Women in cybersecurity reflect on a decade of change - The Manila Times

TEN years ago, cybersecurity was not the kind of word that came up in boardrooms. Bring it up, and someone would steer the conversation back to IT, where it apparently belonged, handled by technical people in rooms most executives had no reason to enter. Women were even less visible in those spaces. That combination of narrow thinking and narrow representation shaped the industry for a long time. Progress has happened, but it has not been the clean, linear kind. For International Women’s Day 2026, leaders at Palo Alto Networks across Asia-Pacific looked back on the past 10 years through the lens of #GiveToGain. What they brought was not a victory lap but more an honest accounting of what actually moved, where momentum stalled, and what the industry is still working through. Going back to 2016, ransomware was becoming a real problem, most companies were still sorting out the cloud, and security was largely seen as an IT matter that did not need to travel far up the org chart. That has since changed, and security now lands squarely on the CEO’s desk. What has not kept pace is who gets to be in that conversation. Oil shock seen squeezing Filipino households For the Philippines, Bernadette Nacario, country director at Palo Alto Networks, sees the decade as progress but unfinished progress. The gender gap in cybersecurity remains a challenge, she said, but also the industry’s greatest opportunity for growth. “AI-driven fraud is no longer a future threat — it is a present reality,” she noted. Get the latest news delivered to your inbox Sign up for The Manila Times newsletters By signing up with an email address, I acknowledge that I have read and agree to the Terms of Service and Privacy Policy. Her approach is to treat diversity as something you build deliberately, not something that happens passively over time. For Nacario, #GiveToGain maps naturally to bayanihan, the Filipino belief that people get further when they carry the load together. In practice, that looks like sharing what you know, pulling younger professionals forward and leaving doors open for whoever comes next. It also matters more now than it did 10 years ago. The Philippines has moved well past its reputation as a social media-heavy market and is now a serious player in AI adoption, which means the question of who gets to shape that technology is no longer abstract. From Singapore, Claribel Chai, country director for Singapore and CLMB, made a similar point. Security in 2016 was niche, tucked away in specialist teams with limited reach into the broader business, and that is no longer the case. But scaling technology, she was careful to note, does not automatically scale opportunity. Alliance for Sara launched in Cebu “When we operationalize inclusion and champion diverse talent in tech, we create a legacy of leadership that outlasts any single technological shift,” she added. There has also been a quieter change in how the industry talks about risk itself. Sharmin Jassal, director of corporate communications for Japac (Japan and Asia-Pacific), noted that the old framing was almost entirely about prevention, the idea that a breach was a failure to be avoided at all costs. That has given way to something more grounded. Preparedness matters, as does how openly an organization responds when something goes wrong and how quickly it gets back on its feet. Jassal sees communications sitting at the center of all that, taking what is technically complex and turning it into something decision-makers can actually work with. Among the reflections shared, Riccardo Galbiati’s stood out a little, partly because he is one of the few male voices in the group. As regional chief security officer for Japac, he looked back at 2016 and described a more uniform industry, not just in who held senior roles but in how security problems were framed and solved. Islam of Islam He has worked with women leaders long enough that it has changed how he approaches security. “Different perspectives challenge assumptions, surface blind spots earlier, and lead to better decisions in high-stakes environments,” Galbiati said. His view is that male leaders have a specific responsibility to use their platforms to push for more seats in the boardroom and to make sure all voices are heard. A different kind of story came from Nicole Quinn, vice president for Policy and Government Affairs for Japac. She had watched Australia’s government reframe cybersecurity around 2016, moving it away from pure defense territory and into economic policy, which at the time felt like real progress. ‘Teaching is about salvation’ But she is honest about what followed: the momentum did not hold together the way it should have. Sectors kept doing their own thing, and real coordination took much longer than anyone expected. By 2026, no single sector can carry this alone, and the public-private partnerships that have taken shape reflect that. She has also noticed that the most innovative solutions do not come from the loudest voices but from the most diverse ones. Nacario’s read is that the technology is ready. Her bayanihan framing suggests the answer lies less in tools than in who is trusted to use them.