As the world celebrated womanhood and women’s contribution to society on International Women’s Day, we at CISO MAG decided to devote the month of March to all the women in cybersecurity. The purpose of this article is to highlight the role of women in the industry and address several issues they face. This was in the light of the revelation that women’s representation in cybersecurity has been less than a quarter and has remained that way for almost a decade, if not more. Most of the problems faced by women can be traced back to the earliest days of their education, where stereotypes begin.
Here’s what the women in cybersecurity have to say on gender disparity, representation, and diversity in the industry.
1Debra Danielson, CTO, Digital Guardian
“I’ve been very involved in efforts to increase the participation of women in tech for more than 15 years, and while there have been some successes, we haven’t made enough progress. When it comes to increasing diversity in the industry, it’s still largely male and white. Women and minorities are either not choosing the field or are not staying in the field. Women make up between 11 and 20% of the global cybersecurity workforce, suggesting some progress is being made, but women are still paid less, promoted less, and hired less. The research out there is massive, and frankly, sometimes overwhelming.
So, what can companies do to support and progress the careers of women working in technology? First, stop and take a hard look at your numbers. Create a framework identifying established biases backed by empirical science. Shine a light on them so that when subtle (or not so subtle) bias behavior is exhibited it can be called out. Enroll men in the calling out process too. Some of the greatest proponents for increasing the participation and success of women in tech have been men. Fathers can be deeply committed allies, as they work to ensure that their daughters get a fair shot at the success they’ve had.
We all have biases, and these societal gender roles are deeply, deeply ingrained into all of us. It’s not just men that discriminate (consciously or unconsciously) against women. Women do it too. Think about how you change the system to balance the bias. Be really clear that this isn’t giving a “leg up” to a less deserving woman (to the disadvantage of a man), but it is a way to level the field and flatten the “leg down.”
We can all do a lot more than we realize to minimize and mitigate bias and prejudice. Think about how you recruit, manage, or simply carry out your day job. Don’t assume: research, educate and inform. Look for ways to challenge and change.
2Jessica LaBouve, Solutions Architect, Bishop Fox
“The cybersecurity industry knows there is a shortage of qualified security professionals, which means there’s too much work to go around to remain the same exclusive boys’ club. Fortunately, this growth is leading to a steady uptick in inclusion events and scholarships. Companies are realizing this more welcoming culture shift is key to building and retaining a talented, diverse workforce capable of keeping up.
A good start to getting more women involved in the industry is working with programs and organizations that encourage young women to become passionate about technology. For example, the Girl Scouts have a STEM weekend program that I’ve been involved with in the past. As for young women aiming to enter the cybersecurity field, I suggest finding a supportive network, community, or mentor they trust. This industry can be overwhelming and hard to navigate on your own.”
3Sigalit Shavit, Chief Information Technology Officer, CyberArk
“The people that the industry looks for in cyber are curious, versatile, and can handle varied professional challenges with aplomb. The background that is a good fit is often IT systems engineering, but people with this skill set will often move to the next hot area of IT; DevOps has been a popular choice in recent years. So, in cybersecurity, for it to be an attractive development path, employers need to create that same buzz.
Cybersecurity as a discipline is starting to come through in secondary and tertiary education, but we need younger kids to say that they want to be in cyber. Coding is now taught in many junior and middle schools and smartphones are everywhere once children get to be 11 or 12, so that familiarity with technology is already there. Cyber could and should be put into the same context as teaching children about how to stay safe online. Ultimately, we need to get to boys and girls while they remain unbiased about what they want to do later in life and make cyber an exciting career choice.”
4Heather Ricciuto, Talent Outreach Program Manager, IBM Security
“With three million unfilled jobs in cybersecurity globally, we must open up the aperture on the search for talent. By focusing on skills and expanding pathways to good-paying jobs in cybersecurity through new collar programs like P-TECH, apprenticeships, veteran hiring, and tech re-entry for women, not only can we build a strong talent pipeline, but we can build a more diverse and inclusive workforce.
Promoting inclusion: A focus on diversity and inclusion includes attracting and retaining more women in cybersecurity. Before the global pandemic, we had a gender gap. In the wake of the global pandemic, women have exited the workforce by the millions. We believe that a focus on skills and flexibility can help keep women in the workforce and bring those who had dropped out back into the workforce.
At IBM, we are focused on equipping both students and professionals from a variety of backgrounds and education levels with the in-demand skills needed for a career in cybersecurity. Promoting diversity and inclusion in our workforce helps us ensure that innovations benefit the many, not just an elite few—which is one reason why IBM has partnered with Hacker Halted in recent years to sponsor free attendance to the annual conference for women and veterans.”