Nasrin Rezai, EVP & Global CISO, GE. PHOTO: Cybercrime Magazine.

GE’s Nasrin Rezai: From Aspiring Chemist To Global Cybersecurity Leader

The future of cybersecurity depends on getting more young people involved

Casey Crane

St. Petersburg, Fla. – Jan. 31, 2020

It’s no secret that cybersecurity and IT as a whole have long been considered male-dominated industries. As of 2019, women represented only 20 percent of professionals working in the global cybersecurity field. While this number is up from a 2013 estimate of 11 percent, it’s a statistic that still has a way to go to reach parity.

That’s something Nasrin Rezai hopes to help change. Rezai is the executive vice president and global chief information security and product security officer at GE Corporate, a company with a presence in more than 170 countries that also employs more than 200,000 people worldwide. In her role, Nasrin oversees the company’s data center cloud presence that enables global collaborations in all areas of the organization and its businesses. She started as global CISO at GE Capital in 2015 before landing her current role. Now, Rezai is one of several female executives within the operation who are integrating cybersecurity and business strategies into GE’s businesses.

Rezai is a powerhouse example of a woman in cybersecurity — although a career in this field wasn’t always her plan. As a young girl, Rezai never imagined she’d be a CISO. In fact, her goal was to become a chemist. But, over time, information systems won her over and soon became something she was passionate about.



As someone who initially never intended to go into technology, Rezai has an impressive resume of tech companies that she’s worked for — a list that includes names like HP and Cisco. What may come as a surprise is that, in some ways, Rezai’s story isn’t all that uncommon. In one survey of 300 women that were employed in cybersecurity, less than 50 percent of the respondents said that they had entered the field via IT or Computer Science. The respondents are diverse in their backgrounds, coming from compliance, psychology, internal audit, entrepreneurship, sales, art, and more.

For Rezai, GE Corporate is an exciting place to work. One of the reasons is that it’s a company with many fields of focus — aviation, renewable energy, critical infrastructure, healthcare, etc. Another reason is that in 2017, the company announced its goal to increase women in Science, Technology, Engineering, and Math (STEM) roles within its ranks by 2020.

As someone who’s passionate about mentoring people to help them achieve their individual growth potential, GE’s initiative is one that’s close to her heart. Rezai says that it’s important for leaders within any organization to identify the potential talent of their junior employees — in men and women alike. When she worked at HP, someone did that for her. A female leader took Rezai under her wing, mentoring her and helping her foster and grow her skills and experience. One large-scale project ultimately led to others, which helped to ignite the fire that has since propelled her career.

Rezai says she believes that to grow and improve the industry as a whole, it’s about reaching future cybersecurity professionals at young ages. It’s also about showing them the art of what’s possible when they’re still in high school and helping to grow their numbers in college.

Rezai views educational initiatives and the future of cybersecurity as an industry as being interconnected. As such, she’s working on a program at GE that aims to narrow the gap between high school and early education in cybersecurity in Virginia.

“At GE, we bring a lot of young females and males from high school. We actually show them what we do. So that’s powerful for them to kind of see the possibilities,” Rezai says.

Cybersecurity Ventures estimates that there will be 3.5 million unfulfilled cybersecurity jobs by 2021. Having a lack of experienced candidates is a major concern for businesses. Considering the growing skills gap within STEM fields, Rezai says that it’s essential for organizations to encourage people of all genders and backgrounds to pursue education, training, and careers within the field. However, it’s also important for organizations to focus more on creating environments that value the integration of work within their employees’ lives. 

To help combat this growing talent shortage, Rezai has a couple of suggestions:

“For us to remain competitive, we need to have a clear strategy around education right now to grow technical talent across the board.” For the U.S., it’s about getting the country and its global companies ready for the next set of challenges within the field.

“We’re seeing a lot of innovative ways that companies — technology companies — are doing this.” For some companies, it’s through existing education programs. For others, it’s creating incentive programs to get young men and women into cyber and STEM fields.

Rezai adds that some of the best training grounds for CISOs to cut their teeth exist in the environments surrounding mergers, acquisitions, divestitures or large-scale migration projects. For aspiring CISOs, she does have a few pieces of advice: Be as curious about your business as you are about the technology. Take on whatever opportunities you can to challenge yourself. And learn to find a balance in growing your skill sets around risk management, technology, and business management.

Casey Crane is a freelance writer.

Ask The CISO Archives


SPONSORED BY FORTINET

From the start, the Fortinet vision has been to deliver broad, truly integrated, high-performance security across the IT infrastructure.

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Our flagship enterprise firewall platform, FortiGate, is available in a wide range of sizes and form factors to fit any environment and provides a broad array of next-generation security and networking functions.

The Fortinet corporate brochure explains how we deliver comprehensive network, endpoint, application, and access security.

Learn more at Fortinet.com.