdom. On her website, MalwareUnicorn.org, she hosts a number of resources, such as workshops and other tools, to combat malware. 
Follow: @malwareunicorn, @[email protected]

Tanya Janca

Tanya, also known as SheHacksPurple, founded We Hack Purple, an online learning academy, community, and podcast that revolves around teaching everyone to create more secure software. She’s currently Head of Community and Education at Semgrep, and has been coding and working in IT for over twenty five years.
Follow: @shehackspurple, @[email protected]

Selena Larson

As a senior threat intelligence analyst at Proofpoint, Selena collaborates with other researchers to identify and investigate advanced cybercriminal threats and develop actionable threat intelligence. Previously, she was a cyber threat analyst for the industrial cybersecurity firm, Dragos, and a cybersecurity and privacy journalist. She is also a former journalist and  co-hosts the DISCARDED podcast.
Follow: @sqlarson, @[email protected]

Wendy Nather

Inducted into the Infosecurity Europe Hall of Fame in 2021, Wendy leads the Advisory CISO team at Cisco. Among other achievements, Wendy co-authored the book, “The Cloud Security Rules,” and was listed as one of SC Magazine’s Women in IT Security “Power Players” and named an “Influencer” in the Reboot Leadership Awards. She is also an advisory board member for the RSA Conference, and serves on the advisory board for Sightline Security—which helps provide free security assessment services to nonprofit groups.
Follow: @wendynather, @[email protected] 

Kelly Shortridge

Kelly is a resilience and cybersecurity expert who works with organizational leadership to modernize their technology programs. Author of the book, “Security Chaos Engineering: Sustaining Resilience in Software and Systems,” Kelly helps organizations improve their resilience and software security strategy to deliver real value and support growth through a socio-technological transformation of their systems; specifically their people, processes, tech, and architecture. In addition, she’s currently Senior Principal at Fastly, maintains a very informative blog, and speaks at conferences around the world.
Follow: @swagitda, @[email protected]

Thanks for reading, and here’s to adding more women in cybersecurity in 2024.

(Note: An earlier version of this post included a couple misidentification errors. The post has since been updated and corrected).