Women in Security Aren’t Breaking Barriers. They’re Leading the System.

Debbie Gaxiola-Maples started her security career above a ceiling tile.

In the 1980s, long before analytics dashboards and AI tools, she climbed overhead a retail sales floor to monitor a cash register. Retailers didn’t have sophisticated surveillance systems. No digital playback. No layered analytics.

“It was your eyes,” she recalls. “There wasn’t a camera recording everything.”

That kind of immersive, ground-level experience builds fluency no executive training program can replicate. Maples has worked across nearly every department related to security and loss prevention during her career.

Today, she’s the Vice President of Global Safety & Security at Salesforce, managing investigations, protective services and global safety operations for a multinational technology company.

Her career path illustrates that operational fluency is the basis for enterprise security leadership.

“You cannot govern risk across regions and business units without understanding how that risk manifests at the store level, within supply chains, or through human behavior,” Maples says.

For her, that foundation began at the ground level.

“The store detective role was invaluable training,” she explains. “It developed leadership. It honed instincts. It gave me the skills to communicate and talk to people.”

“In the early years of loss prevention, there weren’t very many women,” Maples recalls. “But there were a few who were ex-law enforcement, investigators who inspired me. I wanted to be like them.”

Those women set the standard. They were seasoned, instinct-driven and operationally sharp. Maples was young, learning quickly, absorbing everything.

“They were great mentors who fueled my passion,” she says.

Earning authority the hard way

Years later, I experienced a version of that imbalance myself.

In 2004, at my first National Retail Federation trade show, I was representing Security Resources. I understood my role well. What I was still discovering was how expansive and interconnected the security ecosystem truly was.

The scale of the show impressed me. The gender ratio did not. Women were present, but we were clearly outnumbered. At the time, many people equated security with physical presence. A guard in uniform. A perimeter check. I had once thought that, too.

I was standing at our booth when a prospective customer approached with several technical questions. I knew the answers. Instead of directing those questions to me, he addressed a male colleague.

I was invisible in my own booth. It was awkward. But it was more than that. It was a revelation. I could have written it off as bias and left it at that. But I decided to do something different. I followed up with him. I started conversations. I showed consistency.

After we developed a working relationship, he finally acknowledged that he’d assumed certain things about me because of my gender. It didn’t define my career. It sharpened it. It reinforced one of the key principles of my leadership philosophy: security influence is earned through skill, through responsibility, and through performance.

That pattern of depth preceding recognition is one I see repeatedly among women who’ve shaped this industry.

Cathy Langley’s career is proof of it. Today, she serves as Senior Leader, Asset Protection at Solink, a role she’s held since 2022. Before joining Solink, she spent nearly 34 years at Rite Aid, rising from file clerk to Vice President of Asset Protection.

That trajectory matters.

She witnessed asset protection evolve from a primarily shrink-focused function to an analytical discipline grounded in data, trend modeling and predictive mitigation.

At Solink, she’s now working on the other side of the same coin. The Solink platform integrates operational data with contextual video, turning activity into actionable insight. Companies can see what happened, why it happened, and act on it.

“Asset protection used to be about reacting to loss,” notes Langley. “Today it’s about identifying risk signals early and using data to guide smarter operational decisions.”

In her current role, she supports major enterprise accounts navigating labor pressures, organized retail crime, margin constraints and multi-location complexity. Analytics are no longer retrospective scorecards. They inform staffing models, vendor performance and regional resource allocation.

Authority follows fluency.

“What was once primarily a shrink-focused function has become analytical and predictive,” says Langley. “Data now informs both forward-looking risk mitigation and retrospective reporting. Security leaders are expected to analyze complex datasets, identify patterns, and translate insight into decisions that impact operational continuity, labor allocation and margin.”

Where risk meets governance

Security decision-making is no longer confined to field-level command structures. It resides in enterprise conference rooms, within contract negotiations, throughout governance reviews and across operational ecosystems where execution, accountability and trust carry measurable consequences.

