Women in cybersecurity form non-profit organization The Forte Group

A group of over 90 women working in cybersecurity roles have formed The Forte Group, a non-profit organization for the education and advocacy of women in the cybersecurity industry.

The voluntary group is headquartered in California but is offering a global membership. The group was formed informally earlier during the pandemic. Members would meet once a month to share their experiences, and also use their collective voice as a means for change. 

“Over time, we have seen the collective power of this group. Officially forming a non-profit allows us to raise and deploy funds to further our mission. We’ve heard from companies and organizations who want to contribute to the work we are doing, and we felt like it was a missed opportunity without the structure in place to partner with these folks,” said Zenobia Godschalk, vice chair of the Forte Group.

Advocacy activities

The group has brought in subject experts on topics such as negotiation skills, compensation discussions, angel investing, and ransomware best practices. Their aim is to raise issues around inequities in the industry and work with those in power to change them — whether it be all-male panels presenting on diversity or sharing codes of conduct with conference organizers to adopt at their events.

“Forte members share ideas, resources, and ground one another when things get tough, which for our CISOs is often, unfortunately. The topic of Software Bill of Materials (SBOM) is a great example. The community had a town hall meeting earlier in the year to share interest and ideas for a third party and vendor management strategy in a safe space,” said Didi Dayton, chair of the Forte Group. 

Dayton said the group has formed a CISO advisory board to provide a safe space for information sharing and research that is relevant for CISOs. The group claims to be a safe space where women in this industry can find a resource for just about anything they’re up against in their careers — whether that’s how to negotiate an equity offer for compensation or investment, how to navigate ransomware best practices, or how to join their first board.

Focus on formal training

Currently, the Forte group consists mainly of senior executive leaders who serve their organizations and are on the boards of large organizations. However, for next year they will be focusing on broadening their member base, adding more mentors, more members, and introducing formal training.

The group could act as a platform for buyers and investors to test out new technologies that aim to solve some of the age-old problems in the cybersecurity domain, Dayton said.

“The reason for that is that we have so many practitioners in the group who understand what it takes to build programs and scale the architecture to provide resilience,” she added. 

Help for members

Marnie Wilking, board member of Robert Half International, and former global head of security and risk for Wayfair, said the group has experts that she can turn to for a “safe space” to ask questions and keep up to date in an industry that is rapidly evolving.

In addition to networking and having the opportunity to join advisory boards based on recommendations from group members, Winking said she has personally benefited from the mentoring. 

“We are all at different places in our careers and have had different experiences, which can be incredibly valuable. I recently joined the board of directors for Robert Half, and while I’ve served on advisory and non-profit boards, this is my first public board, and so it was helpful to reach out to other women in the group who already serve on public boards to hear their experience and get some tips for being successful,” she added. 

Another member of the group, Aanchal Gupta, CVP, Microsoft Security Response Center (MSRC) said the group has helped her survive the toughest times by providing the social support that was lacking during the pandemic. “We have together built a safe place for executive women to share ideas, learn from each other, and grow,” she added.

Reet Kaur, CISO at Portland Community College, said she got the mentorship and social support of trusted group of advisors to discuss real-time technical, leadership, and personal growth challenges while striving to be successful in her first CISO role during the pandemic. 

“We discussed the latest cybersecurity and privacy trends, challenges, and threats impacting all organizations and potential response plans such as supply chain risks, blockchain and privacy, SolarWinds and log4j, ransomware insurance options, etc.,” she added.