Advocate — Module 03

Step Into
Leadership.

At the intersection of cybersecurity, law, and policy, knowledge becomes impact. Representation builds stronger, safer systems for everyone.

Why Representation Matters

Cybersecurity needs
more voices.

Different perspectives strengthen security, policy, and protection. The next generation of leaders in cyber and law are being built right now.

Cybersecurity is no longer just technical. It shapes national security policy, privacy law, corporate liability, and the legal rights of every person who uses the internet.

Women make up approximately 25% of the cybersecurity workforce globally. In leadership roles, the number is even smaller. That gap represents missing perspectives in every room where security decisions are made.

Cipher and Counsel exists to help close it, by building pathways, providing resources, and creating a community where the next generation of women in cyber, policy, and law can find each other.

The Problem
A Representation Gap With Real Consequences
When security teams lack diverse perspectives, the threats they miss, the policies they write, and the systems they build reflect that absence. Inclusion is a security issue, not just a social one.
The Opportunity
Interdisciplinary Leadership Is in Demand
The practitioners who can bridge technical security, legal accountability, and policy communication are among the most valuable people in the field. That intersection is where Cipher and Counsel lives.
Career Pathways

Where cybersecurity,
law, and policy meet

These are the roles where technical security fluency and legal or policy expertise combine into something rare and powerful.

Privacy Law
Privacy Counsel and Data Protection Officer
Legal professionals who advise organizations on compliance with privacy regulations including GDPR, CCPA, and HIPAA. The CIPP/US certification is the primary credential for this path.
Policy
Cybersecurity Policy Analyst
Government and think tank roles that translate technical threat intelligence into policy recommendations. Requires the ability to communicate across security practitioners, lawyers, and legislators simultaneously.
National Security
Intelligence Analyst and Threat Researcher
Roles at agencies including CISA, NSA, DHS, and the FBI that require both technical OSINT methodology and strong written communication skills to produce intelligence products for decision-makers.
Industry
Chief Information Security Officer
Senior leadership roles responsible for an organization's full security posture, vendor relationships, incident response planning, and security communication to boards and legal teams.
Community

Resources and
organizations

These organizations are actively building the community of women in cybersecurity, policy, and law.

WiCyS
Women in CyberSecurity
The premier organization connecting women in cybersecurity from academia, research, and industry. Offers scholarships, mentoring, and annual conference. wicys.org
IAPP
International Association of Privacy Professionals
The world's largest privacy professional organization. Certifications include CIPP/US, the gold standard for U.S. privacy law and data protection credentials. iapp.org
ISSA
Information Systems Security Association
Professional organization with local chapters and annual scholarships for women in security including the Shon Harris Women in Security scholarship. issa.org
CISA
Cybersecurity and Infrastructure Security Agency
Federal agency offering internships, workforce development programs, and free training resources. Internship program is open to current undergraduate students with U.S. citizenship. cisa.gov
Research Portfolio

Original investigation
and research

Five research documents built to industry standards, demonstrating the dual-audience translation at the core of the Cipher and Counsel mission.

National Security · OSINT
Volt Typhoon Threat Actor Investigation
OSINT investigation into a PRC state-sponsored threat actor with 11-technique ATT&CK mapping and five-year campaign timeline. Sourced from CISA, NSA, DOJ, and Unit 42.
View Publication *
Threat Intelligence
Boggy Serpens Threat Assessment
Dual-audience report on an Iranian-linked threat actor with 11-technique ATT&CK mapping, 7-family malware toolkit, and real IOCs from CISA, MITRE, Group-IB, and Huntress.
View Publication *
Incident Response
IR Documentation Suite
Four-document suite: Technical Report, Executive Briefing, Legal Escalation Log, and Lessons Learned demonstrating multi-audience translation discipline.
View Publication *
Technical Documentation
Threat Intelligence API Reference and SIEM Playbook
Full API reference with Python examples and SIEM integration workflow. Enrichment playbook with IOC normalization, escalation matrix, and confidence thresholds.
View Publications *

Knowledge becomes impact.

Representation becomes change.

Meet the Founder * Back to Home