Blog/

Compliance /

“Elevating Women in Compliance and Technology” webinar: 5 key takeaways

In the dynamic realm of technology, where breaking barriers and setting new benchmarks is a formidable task, women are demonstrating remarkable resilience as they navigate careers in the male-dominated compliance and information security industry. So earlier this year, in recognition of Women’s History Month, we hosted a webinar, Elevating Women in Compliance and Technology, featuring a panel of female industry leaders, including:

Eva, Robin, and Mary share insights gleaned from the challenges they’ve navigated and the triumphs they’ve celebrated. Here are five key takeaways from the webinar for technology professionals looking to take the next step in their careers, regardless of where they sit in their organization or their years of experience. Get ready to be inspired by trailblazers who’ve not only garnered success but have also paved the way for more women to follow in their footsteps.

You can watch the full discussion here or continue reading for some highlights.

#1. Indirect career path? Don’t sweat it.

Every career path is a unique journey. If your background isn’t in information security, but you’ve developed a passion for the work, you’re not alone. Mary Gardner, for instance, shares her story of discovering cybersecurity on her path to becoming a biologist. She advises women to take educated risks and stay curious when venturing outside their area of expertise.

Meanwhile, Robin Smith shares how she established an interest in information security by way of her work in accounting, explaining:

We all have a choice about who we want to work for. And so I think it is important to make sure that whoever you report to and you work…

… From there, I moved into information technology and then further into security and compliance.

At the same time, Mary Gardner points out that your mentor doesn’t have to be someone who sits above you in your org chart. She describes how an engineering team lead who reported to her was a great mentor for her when it came to enacting hiring practices to build diverse teams. She says:

Mentors don’t have to be your leaders.

They can be people that you lead. It’s [about] being open to working with people and learning what people can teach you.

If you don’t have mentors at work, don’t pressure yourself to find them. The panelists describe how having a mentor is organic–a matter of who shows up at different points in your life and whose skills can guide and inspire you.

Recommended for you

Meet the women of Thoropass

icon-arrow-long

#3. To earn buy-in, anchor compliance in business strategy.

The participants all underscored the need to include compliance and information security professionals in business strategy discussions. Aligning security initiatives with business objectives is the key to getting traction in your organization.

Robin Smith points to the value of running cost/benefit analyses to get executive buy-in for your information security initiatives. Even introductory coursework in finance or economics can help you talk the talk. She describes:

If you can put together those schedules that say, ‘here’s what this is going to cost on a five-year plan’… and address [a CFO’s] concerns,

it will help you immensely to get what you need, get the tools that you need, and the staffing that you need going forward to reduce that risk.

Mary Gardner agrees that so much of getting buy-in is being able to speak the language of the business. As she grew in her career, she learned from a CFO how to approach board meetings to set herself up for success, saying:

It’s really important to make sure that when you enter that boardroom, you’re talking about risks and things that the business is interested in-

not what settings you have on your cloud access security broker because everybody’s going to glaze over and start reading their phones at that point..

#4. Women in infosec are charting a course for future leaders.

The panel describes nuanced experiences working in a field where men outnumber their female counterparts. While they agree that women in information security face significant challenges like pay disparities and underrepresentation, they describe being outwardly respected and valued by their male peers. At the same time, they describe being keenly familiar with the feeling of being one of the only women or the only woman in a meeting.

Building on this, Robin Smith describes the disheartening experience of finding men-only leadership pages while researching potential vendors, saying:

It’s suit and tie, suit and tie, suit and tie, suit and tie… There are inroads to be made. Hopefully, as women continue this path,

we’ll bring more in and elevate more into those roles, so we start to see if it’s a suit and tie, it’s a Diane Keaton suit and tie.

icon-arrow-long

Despite these challenges, opportunities are expanding, particularly in data privacy and security. Diverse backgrounds are increasingly valuable, and women are paving the way for others. Eva Pittas describes creating a women’s council in a past role, saying:  

[We created the council] for women to support other women…

When you have someone who respects you, who you’re building a relationship with, and you support one another and give back, it’s just so powerful… Being intentional with this is really a differentiator.

icon-arrow-long

The panelists stress the importance of networking to overcome barriers and express optimism about future changes toward more inclusive leadership and diverse teams.

