Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Advancing Women in Cybersecurity – One CMO’s Journey

Anna Tutt, CMO of Oort, shares her experiences and perspectives on how we can accelerate growth of women in cybersecurity.

The number of women in cybersecurity is on the rise. Recent research finds women hold 25% of cybersecurity jobs globally in 2022, up from 20% in 2019, and projected to reach 30% by 2025 and 35% by 2031. While the trend is moving in the right direction, women are still underrepresented. As an industry, we are leaving untapped talent on the table which we can ill-afford to do given the ongoing cybersecurity workforce gap.

March is Women in Cybersecurity month and March 8 is International Women’s Day. So, I thought I’d take the opportunity to speak with a woman who has grown up in cybersecurity, Anna Tutt, CMO of Oort, to share her experiences and get her perspective on how we can help accelerate this growth.

How did you get into cybersecurity? I started my career in the technology consulting space. But I quickly moved into cybersecurity when I was recruited by Sourcefire to do revenue operations rollout which was my background. In that role, I worked with all parts of the organization—sales, marketing, executive management—and got to grow quickly into a global programs role before the company was acquired by Cisco. Sourcefire was a great experience as a beginner in cybersecurity. I was surrounded by great mentors and industry leaders who I learned a tremendous amount from. I got hooked on the high growth environment and have used that to drive me in my career going forward. Every company I’ve joined since has been in a different area of cybersecurity. From the network to threat intelligence and OSINT, and most recently identity security. Each time, I’ve jumped into a whole new world I’ve had to learn.

What do you see as the greatest challenges the industry faces right now? The environment we operate in is super noisy. I feel this as a marketing professional – with all the vendors out there it’s hard to know where to start – and security practitioners feel this too. The outcome of that is that you have security teams spinning their wheels, responding to red flags across all their systems and not working efficiently. And organizations are missing the basics. Last year 80% of hacking-related breaches used stolen and/or weak passwords, according to the Verizon 2022 Data Breach Investigations Report. We’re leaving the front door open. That’s why I joined Oort. I believe that identities are the easiest way in, and the most often ignored attack surface. Helping companies get a complete view of their identities is critical in order to stop account takeover and eventually moving towards zero trust.

What uniquely valuable insights or perspectives do you think women bring to cybersecurity? Women often have an innate ability to multi-task and organize so we can get our arms around a lot, which is important in this profession. We also bring additional perspective and creativity which can help drive different solutions. Criminals are coming up with creative ways to attack us and we need creative ways to prevent them. Finally, empathy is very important. Being able to keep the customer in mind and humanize challenges changes discussions and helps us connect to our audiences better, which creates a win-win for vendors and users.

There’s a lot of FUD out there. What makes you optimistic about the war on cybercrime?
Despite all the economic uncertainty this year, cybersecurity is proving to still be a priority. Companies are still planning to invest in additional security technologies and services. And vendors are getting funding to come up with creative ways to solve problems. I think that’s a testament to how much innovation and need there is in this space. At the end of the day there are more good guys than bad guys, and as long as the good guys keep investing and getting funding to fight against it, the bad guys are going to be on their back foot.

What advice can you share with women thinking about getting into cybersecurity or still early in their careers? First, even if you’re not in a technical role, invest in building up your cyber acumen. The more you understand how security teams operate, the better you can do your job. Second, trust your gut when joining a company and know your worth. Women tend to go in with imposter syndrome. Do your homework and go in prepared and confident. And third, find a trusted resource – a mentor or two you can turn to for advice navigating opportunities and challenges and setting boundaries. I’ve been lucky to have great mentors in my career who have really helped me. Hold onto these people. 

The theme for International Women’s Day is #EmbraceEquity. Do you have any advice for employers on recruiting and retaining women? Here again, I have gotten lucky and have found that the most successful employers are those that understand their values, define their policies and then live those values. Make diversity integral to your culture, talk about your policies in the interview process so candidates don’t have to ask and, starting at the top, walk the walk. If you don’t do these things, you risk ignoring a huge population that is wondering if you are looking at them differently. When you can leave those questions at the door, you can talk about what is important.

Written By

Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

CISO Conversations

SecurityWeek speaks with two leading CISOs in the aviation industry – Mitch Cyrus of Honda Aircraft, and Mark Ferguson of Bombardier.