Insights from My First WiCyS Conference: A Journey of Empowerment

Attending the Women in CyberSecurity (WiCyS) 2025 conference was an enriching experience that provided me with invaluable insights into the importance of diversity and inclusion in cybersecurity. As my first WiCyS conference, I was eager to learn about the challenges women face in the field, the efforts to overcome these barriers, and how we can all contribute to creating a more inclusive industry.

In this article, I’ll reflect on my key takeaways and highlight the moments that shaped my understanding, day by day.

Day 1

Day 1 of the conference kicked off with a First Timers Guide session, moderated by Elizabeth K. Hawthorne, PhD, CISSP with panelists Zabrina McIntyre, PCI QSA, CISSP, PMP , ✯ Meg Pexa ✯ , Rita Mitra , Deborah Barnes , and Katherine Spann . They shared valuable advice for newcomers, including: plan ahead to prioritize sessions and networking, step outside your comfort zone by engaging with a diverse group, and attend the career growth hub and career fair for opportunities. Other tips included using a personal email for your resume, taking breaks, being proactive in finding a mentor, and staying organized during presentations.

Day 2

The session began with a brief overview of the nature of the presentations by Ambareen Siraj , highlighting the variety of topics and formats attendees could expect throughout the event.

Stephanie DePetro 🏳️🌈 delivered an inspiring keynote about overcoming adversity, sharing her personal journey of completing her academia and securing a role in cybersecurity. Her story highlighted the power of courage and persistence, showing that despite challenges, success is achievable. Stephanie’s message was clear: with determination and resilience, we can overcome obstacles and reach our goals. Her experience serves as a powerful reminder that perseverance can lead to a fulfilling career, no matter the odds.

Ashley E. Smyk spoke about the importance of leading with empathy and compassion in an AI-driven world. She discussed how consumers are increasingly interacting with AI, while also addressing the potential risks it poses to empathy, including emotional detachment, reduced face-to-face interactions, and reliance on automated responses. Her talk emphasized the need to balance technological advancements with human connection to ensure that empathy is not lost in the digital age.

Jen S. talked about the Women Forward program at PayPal, where they hope to increase representation of women.

The lunch keynote began with Ashley F. , who explored the difference between the traditional view of resilience and its real-world application. Drawing from her experiences as a mother and with neurodivergence, she shared valuable lessons that apply to cybersecurity. Ashley emphasized that resilience is not just about enduring, but about adapting and thriving in the face of challenges. She highlighted how embracing our strengths and vulnerabilities leads to growth, both personally and professionally, and encouraged the audience to view resilience as a dynamic quality essential for success in cybersecurity.

Amélie Koran 's metaphor of the "hobo": someone transient, often misunderstood, yet willing to work, provided a meaningful lens through which to view the modern-day cybersecurity professional. She highlighted how, like "hacker hobos," we navigate fluid and non-traditional career paths, facing challenges that aren't always visible to the outside world. This analogy resonated deeply with my own experiences in cybersecurity, reinforcing the importance of adaptability, resilience, and continuous learning.

Prajakta (PJ) Jagdale's presentation: Every Token is Foretokened, used the metaphor "Life is but an LLM", which I found compelling. It emphasized how every experience, choice, and interaction contributes to an ongoing process, much like how an LLM is shaped by each input. The idea that life is probabilistic, not deterministic, also resonated with me, as it highlights how our decisions are influenced by probabilities rather than fixed outcomes, similar to how models evolve with each new token or data point. This perspective reinforced the notion that every action or decision shapes our future, even when the path ahead isn’t always clear.

Anthea G. shared her inspiring journey to cybersecurity as a first-generation student. She spoke about navigating uncertainty in a field that often feels overwhelming, particularly for those without prior industry connections or experience. Her story highlighted the importance of perseverance, resilience, and the ability to seek out opportunities despite the challenges.