One such example is that of Julie Fraser, Vice President and Head of Legal at Protos Security. When she joined the company in 2022, there was no formal legal department. Soon, her responsibilities not only included reviewing commercial contracts but also litigation, claims, crisis management and licensing for the rapidly expanding, acquisition-driven platform.

Initially, the legal department consisted of Fraser and a paralegal. Today, the department has grown into a team of eight, primarily women, managing the commercial, litigation and regulatory functions of the business.

“If I didn’t know the business, I wouldn’t understand the risks,” Fraser says.

That reality defines modern security leadership. Governance isn’t adjacent to operations. It’s embedded in delivery.

“Issues such as contractual obligations, licensing, employment laws and regulatory requirements are no longer separate concerns,” Fraser explains. “They’re integral to the delivery process. When an incident happens, the consequences are operational, legal, reputational and financial all at once.”

The traditional narrative about women in security often emphasizes entry and ascent. Women are “entering the field.” Women are “rising through the ranks.” Women are “breaking barriers.”

That framing no longer captures where influence truly resides.

These days, the most important security choices are not made at the edge of a badge. Discussions about risk transfer, vendor performance, regional resource allocation and acting responsibly amid incomplete information are examples of how those decisions are made.

In these environments, women aren’t symbolic participants. They’re operators and architects of the systems that make enterprise security viable.

Overseeing national enterprise security programs has made that reality unmistakable to me. The work is rarely visible or glamorous. It calls for expertise in labor markets, technology platforms, risk modeling, client economics and compliance frameworks. Vendor networks, geographic complexity and internal stakeholders demand constant alignment.

Programs are now visible to the C-suite in ways they were not a decade ago. Security leadership is now centered on individuals with the ability to weave together operations, governance, technology and human intelligence in real time. The key skills are those of orchestration, accountability and contextual decision-making.

On any given day, responsibility may span hundreds or thousands of sites, each with distinct risk profiles and operational constraints. A retail environment grappling with organized retail crime presents one set of challenges. A logistics facility navigating labor volatility presents another. A corporate office managing an insider threat presents yet another.

What unites them is complexity and interdependence. There’s no room for ad hoc decision-making. Staffing models intersect with labor availability. Vendor performance affects contractual exposure. Technology infrastructure shapes response time. Legal limitations define escalation pathways. A misstep in one area reverberates across the program.

Authority is put to the ultimate test here. In this field, leaders frequently must make decisions based on incomplete information. To stabilize one area, should resources be moved to another? Should a vendor be held accountable at the risk of short-term disruption? Should an issue be escalated internally despite potential political friction?

There’s rarely a perfect answer. What guides those decisions is judgment grounded in context and an explicit understanding of consequence.

The quiet shift in power

Clients, in these moments, are not looking for spectacle. They’re looking for reliability. They value leaders who anticipate friction points, who see how failures propagate through systems, and who act decisively before issues surface at the board level.

That’s the work. And that’s where modern security leadership resides.

I still think about that early trade show moment.

It seemed like a minor slight at the time. It was a catalyst in hindsight. It forced me to learn more about the industry outside of my current position. I studied licensing structures, escalation protocols, post design, vendor economics and regulatory frameworks. I sought fluency across the ecosystem rather than expertise within a narrow function.

Over time, the need to prove that I belonged receded. The focus shifted toward ensuring that programs functioned, that clients trusted the outcomes, and that systems held under pressure.

There is a certain quiet confidence that comes with operational literacy. When you know the mechanics well enough, you don’t have to compete for attention. You add value because you can accurately diagnose risk and align the moving parts.

When I walk trade show floors today, I still notice the ratios. However, I also see a more significant change. Discussions about enterprise risk, analytics and governance are being led by women. They’re establishing strategic directions, managing multi-region programs and drafting contracts.

I questioned the whereabouts of my people 20 years ago. The question seems out of place today.

Women in security aren’t waiting to be invited into leadership. They’re already embedded in the systems that define it. They’re shaping risk strategy, integrating governance with operations and strengthening enterprise resilience.

The industry may still talk about barriers. The operational reality is different. The leaders are already here. And they’re running the system.