September 1 is International Women in Cyber Day, a special day earmarked to bring awareness to the issues women face in cybersecurity and to celebrate the achievements of women in the industry. It also presents a great opportunity to shed light on the fact that cybersecurity remains a male-dominated industry. In fact, research reveals the percentage of women in cybersecurity is only 24%.[caption id="attachment_2534" align="alignright" width="200"]
Karen Larson, VP of technology and partnership strategy at Axiad[/caption]While there have been significant efforts of late to get more women involved in cybersecurity, we, as an industry, still have a lot of work to do to balance the scales. Here at Axiad, we are taking this challenge on and remain committed to hiring women for positions of all levels, ensuring their voices are heard, providing career advancement opportunities, and ensuring females are represented on our leadership team.Karen Larson is one of our fearless female leaders. She serves as the vice president (VP) of technology and partnership strategy, and not only is her experience and expertise helping our company innovate and improve, but she also serves as an inspiring role model to other women at Axiad and within the industry at large. This International Women in Cyber Day, we’d like to recognize Karen as a cyber leader, advocate, and mentor.In the hopes that Karen’s story and efforts will inspire prospective and current cybersecurity professionals, we recently sat down with her to hear, in her own words, how’s she’s putting her mark on the cybersecurity industry. Read on to find out what she had to say.
How did you get into cybersecurity?
My journey to cybersecurity began with a broad foundation in technology. My father was a math and computer science professor, so I grew up with a heavy STEM influence. One summer, he set me up with a Commadore 64 and a book on BASIC programming language – and that was my first introduction to computer science.After that summer, I didn’t actively engage in computer science until college, when I found myself helping some fellow students with programming. That event reminded me how much computer science interested me, and I began to explore websites and C++ programming. From there, I got into system administration and became a huge Linux and Unix advocate.After college, I was really lucky to have different opportunities come my way, and I took full advantage of them. I served in a variety of technology roles – including programmer, system admin, engineer, technical program manager, and more – at companies including Harry and David, Carestream Health Inc., REI, Costco, and Amazon.While at Costco, I began my journey into cybersecurity by handling system-to-system communication, which involved a lot of API work and the security considerations there, and I worked to harden internal and external systems. From there, I went to Yubico and focused on authentication – an area I grew to love. And then I made the jump to Axiad, where I couldn’t be happier.
Can you give us a brief overview of your responsibilities at Axiad?
I joined Axiad in June 2022 as the senior director of strategic partnerships and alliances. In May of this year, I was promoted to the role of VP of technology and partnership strategy. In this position, I’m responsible for working with key technology partners, representing Axiad in different industry alliances, and influencing strategy to account for security industry developments of new technology.Each and every day, I strive to improve and enhance our Axiad Cloud platform, which is designed to help organizations strengthen their authentication security. The platform delivers on our promise to enable and accelerate adoption of passwordless, phishing-resistant authentication while enriching existing IAM ecosystems. This fully integrated passwordless approach also helps organizations become more phishing resistant – thus preventing ransomware attacks and account takeovers. The best thing about Axiad’s platform is that we are able to deliver on the highest levels of authentication security possible while not having to sacrifice usability or introduce additional friction.In addition to the technology aspect, I also help Axiad expand both the company’s client base and partner network. I enjoy working with our partners and customers to find new, creative solutions to hard problems in the identity security space.
How are you involved in cyber outside of Axiad?
I’m on the FIDO (Fast Identity Online) Alliance Board of Directors, which is an amazing opportunity for me, as I’m 100 percent committed to the future of passwordless technology as well as FIDO authentication to help prevent data breaches. I was appointed as a board member in January 2023 and serve as Axiad’s primary board delegate.The FIDO Alliance developed the FIDO passwordless authentication standard to address the lack of interoperability among strong authentication technologies and to eliminate the security issues caused by using passwords. By serving on the board, I’m able to extend the reach, usability, and security of FIDO authentication to organizations that want to move to a passwordless future, but also need the control to meet all their authentication requirements today.
The lack of women in cybersecurity is an ongoing challenge. How have you empowered or inspired other women to join the industry?
This topic is a passion of mine. I am committed to advocating for the inclusivity of women in the cybersecurity field and to getting more females interested in joining our force. I execute on this commitment in a few ways, primarily through mentorship, speaking engagements, and participation in industry groups.Mentoring other women is a priority for me. For example, I work closely with a newly hired woman on the development team to help establish her as an expert and ensure her voice is heard. I also work closely with the HR team at Axiad to craft job descriptions and postings that are worded in the best possible way to ensure that the company is casting the broadest net possible – helping open the door for more diverse candidates, including women.I also frequently participate in career fairs and other events to help inspire young girls and women to consider the cybersecurity field. In fact, I recently attended a career day event at a local Seattle school to speak about my experience and love for the industry. I served as a guest speaker for a local girls engineering club, where I was able to share my knowledge about the field and my personal experience rising in the ranks at Axiad. And, I’ve also spoken with several local computer clubs in an effort to debunk the common misperception that cybersecurity is a male-dominated field. I’m also planning on speaking to a few local Girl Scout troops to bring greater awareness of the cybersecurity field to help the girls earn their cybersecurity badges.Last but certainly not least, I’m involved in industry groups that aim to empower and mentor other women in the larger cybersecurity community. I’m part of the Women in Identity group, which is a non-profit organization whose mission is to drive the digital identity industry to build solutions with diverse teams to promote universal access – enabling civic, social, and economic empowerment around the world. I’m also a member of Women in Cybersecurity (WiCyS), which is a global community of women dedicated to bringing talented females together to celebrate and foster their passion and drive for cybersecurity.
If you could give women considering a career in cybersecurity one piece of advice, what would it be? What is your advice for women currently in the field?
I would tell both aspiring cybersecurity professionals and those in the field to keep an open mind. A lot of people have a misperception that the cybersecurity field is solely focused on hacking. But, there are a variety of options to consider – from offensive and defensive security, to setting processes and policies, to HR and marketing. If you want to get into cybersecurity, the possibilities are endless. Don’t limit yourself. Explore different paths and find the one that best suits you.
What role does diversity play in cybersecurity?
Cybersecurity is an issue that affects everyone, so it only makes sense that we need to consider different backgrounds, opinions, and schools of thought from diverse stakeholders to produce an effective solution.If everyone thinks the same way, you might address one threat, but miss many others. To build a strong cybersecurity program, you need to think holistically, and this means bringing as many different backgrounds to the table as possible. Cybercriminals collaborate to execute attacks, and we must do the same to defend against them.