Colleen McGrath used the metaphor of a labyrinth in her presentation: Walking Your Path: Secrets to the Life and Career You Want, which differs from a maze in that it has a single, continuous path, unlike a maze that contains dead ends. This labyrinth metaphor was applied to life, emphasizing that, like a labyrinth, our journey is not always linear but guided by a path that leads us through challenges, growth, and change. The journey through life, like a labyrinth, involves navigating through different phases: our people, the facts, and our self, while facing change and uncertainty, ultimately pushing us forward in a meaningful direction.

Tennisha Virginia Martin, MBA, PMP, GWAPT, GPEN, GCIH 's presentation: [A I] got this - Enhancing Your Job Search with AI, focused on how we can effectively leverage AI to streamline and enhance the job application process. Specifically, she discussed the power of using targeted prompts to improve our resumes and cover letters. By feeding AI tools with specific keywords and phrases related to job descriptions, candidates can ensure their documents are tailored to meet the expectations of hiring managers and applicant tracking systems

The presentation Enterprise-Grade DevSecOps: Safeguarding Every stage of the Pipeline by Trupti Shiralkar and Mala Punyani focused on integrating security throughout the SDLC in enterprise environments. The challenges of balancing security with DevOps speed and the importance of embedding security early (shift-left) were discussed. Key tools like SAST/SCA, automated security testing, and secure CI/CD pipelines were highlighted with real-world examples. The presentation emphasized collaboration between security, DevOps, product teams, and release management to create a cohesive security strategy.

At the Male Allyship Summit, I gained a deeper understanding of what allyship truly means. It’s not just about supporting those who face challenges, but actively advocating for equality and justice across all aspects of life. Allyship transcends gender roles, emphasizing that the fight for equity requires collaboration from all people, regardless of their own identities. It’s about recognizing that the struggle is shared and that standing together can create lasting change.

A special thanks to Melinda Briana Epler for her insightful panel discussion. She effectively highlighted how each of us, particularly men, can play a role in advocating for those who are marginalized and underrepresented. Her words were a call to action, encouraging everyone to take meaningful steps toward broadening the horizon of allyship and making a real impact in our communities and beyond.

Day 3

Diana Kelley 's presentation focused on securing AI systems across the entire ML pipeline, including data, models, and runtime. It highlighted real risks like data leakage, model vulnerabilities, and denial of service, with reference to OWASP and ATLAS. Strategies included securing AI data, models, and runtime environments through scanning, monitoring, and policy enforcement. It emphasized the importance of integrating security with people, processes, and technology for effective ML SecOps.

Megan McCabe shared her journey of balancing family life with her cybersecurity career. She navigated working part-time on various projects while building a strong career foundation and caring for her family, eventually transitioning back to a full-time role. Her success was fueled by determination, hard work, and asking the right questions. Her story is a powerful reminder that with effective time management and strategic career planning, it’s possible to achieve both personal and professional fulfillment.

Affton Hennerich highlighted how futurecasting in cybersecurity parallels futurecasting your life. By spotting early indicators, taking action, and recognizing key moments to act, we can shape both our careers and personal lives. Building new skills, gaining experience, and expanding our networks are crucial steps to staying ahead and successfully navigating change in both realms.

Mansi C.'s keynote was truly inspiring as she shared her journey of starting a career on Wall Street post-crisis during a global meltdown. Her statement, "Crises can take years off your life, but add depth to your resume," resonated deeply with me, highlighting how challenges can shape us in ways we never expect.

Her three pieces of advice: embrace the unexpected, learn to tell your story, and build your support system stood out as crucial life lessons. Embracing uncertainty and learning to frame our experiences into compelling narratives is key, especially in high-pressure industries. Additionally, having a strong support system is essential for both personal and professional growth.

Rebecca F. 's talk shed light on the growing prevalence of deepfakes in today’s world, where fake news, misinformation, scams, and even fake blackmail are becoming more common. She highlighted that, on average, deepfakes are detected with just 60.7% accuracy, with many people overestimating their ability to spot them.

She emphasized the importance of moving forward with increased awareness, strengthening identity verification, and implementing provenance and authentication measures for content. These steps are crucial in combating the threats posed by deepfakes and ensuring the integrity of digital media.

