Facebook’s Aanchal Gupta Is ‘THE VOICE’ Of Women’s History Month Today

 In Evidence, Think Piece

For ‘Women’s History Month’ in March, APPG AI is collaborating with Rajinder Tumber, one of the members from the Citizen Participation Task Force, to launch ‘The Voice’ – The Women’s History Month Series.

In this series, women from some of the world’s most prestigious organisations will be making their voices heard, in the attempt to attract more women into the world of AI and cyber security. 

Facebook’s Aanchal Gupta Is ‘THE VOICE’ Of Women’s History Month Today.

Welcome to ‘THE VOICE’ series for Women’s History Month, produced to help encourage more women to join the cyber security and artificial intelligence industries.

Today’s edition of ‘THE VOICE’ features Aanchal Gupta, from Facebook.

Founded in 2004, Facebook’s mission is to give people the power to build community and bring the world closer together. People use Facebook to stay connected with friends and family, to discover what’s going on in the world, and to share and express what matters to them.

Aanchal was interviewed in 2019, to share her experience of working in the cyber security industry.  She is a Director of Security.

Aanchal leads a team of security experts who are responsible for assessing and mitigating security risks across Facebook.


Rajinder Tumber: Why did you join the cyber security industry?

Aanchal Gupta: I am passionate about building secure and trustworthy products that my friends and family can safely use. I strongly believe that we should build intuitive products that don’t require people to take overly complicated measures to stay safe. For example, memorizing a unique 15-character password for every website or app you use is not scalable, especially since the average person usually has scores of accounts across web and mobile. During my early career as a software engineer, I noticed that people were often losing access to their accounts entirely due to password compromise and plain old human error. My teammates and I tried to solve this problem via OpenID/OAuth, but issues remained. This was an important moment in my career; it made me realize that there was so much more that could be done in this space and overall security in general. This led me to ultimately decide to pivot and focus full-time on security.

Tumber: What do you feel you can contribute to the industry?

Gupta: As a former software engineer, I am uniquely positioned to understand the time-driven and priority-based challenges engineering teams face, while balancing it with critical security needs. This empathy and understanding has led me to focus on automating security requirements and building security tools that help engineering teams scale – without compromising the security of the people who depend on their software every day. To further streamline security operations, I divide my teams into three categories:

  • Builders – people who develop security frameworks, tools, processes and procedures
  • Breakers – people who test or audit our security systems and processes
  • Defenders – People who detect and respond to security events and incidents

By adopting this collaborative approach, I’m able to anticipate risk more effectively, while setting clear expectations for my engineering counterparts.

Tumber: The ratio of men working in cyber security is significantly greater than women.  What do you think women can bring to a male-dominated team/domain?

Gupta: I believe that women – as well as other underrepresented groups – bring diversity of thought and experiences to all fields, including security. A diverse team is able to more creatively problem solve because each member brings a unique perspective, skill set and thought process. And it’s important that the industry be more reflective of the people we are working to protect. For example, when we were working on implementing new tools to protect women in India, it was invaluable to have women on our team who could deeply empathize with the people using our product and the problems they face.

Tumber: Being a minority in your team, what (if any) challenges have you encountered?

Gupta: Earlier in my career, when my son was little, I had to pick him up from school by a certain time. My manager at the time had this habit of coming to my desk and initiating a discussion precisely when I was about to leave. As a result, I ended up arriving late for pickup – and feeling like a bad mom. I was torn – do I bring this up with my manager and risk being perceived as uncommitted to my job, or do I raise the issue and take the leap of faith that my manager will recognize that being a good mom and a good software professional aren’t at odds? After a few weeks of struggling internally, I decided to take the latter route and share this with my manager. To my surprise and relief, he was very supportive and apologized as he didn’t realize it was an issue.

This was an important lesson for me in learning how to advocate for myself, and a lesson I have tried to impart to my team. Given the leadership role that I have, I feel empowered and supported to build a diverse team, and to redefine what “showing up to work” means. I encourage my team to have crucial conversations with their colleagues and managers, making them aware of their perspective and challenges. I am extremely proud of my team and the fact that I have been able to attract and retain diverse talent over the years.

Tumber: Would you say your career has been a smooth rise to higher positions, or has it had its dips and detours? Please elaborate.

Gupta: If you had told me 20 years ago that I was going to end up in cybersecurity, I would not have believed you; my career has been a bit of a surprise to me. In fact, there were times when I felt that some of the opportunities I was faced with didn’t totally align with my skill set – especially earlier in my cybersecurity career. Having confidence, courage, and some risk taking helped, as did mentors that I have been fortunate enough to have along the way like Eric Boyd, Armin Ebrahimi, and Adrian Asher. These mentors had confidence in me, pushed me to take on new challenges, and trusted me to succeed. I am so grateful for their mentorship. Also, your mentors aren’t necessarily the people you meet at work or school.. One of my greatest champions – to this day – is my mother. She still watches every presentation I give, and provides invaluable feedback, not to mention encouragement and love.

Tumber: Have you experienced any difficulty with making yourself heard during your career?

Gupta: I have definitely experienced this, especially when I have taken on new roles and was still working on building credibility with a new team or company. To build my credibility, I not only make sure to take the time to learn deeply about the domain, but also to listen. It is so important to understand what has already been tried and has failed to avoid churn and foster collaboration. Once I have done my homework, I recruit allies as a sounding board to get feedback. These steps have helped me get my message across while I build a reputation with a new team.

Tumber: Within the workplace, do you feel women are being treated differently because they are female?

Gupta: I think that sometimes people are unaware of their bias – like my manager who didn’t realize that by stopping by my desk in the late evening he was making me late to pick-up my son. More often than not people don’t intend to be discriminatory, but their behavior can be insensitive or even impact people’s professional advancement. While some of this can be done through honest, one-to-one conversations, formal trainings are critical in ensuring bias is taken into account across teams and divisions. I know that I’ve learned a lot from the trainings I continually take, and I encourage my team to take part in them as well.

Tumber: Do you think more women should be encouraged to join the cyber security industry? If so, why?

Gupta: Absolutely. Simply hiring a team of people proficient in the same exact skill is not enough – we also need to invest in building teams made up of different genders, ethnicities, and capabilities who can empathize with the needs of their end-users. According to a recent survey by Cybersecurity Ventures, there will be as many as 3.5 million unfilled positions in the cyber security industry by 2021; this is a tremendous opportunity to usher in the next generation of cybersecurity experts, and bring in more diversity of backgrounds and opinions to the field.

Tumber: How do you think more women can be encouraged to join? 

Gupta: Women who are already in security should share their journey with the younger generation and inspire them to join this interesting and challenging space. Industry leaders should also provide training and support at a global level. At Facebook, we have worked with CodePath to create an introduction to web security online course at schools with underrepresented minorities to help them consider a career in security. We have built partnerships with organizations like WiCys and R00tz that share our goal of inspiring and developing the next generation of information security professionals. On the global front, we have hosted hackathons, hands on training courses, career panels and competitive CTF (Capture the Flag) events.

Tumber: Do you have any advice to share for female professionals who want to enter the cyber security industry?

Gupta: Don’t look for 100% skill set match. Leave some room for growth in the role and push yourself to take on new challenges – even if you don’t think it totally aligns with your skillset. Build a strong network of mentors and give back to the community by supporting younger generation.

Recent Posts

Leave a Comment

Contact Us

Please use this form to send us an e-mail directly