Rebecca Zisser / Axios

Rinki Sethi, senior director of security operations and strategy for Palo Alto Networks, spends a lot of time thinking about how to attract a more diverse workforce in the cybersecurity field, where only 11% of workers are women. To that end, she's helping the company create a curriculum for 18 cybersecurity badges for the Girl Scouts, which will launch next year.

Why it matters: While the gender gap is pervasive throughout the tech industry, it's even more pronounced in the highly technical security sector. Sethi has held security operations roles at Wal-mart.com, eBay, and Intuit, and she says hiring managers need to focus on doing one simple thing: looking for candidates who are different than themselves.

Here are some highlights from Sethi's recent chat with Axios:

You've written about the importance of taking risks in your career. How has that played out for you?

A lot of people have fear of taking the risk and actually asking for the position they want. When I was at eBay, I wanted to be chief of staff of the cyber organization there and my boss said "no, you're not ready." Sometimes you get the yes and sometimes you get the no. At that point it was no, but it turned around quickly. I've taken so many risks since then, but that was a game changer for me.

How does taking risks translate to hiring for diversity?

Hiring managers need to be more selfish. It's not taking a risk to find the best person for the job. But that that also means you need to broaden the scope and bring in thought diversity to your team. I want to find someone to compliment the team but the only way to do that is to go outside of what I'm comfortable with.

Thought diversity goes beyond gender. [In India], I was talking to someone whose employee built a security operations center —and that employee was completely blind. I was blown away. The way that person is going to solve a problem is going to be so different. It's about removing my own biases, understanding where I've come from, and then looking at how I can complement that in a different way, That goes beyond [hiring] women.

What's your biggest focus when it comes to security threats these days?

We're pounding the pavement about prevention. In the security industry, it used to be about detection and containment. People use to believe that breaches and attacks were going to happen — that you can't prevent them, you just have to be ready to respond to them. That's changing. It's now about designing networks, infrastructure, applications to prevent those attacks in the first place.

What does that mean for the skills the industry is looking for?

Our customers are having trouble finding talent. So they're looking at using automation... to reduce the surface area for attacks, so they are not having their employees do the same things every day. They're trying to move to threat hunting — looking at how something happening on one part of the network correlates to what's happening to on another part of the network — which requires a lot of data analysis. It's easier to recruit talent into jobs focused on threat hunting because those are the fun roles in security... It's less about the technology than it is about having the right people who know how to use that technology.

Go deeper

Deadly Hurricane Zeta slams U.S. Gulf Coast

A satellite image of Hurricane Zeta. Photo: National Hurricane Center/NOAA

Hurricane Zeta has killed at least one person after a 55-year-old man was "electrocuted by a downed power line" in Louisiana as the storm caused widespread power outages Wednesday night, per AP.

What's happening: Zeta made landfall south of New Orleans as a Category 2 hurricane earlier Wednesday before weakening to Category 1. But it was still "battering southeastern Louisiana and southern Mississippi with life-threatening storm surge, high winds, and heavy rain" late Wednesday, per the National Hurricane Center.

Updated 38 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Politics: Biden ahead in Wisconsin, Michigan as cases surge in the Midwest.
  2. Health: Fauci says U.S. may not return to normal until 2022 — Trump's testing czar: Surge "is real" and not just caused by more tests Some coronavirus survivors have "autoantibodies."
  3. Business: Consumer confidence sinking Testing is a windfall.
  4. World: Europe faces "stronger and deadlier" wave France imposes lockdown Germany to close bars and restaurants for a month.
  5. Sports: Boston Marathon delayed MLB to investigate Dodgers player who joined celebration after positive COVID test.
1 hour ago - Health

Fauci says U.S. may not return to normal until 2022

Director of the National Institute of Allergy and Infectious Diseases, Anthony Fauci, testifies during a September Senate hearing on COVID-19 in Washington, D.C. Photo: Graeme Jennings/Pool/AFP via Getty Images

NIAID director Anthony Fauci told the Journal of the American Medical Association on Wednesday he doesn't expect a COVID-19 vaccine to be ready until January 2021 or later.

What he's saying: Fauci said during the interview that the U.S. was in a "bad position" after failing to keep case numbers down post-summer. "We should have been way down in baseline and daily cases and we’re not," he said.