Renee Ismail discussed how AI is transforming cybersecurity, aiding cybercriminals in areas like social engineering, reconnaissance, vulnerability scanning, and exploit development. AI tools, such as LLMs, can generate personalized phishing emails. Attackers are also targeting AI systems, manipulating outputs and reverse-engineering inputs. The speed and volume of AI-driven attacks can overwhelm security teams, highlighting the need for effective countermeasures.

Keiko Nevers, PMP, PSM I shared some secrets to success, emphasizing the importance of actions over words, continuous learning, and embracing confidence. She highlighted the value of building a solid support system, staying adaptable, and working with passion. Prioritizing oneself, setting boundaries, and maintaining balance were key to sustaining energy and focus. Keiko also encouraged nurturing passions outside work and investing in relationships through generosity. Her insights reinforced that success thrives on resilience, adaptability, and building meaningful connections while maintaining personal well-being.

The workshop Hacking AI: Easy as Pie! by Betta Lyon Delsordo provided insightful demonstrations on the use of AI tools in cybersecurity. Demos included Prompt Injection with Gandalf by Lakera, AI security tools like Amazon PartyRock, and offline AI tools via Ollama. Additionally, the workshop explored vulnerabilities in web chatbots and LLM attacks. These sessions showcased how AI can enhance cybersecurity while also being vulnerable to exploitation. The event emphasized the importance of staying proactive in addressing AI-related threats. Interactive polls and shared resources enriched participants' understanding, providing hands-on learning experiences to tackle emerging cybersecurity challenges with AI.

The workshop: Fostering Genuine Inclusion in the Cybersecurity Workforce led by Maria Fanelle , Parisa M. , Lilli Chang , Chris Lemmon , and Quintana P. was an engaging and interactive group discussion. Participants collaborated to develop actionable ideas on how to make Diversity, Equity, and Inclusion (DEI) core values within organizations and leadership. The session focused on creating an inclusive culture in cybersecurity, emphasizing the importance of integrating DEI principles into everyday practices and decision-making to foster a more diverse and welcoming workforce in the industry.

During the WiCyS 2025 award ceremony, the Women in CyberSecurity (WiCyS) Chicago Chapter was honored with the Affiliate Leadership Award. This recognition serves as a testament to the chapter’s unwavering commitment to WiCyS's mission of advancing women in cybersecurity.

Day 4

The final day of the WiCyS 2025 conference began with an inspiring panel moderated by Gretchen Bliss. Panelists Hannah L. , Shade Adeleke, CISSP , Andrea Frost , and Krupa Pratap Brahmkstri shared personal stories of how the WiCyS organization has played a pivotal role in their professional journeys. Their reflections offered valuable insights into the impact of WiCyS in shaping their careers, providing mentorship, and creating opportunities within the cybersecurity field.

The panel Mastering Incident Response: Practical Insights and Strategies, moderated by Shireen Jafferi and featuring panelists Julia Down and Shannon M. , covered the fundamentals of incident response, including key questions to ask. The panel discussed a real-time incident, including the response, remediations, and post-incident activities. The session emphasized the importance of identifying areas for improvement, celebrating successes, and refining processes for more effective future responses.

The workshop Not All MFAs are Created Equal: Exploring the Phishing Resistance of Passkeys, presented by 👩💻 Natalia Glina and Michal Kepkowski, PhD , covered various authentication methods, including passwords, MFA, out-of-band authentication, and man-in-the-middle attacks. The session featured two labs that demonstrated how passkeys provide stronger security than TOTP by effectively resisting man-in-the-middle attacks, highlighting the advantages of passkeys in protecting against phishing threats.

Reflections

• Attending the WiCyS 2025 conference was a transformative experience, deepening my understanding of the challenges women face in cybersecurity.
• The conference emphasized the importance of fostering inclusive environments to support diversity.
• It reinforced that diversity drives innovation, and I’m committed to supporting initiatives that promote gender equity.
• I left with a renewed focus on mentoring, collaborating, and advocating for a more inclusive cybersecurity community.
• I believe progress thrives when diverse voices are heard and valued.