IST grad passionate about technology, shrinking gender gap in IT

UNIVERSITY PARK, Pa. — Krista Theodore, a 2013 graduate of Penn State’s College of Information Sciences and Technology (IST), always knew a career in technology was in her future.

She was sure when her parents asked what she wanted for Christmas when she was eight, assuming she would want to a "My Size Barbie" like many of her classmates. But instead, she told her parents she wanted a computer, and handed them a sheet of specifications for the custom-designed laptop that she wanted to build. “I eventually got that Barbie for my birthday, but it was nothing like that computer,” she said.

Theodore, an IT security engineer for the University of Miami’s Information Security Office, said that as long as she has been interested in technology, her parents have encouraged that passion and supported her choice, even when it meant giving up a paid tuition in her home state of Florida to attend Penn State, where she double majored in IST and security and risk analysis (SRA) as a Bunton-Waller Fellow. She chose the College of IST in ninth grade after speaking to a representative during a job fair.

“As soon as I saw that IST had accreditation for the NSA [National Security Agency] and that a good number of professors were still in the field or had access to up-to-the-minute training, I knew I had to go there,” she said.

She came to the college as an IST major, and decided to add a second major in SRA after completing an elective recommended by her academic counselor — a decision she believes gave her a competitive edge in the job market and with clients who often don’t know how to properly utilize solutions created for them by security professionals. “I use my IST major to communicate in business, but I use the SRA background to offer security analysis,” she said.

As a security engineer, Theodore develops strategies to maintain the confidentiality, integrity and availability of data, while specializing in cybersecurity awareness and education, regulatory compliance and risk management. She holds specialized certificates as a Certified Security Compliance Specialist and Payment Card Industry Professional, and is a self-described “security geek.”

Her resume is stacked with evidence of her passion and expertise in the field of information technology and cybersecurity, but despite her very busy schedule, Theodore still finds time to educate older “digital immigrants” and mentor young women entering the technology field.

Digital immigrants, or individuals who learned to use technology later in life, are prevalent in South Florida where Theodore lives. The group is often at a technical disadvantage to younger Americans who never knew life without the internet and smartphones. She counsels them about online security and how to avoid phishing schemes, as many of them have little knowledge on how to keep their information safe, she said.

She feels the same about mentoring young women who are pursuing careers in technology. So when the opportunity arose for her to mentor other young women, she became a board member of ITWomen, a non-profit dedicated to narrowing the gender gap in technology, helping girls get scholarships and pairing them up with seasoned mentors. Theodore is proud of the fact that the women are spread throughout the country studying at great universities, but are still benefiting from a supportive network.

“Currently women make up only 11 percent of the cybersecurity work force,” said Theodore. “I think we can do better than that!”

To help change that statistic, she is also a member of the Executive Women’s Forum, the largest member organization for female leaders and executives in the Information Security, Risk Management and Privacy industries.

In addition to taking the time to give back to the community and helping young women progress in IT, Theodore said she remains intensely focused on her own future. When asked where she sees herself in ten years, her reply was enthusiastic, “Still in the security field! This field is still in its infancy and there is a huge need for professionals who can create strategies for security and advocacy, and also educate the end user on risk management.”

Last Updated May 15, 2017