Women are a distinct minority in IT overall, but many women are finding success as information security managers, a field that combines pure technological know-how with business acumen and managerial skills.

At least that was the premise behind the first Alta Associates Executive Women in Information Security Forum, which recently attracted more than 100 women to Fort Myers, Fla.

Attendees at the three-day event included chief security officers, senior vice presidents and CEOs from Fortune 500s such as AT&T, MCI, Oracle  and Time-Warner, and consultancies such as Guardent Technologies and Sanctum.

Although statistical data is hard to come by, a 2002 salary survey of more than 6,000 IT professionals found that women make up about 12% of the security workforce, and 22% of those women are managers. (To see the full report, click here .)

"Women are suited for these jobs because they can see the win-win between technology and business," says Joyce Brocaglia, CEO of security headhunting firm Alta Associates. "They're good at communication, relationship management, team-building and multitasking - all of which are essential traits for executive-level positions."

David Foote, co-founder of the market research firm, Foote Partners, agrees. He says information security organizations will blend technology, communications and behavioral sciences, so more leadership positions will be filled by women with an education in the technical and social sciences.

Knowing their business

Such communication and people skills were evident during the 10 hours a day of seminars at the conference, where these busy executives learned from one another's experiences.

Rhonda MacLean kicked off the conference by jolting everyone awake with a single sentence.

"I've been able to raise my security budget by 1,000% in the last seven years," said MacLean, senior vice president and director of corporate security for the $35.1 billion Bank of America.

She has proven with each new project that it added value to the entire company.

Take access controls, for example. Using a process-improvement methodology, she proved how the company's new systems reduced the manpower needed to handle millions more access requests, while at the same time improving the speed of handling those requests.

"My unit competes with every other business unit in the company for staff and budget," said MacLean, who's also financial services cybersecurity sector liaison for Homeland Security. "My boss saw my metrics and, after learning about our process improvements, said 'You're either very good or underfunded.' I said we're both."

People skills

Discussion gravitated toward firing, hiring, and managing people, even in crises such as the Sept. 11 terrorist attacks.

"We lost an employee who was on one of the hijacked planes Sept. 11. Then we lost three in a nightclub fire. In a company our size, that's a huge hit," says Maria Cirino, CEO and chair of Guardent.

Cirino doesn't think being female made her any more suited for managing in such crises. "Anyone would manage with compassion in a situation like this," she says.