Despite holding a bachelor’s degree in business and working in information technology (IT), Stephanie Benoit-Kurtz was often not invited to decision-making meetings where she worked. At that time, her colleagues considered IT and data security the province of men.
That was 25 years ago. The doors of gender acceptance opened incrementally over time, but women continue to be underrepresented in IT, with just 20 percent of U.S. tech jobs held by women in 2018. It took Benoit-Kurtz 15 years to receive an invitation to the table. She is now the director of cybersecurity for Station Casinos in Las Vegas and lead cybersecurity faculty at the Las Vegas Campus.
For Benoit-Kurtz, her struggles encouraged her to serve as a role model for other women hoping to blaze their own trail in this male-dominated field.
“I had tons of people tell me I didn’t belong. Now, I sit at the table because I’m comfortable, because I forced my way to the table,” Benoit-Kurtz said. [Women and minorities] have to have strong grit and tenacity to get to that place.”
That Benoit-Kurtz has become a guest speaker on cybersecurity at international conferences and is a testament both to a changing industry and her determination to be part of it. As she sees it, organizations cannot afford not to embrace diversity at a time when there is a dire shortage of cybersecurity professionals to meet the demands of industry, government and other organizations.
She uses her platform to continue to champion diversity efforts. Earlier this year, she was invited to speak at two “community” meetings for the International PCI Standards Council, the global forum that sets standards for all merchants that accept credit cards. She presented in Vancouver, Canada, in September, and Dublin, Ireland, in October on “Making Organizations Stronger with Diversity, Networking and Mentorship.”
To honor her as a pioneer in IT leadership and education, the University named her the recipient of the 2019 University of Phoenix Faculty of the Year Award. She was one of 1,200 faculty members nominated for this year’s award. She and 18 other Faculty of the Year award winners were honored at a ceremony in Phoenix in July.
Kathryn Uhles, associate dean of the College of Business & Information Technology at University of Phoenix, said that Benoit-Kurtz gets rave reviews from students.
“She brings a passion to teaching and connecting the dots for students,” Uhles said. “She gets her students excited about learning about the field.”
"We don’t know what the field is going to look like three years from now. We just know the threats are growing exponentially. We have to prepare the workforce to be prepared to take on those threats.”
— Stephanie Benoit-Kurtz
Early IT Roots
Benoit-Kurtz started on the IT and cybersecurity path in the 1980s, when she was a 25-year-old single mother with 150 college credits — but no degree. Professionally, she was working in the academic computing department at a college in Southern Nevada.
She believed that a degree could help her prepare to pursue opportunities that interested her. So, Benoit-Kurtz collected her college records and went back to school — at University of Phoenix.
She finished her bachelor’s degree, then decided to take her education a step further. She wanted a master’s degree in business administration, which she considered necessary to be relevant and to compete with other professional candidates. She later completed her graduate work at UOPX.
Benoit-Kurtz has now spent three decades within the IT industry, working for a variety of large and small organizations and as a consultant. The changes in the field have been enormous. Now, cybersecurity threats often involve ransomware and phishing attacks through email, and even more sophisticated methods like social engineering.
“We used to just be worried about viruses and locking server rooms,” Benoit-Kurtz said. “Nothing could have prepared us 25 years ago for what we see today.”
‘Keeping the diamonds in our data safe’
Benoit-Kurtz said that one of the key lessons learned by modern organizations is that cybersecurity is everybody’s business and everybody’s job. She believes that “keeping the diamonds in our data safe” is a group effort and not the responsibility of a small group of cybersecurity professionals.
So how do organizations protect these diamonds? Education.
“A very big part of the security posture in general is educating the workforce on what the risks are,” she said. “How to keep the diamonds protected.”
In her talk delivered at the PCI Standards Council community meetings this fall, Kurtz encouraged minorities to assert themselves within the IT and cybersecurity industries, even if they feel they don’t belong because they are not white and male. She implored them to come to the table and be excited about their work. Pulling from past experience, her key message was never to let other people tell them that you don’t belong in a room.
Benoit-Kurtz sees her involvement in education as vital for her profession.
“We don’t know what the field is going to look like three years from now. We just know the threats are growing exponentially,” she said. “We have to prepare the workforce to be prepared to take on those threats.”