Clar Rosso learned early what it was like to be a woman in a male-dominated field.
Today, as the chief executive officer of ISC2, Rosso plays a proactive role in setting ISC2’s goal of putting one million people — 500,000 of them women and minorities — through the trade group’s free entry-level certification exam and education program.
Rosso learned about discrimination in the workplace while on her first job out of college as a 21-year-old reporter with the Roseville Press Tribune in California, where she covered local high school and junior college sports.
To put it mildly, Rosso wasn’t welcome with open arms — especially by male coaches.
“This was the end of the 1980s,” says Rosso, not long after former pro baseball player Dave Kingman of the Oakland Athletics sent a live rat in a pink box to female reporter Sue Fornoff of The Sacramento Bee.
Click here for more coverage of the 2023 Women in IT Security program.
Rosso says the football coaches were the worst offenders. After a game, one time, Rosso followed her male counterparts to a locker room and was promptly stopped by the football coach, who told her she couldn’t come in.
“I was just standing in the dark, waiting and hoping somebody would come out and talk to me,” says Rosso. “When I was doing a preseason profile, this same coach pulled his chair across from me, then put his legs up on the chair next to me and behaved entirely inappropriately. I was treated extraordinarily unprofessionally by many of the coaches who didn’t think a young woman who was a graduate from college should be doing this work. Little did they know that I’m very tenacious.”
Rosso says that, throughout her entire life, it became clear that for a woman to succeed in the business world, she needs a lot of resilience. Based on her early experiences at the newspaper and throughout her long career, over two decades with Certified Public Account (CPA) trade groups, Rosso grew to understand what the barriers are and how to systematically tear them down.
Since coming on board at ISC2 in October 2020, Rosso has worked hard to bring women and minorities into the cybersecurity industry. One of her first moves was to spearhead a strategic plan for diversity, equity and inclusion (DEI) that outlined five objectives, including bringing more women and minorities into the cybersecurity education pipeline and having more women and people of color in leadership roles at industry employers.
Rosso says what’s different about cybersecurity is that, with today’s skills and talent gaps in the industry, there’s no reason for anyone to feel threatened — there are thousands of open jobs. According to recent CyberSeek numbers, there are 663,434 open cybersecurity jobs in the U.S. right now.
“With the kind of skills gap we have, there’s room for everyone,” says Rosso. “When you’re bringing people in at the entry level, if you’re an experienced pro, you can do the higher-level threat analysis work and the new people can do the more tedious, entry-level work. It really creates huge opportunities for the existing members of our profession.”
Rosso says ISC2 will spend a lot of time in the next several months making sure newly certified people land jobs in the industry. ISC2 just celebrated its one-year anniversary of launching its certification program and Rosso says it’s going well. To date, the trade group has enrolled 275,000 people and 31,000 are certified.
Along with her work with the certification program and DEI efforts, Rosso has also forged meaningful collaborations with more than 30 partners and industry groups that are committed to enhancing women in cybersecurity. This includes organizations such as the Australian Women in Security Network (AWSN), Women4Cyber, Women in Cybersecurity (WiCys) and Chartered Institute of Information Security (CIISec).
Rosso is keenly aware that women only make up 25% of the cybersecurity workforce. That’s why she’s been a tireless mentor for women in the profession, advocating for pay equity, removing bias from hiring and advancement practices and making inclusion a priority.
“I’m in a position now where I can advocate for people who can’t advocate for themselves,” says Rosso. “I feel I’ve been given a great opportunity with cybersecurity, and in the past three years, I haven’t been disappointed.”