Kirsten Davies, CISO. PHOTO: Cybercrime Magazine.

From iTunes To Cybersecurity, A CISO’s Voice Is Heard ‘Round the World

Kirsten Davies aims to raise $250,000 by June 30, 2020 for the Breast Cancer Research Foundation. #HackBreastCancer

 Suzanne Kattau-Marill, Sr. Editor & Producer

Northport, N.Y. – Mar. 11, 2020

Meet Kirsten Davies, global adventurer turned singer and community-focused fundraiser, and chief information security officer for Estee Lauder, one of the world’s leading manufacturers and marketers of quality skin care, makeup, fragrance and hair care products.

Davies, now a Fortune 500 CISO, has been a global citizen since her earliest days. She has worked in Australia, Germany, South Africa, and the United States, but her exposure to different cultures began as a child.

“I actually grew up all over the world; my parents were a bit nomadic,” Davies says. “I grew up in Germany. My mom’s Canadian, so we spent some time in Canada as well, and in the U.S.”

Davies caught the technology bug early on, back in her electronics and technology classes in high school. There was a particular moment in one of those classes she recalls with great fondness. “I still remember soldering a motherboard; I loved it! When I was growing up … it really was not cool to be in technology and I wanted to be cool … I always loved technology, but it wasn’t cool to do that … I was a bit of a closet geek to tell you the truth.”

International political science, law, human rights, organizational transformation, business, and even music have all grabbed Davies’ attention, but it was the unexpected chance to learn to code her own website later in life that ignited a passion for technology.

“My husband at the time was a real tech geek and taught me a lot about coding and all of that. I loved it,” Davies says. “I didn’t have any intention at all of going into a technology career. I literally stumbled across it, and it’s just been so fascinating since then, and a great challenge and a great adventure.”

Early in her career, Davies was the co-owner of Twinkle Dust Designs, a graphic and website design company. She used the early versions of Photoshop and dove headfirst into the whole software geekiness that’s integral to creative work.

“I come with a real creative side,” Davies says. “I grew up speaking [a] foreign language … doing music … being really good at math. Never actually making the connection between mathematics and music and creativity and all of that artistic side of our brains that we think are often so separate from what we do. But they’re not … they’re infused in what we do in technology.”

Since making that connection, Davies has been pushing the boundaries of what can be done with technology. At Twinkle Dust Designs, she did event coordination to socialize with others, but it was the technology that made her strive to be better. The philosophy was, if it can be thought up, then it should be able to be done. “And that was always what I would challenge our staff to do.”

Davies has worked at companies around the world, in high-level cybersecurity positions. Her nonlinear career path is something she looks back on philosophically, enjoying the journey and appreciating where her different positions have taken her.

“I feel like life is a series of experiences and happenings; some are good and some are not so great,” Kirsten says. “And it’s how we choose to respond to those things as we go through life.”

Throughout her career, Davies was frequently the only woman in the room or the only American when she worked in Germany, for instance. But a unique series of career choices coupled with a focus on the world has transformed her into a multidimensional CISO. Her unique perspective has been developed from roles as group chief security officer (CSO) at Absa Group Limited (formerly Barclays Africa Group Limited), deputy CISO at Hewlett-Packard, the chief information security executive at Siemens, and other positions.

Davies believes that all of the industries in which she’s worked share more similarities than differences. “They’re more alike than they are different. From a security perspective, we all need to be brilliant at the basics, regardless of what industry you’re in.”

The number of female CISOs in the industry isn’t rising as quickly as it could be, according to Davies. But she feels the increasing numbers are nevertheless encouraging. “Because it takes all types for us to solve … problems. It takes all kinds of thinking [and] backgrounds. It takes all kinds of generational experiences, mindsets, and problem-solving capabilities.”

Getting more females into the cybersecurity industry is not just a gender issue, but more of a diversity and inclusion issue, as far as Davies is concerned. “I will love the day when we don’t have to talk about this issue … but the reality is, we do have to talk about this because we don’t have enough [women] … as practitioners.”

Davies says that we need to be making more room for women in the ranks in order to have more “diversity of thought.” She thinks that organizations should be looking outside of themselves for a greater pool of talent, and doing more community outreach to attract women.

“The city of New York has a great initiative, working with the different universities that are here, and creating environments for women and girls to really develop their technology capabilities,” says Davies.

Estee Lauder has recently worked with the Lower East Side Girls Club in Manhattan. “We helped the girls … develop a website, teaching them security and technology at the same time,” Davies says. “Those are the things that we really need to do and we need to be proactive about it.”

Davies knows that networking with other CISOs and reaching out to the community at events to help women and girls is important. Estee Lauder’s founder, Evelyn Lauder, started the famous “pink ribbon” campaign with the Breast Cancer Research Foundation (BCRF). Coincidentally, October is both Breast Cancer Awareness Month and Cybersecurity Awareness Month. This past October, Davies volunteered to host an event for women in cyber to address breast cancer prevention.

“Community is so important in what we do, and finding our tribe is so critical, as CISOs, as practitioners, as women,” says Davies. “We as a community can make such a difference in our world.”

Since fall 2019, Davies has been working hard to make a difference. She and her team are hoping to raise $250,000 before June 30, 2020, for the BCRF. “For every $250,000 we raise, the BCRF can name a new researcher.”

Davies feels the cybersecurity industry, particularly its women, of all ages, should always be rallying together around causes in which they believe.

“This is something that I appreciate so much about the millennial generation,” Davies says. “They appreciate causes and work that matters. And so this is the work that I want for us to have matter.”

Suzanne Kattau-Marill is Sr. Editor & Producer at Cybercrime Magazine