#5. Don’t become complacent about compliance.

As compliance and cybersecurity rapidly evolve, staying informed on future trends and necessary skills is crucial for career growth. For Robin Smith, the impact artificial intelligence will have on information security is top-of-mind. She offers advice on how to keep up over the next five to 10 years, saying:

[AI] is going to quickly leave you in the dust if you’re not figuring out how to partner with the business… If you become the person of ‘no,’ you’re going to become obsolete…

Constantly [keep] up with these new developments so that as they’re coming about, you’re not blindsided by them.

icon-arrow-long

Eva echoes the same sentiment, saying that the future comes down to figuring out how to become an enabler. Mary sees cybersecurity professionals as being well-positioned to be enablers within their organizations, saying:

The cybersecurity function can be a business enabler. I think if we try and take that tactic.. we’re going to create advocates within the business.

And if we create advocates within the business, we get a seat at the table, and we learn to understand what the business needs and we learn to speak in their language.

Closing words

The compliance and cybersecurity landscape and technological progress are inherently linked. In the age of AI adoption, there’s tremendous promise for professionals who can detect and articulate risk and link cybersecurity with business strategy. If you’re an analytical thinker who wants a fast-moving career in an ever-changing landscape, then now’s your time to shine. If you’re ready to see what powerful automation, unmatched expertise, and high-quality audits can do for your business, book time with a Thoropass expert now.

icon-arrow-long

Thoropass Team

See all Posts

Related Posts

Thoropass recognized by Frost & Sullivan for customer value leadership

Frost & Sullivan has recognized Thoropass with the 2025 Global Customer Value Leadership Recognition in the compliance automation industry.Each year, Frost & Sullivan evaluates companies across industries and honors those that demonstrate exceptional innovation, market leadership, and customer impact. This recognition reflects what our customers already experience: when you bring together compliance automation and accredited audit expertise, you eliminate the chaos of traditional compliance and create a path to faster, more predictable assessment outcomes.

Read Article

Thoropass makes the 2025 Inc. 5000 list of fastest growing companies in America

NEW YORK, August 12, 2025 – Inc., the leading media brand and playbook for the entrepreneurs and business leaders shaping our future, today announced that Thoropass is on the annual Inc. 5000 list for the second year in a row. The list provides a data-driven snapshot of the most successful companies within the economy’s most dynamic segment—its independent, entrepreneurial businesses. Past honorees include companies such as Microsoft, Meta, Chobani, Under Armour, Timberland, Oracle, and Patagonia.

Read Article

Stay connected

Subscribe to receive new blog articles and updates from Thoropass in your inbox.


Want to join our team?

Help Thoropass ensure that compliance never gets in the way of innovation.

View Open Roles

Have any feedback?

Drop us a line and we’ll be in touch.

Contact us
Get Started

Solutions

Get CompliantMaintain ComplianceIT Security Audits

Products & Services

Thoropass AuditCompliance AutomationPentestingThoropass AIAccess ReviewsSecurity QuestionnairesRisk AssessmentTrust CenterIntegrations and APIs

Frameworks

SOC 1SOC 2HIPAAHITRUSTCyber EssentialsGDPRISO 27001ISO 27018ISO 42001CMMC Level 1NIST CSF 2.0PCI DSSOther Frameworks

Industries

HealthcareSaaSFinTechOther Industries

Company

Our DifferenceMeet the ExpertsNewsroomCareersIndependence and ExcellenceBecome a PartnerTrust CenterContact us

Resources

Case StudiesBlogGuidesEventsHelp Center

Legal

MSADPAReport an IssueTerms and ConditionsPrivacy Policy

Leading by Example: Thoropass' Certifications

© Copyright 2025 Thoropass, Inc.