Professor Elizabeth Hawthorne: A Trailblazer for Women in Advancing the Cybersecurity Profession
By: Daniel Cohen
Dr. Elizabeth Hawthorne, professor and director of cybersecurity programs in the Khoury College of Computer Sciences on Northeastern’s Arlington campus, has been recognized by multiple professional organizations for her dedication to cybersecurity education and for championing women to pursue cybersecurity careers.
But when she began her freshman year of college, she had no intention of studying computing as she had not been exposed to it during high school. After taking an introductory programming class required for her major, though, Hawthorne learned she excelled in the subject and changed her major at Rider University’s business school to decision sciences and computing. “I guess I had a natural proclivity for it, which I never knew,” she said.
Her discovery proved fortuitous, leading to a decades-long career as an educator in computing and a researcher focusing on digital forensics, AI in cybersecurity, software security and privacy. When the field of cybersecurity emerged in the 1990s, Hawthorne found a specialty within computer science that truly fit her interests. “I just took to it. … I’ve always liked puzzles and mysteries. It was like trying to solve a mystery,” she said.
Beyond her work as a professor and researcher, she has contributed to the profession of computing through her involvement with a variety of professional organizations. Hawthorne has been closely involved with Women in Cybersecurity since the organization was founded in 2013, helping the group advance its goal of fostering the careers of women in cybersecurity and strengthening the industry’s workforce. “That’s my true passion,” she said. For the past five years, she has moderated a panel during the organization’s annual conference aimed at showing first-time attendees that the profession is diverse and composed of people from a wide variety of backgrounds.
“Cybersecurity is a big tent for all,” Hawthorne said.
She also takes pride in the support she offers female students in her role as a mentor, helping them navigate their professional careers. “Women have to help women; [the] women coming behind them.”
Women have already made significant gains in the field. They made up only 11 percent of the cybersecurity workforce in 2012 but are now estimated to represent 25 percent of the profession, Hawthorne said. Women in Cybersecurity has set a goal of 2030 for women to make up half the workforce.
Hawthorne’s career has also been defined by her enduring work on educational activities for the Association for Computing Machinery (ACM). From 2014–2017, she served on a task force that wrote the first guidelines for a post-secondary cybersecurity curriculum. She previously helped develop curricula for computer science and IT programs at community colleges. More recently, while serving as co-chair of the organization’s Education Board, Hawthorne oversaw an effort to update the computer science curriculum for post-secondary schools.
Supporting the industry beyond her work in the classroom is important to Hawthorne, especially in light of the field’s growing workforce gap. Last year, ISC2 estimated the global workforce gap among cybersecurity professionals was 4.8 million; in North America, the gap was almost 550,000 workers.
Hawthorne credits ACM as playing an oversized role in shaping her career. “I always encourage students to get involved with ACM,” she said. Along with Women in Cybersecurity, the groups are “the two pillars of my professional career,” Hawthorne added.
“Cybersecurity education continuously needs to undergo changes to keep pace with the increasing industry demand for skilled technicians and professionals. The field is constantly evolving, with adversaries frequently changing their tactics, so cybersecurity defenders must also adapt at an even faster pace. The rise of technologies—including the Internet of Things (IoT), artificial intelligence, blockchain, quantum cryptography, and cloud computing—is rapidly expanding the potential attack surface of the cyber threat landscape.”
Dr. Hawthorne, speaking with ACM in 2024 (read the full interview here)
The Best Preparation Is Hands-On Training
She came to Northeastern a year ago to lead the Arlington campus’ graduate cybersecurity program and customize the curriculum. One needed change was to integrate AI into the course offerings. The challenge was similar to the task Hawthorne took on when she joined Rider University’s faculty in 2020 after teaching for 30 years at two community colleges, Lehigh Carbon Community College, PA, and Union College of Union County, NJ. She established a graduate program in cybersecurity at her alma mater, and after four years, planned on retiring before Northeastern recruited her to Northern Virginia.
In the classroom, Hawthorne strives to get to know each of her students. She encourages classroom participation by stressing hands-on learning, as there is more for students to absorb than simply understanding the discipline’s principles and theories. For example, she currently is working with a vendor to develop a virtual cybersecurity range to show students how to defend against cyberattacks using enterprise-level tools infused with AI technology. When the platform is ready, students will connect their laptops to it and learn how to defend against cyberattacks.
“A lot of cybersecurity is defending against malicious attacks and being a step ahead of the bad actors,” Hawthorne said.
Providing students experience with tools needed to stay on top of the latest threats should provide them a significant advantage when they look for their first jobs in the field. Offering students an experiential education is one of Northeastern’s hallmarks, she noted.
The new range will include lab exercises related to the application of AI to cybersecurity and will support an “AI-infused” cybersecurity graduate certificate that the school plans to introduce in the 2025-26 academic year.
Hawthorne’s latest research focuses on the use of AI for cybersecurity. She is the lead author on a chapter of a book coming out later this year, AI for Cybersecurity: Research and Practice; her chapter is titled, “AI Implications for Cybersecurity Education and Future Explorations.”
Hawthorne encourages anyone considering a career in cybersecurity — including professionals in unrelated fields weighing a change — to take a close look at what the profession offers. “Regardless of your background, if you have the interest and desire, go for it. It’s a very dynamic field; you’ll never be bored,” she said. For career changers who don’t have a technical background, the school offers the Cybersecurity Align program.
The profession will benefit greatly from fresh perspectives, Hawthorne added. “The cybersecurity field needs everyone. We need to be able to think differently about solving problems; not just computer engineers and scientists are needed, we need all minds on this. We need you,” she said.