The Gender Gap in Cybersecurity Can, and Should, Be Closed
There are huge, growing demands for a modern cybersecurity workforce in both the private and public sectors; there is also a significant shortage of skilled professionals. There is an especially wide gender gap in cybersecurity and in many technology jobs as well, but this is a gap that can, and should, be closed.
Cybersecurity does not need to be a mostly male domain. As we continue to evolve into the new digital era, new opportunities arise and the real task is outreach and effective communication to bring women into the emerging cybersecurity career realms.
Last year, (ISC)² published a study, Women in Security: Wisely Positioned for the Future of InfoSec, which surveyed nearly 14,000 professionals worldwide and revealed that the InfoSec workforce was predominantly male. In fact, only 10 percent of information security professionals were female. That means that a majority of women who are, or can be, skilled cybersecurity workers are an untapped group.
An excellent article in Forbes highlights the gender discrepancies:
The small representation of women in cyber is a big opportunity for them to enter a field with a severe labor shortage. There are one million cybersecurity job openings in 2016. More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74 percent over the past five years, according to a 2015 analysis of numbers from the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford University Journalism Program. Demand for cybersecurity talent is expected to rise to 6 million globally by 2019, with a projected shortfall of 1.5 million, says Michael Brown, CEO at Symantec.
The good news is that a great number of cybersecurity job opportunities exist and the numbers are growing. Indeed, it is a huge market: Cybersecurity Ventures recently reported worldwide spending on cyber defense products and services is forecasted to exceed $1 trillion for the 5-year period from 2017 to 2021. The market expansion will add to the cybersecurity workforce shortage, which is expected to reach 1.5 million cybersecurity job openings by 2019, according to the most recent Cybersecurity Jobs Report.
The challenge at hand, to ameliorate the shortage of cybersecurity professionals and close the gender gap, requires that we educate, train and facilitate women to fill the pipeline for a qualified information security workforce.
There are a variety of organizations that provide education and certifications, including CompTIA, (ICS)², the National Cybersecurity Institute (just a sampling of a very large list) and many colleges and universities.
It is important to attract future cybersecurity professionals at an early age. STEM programs are extensive and there are many new programs associated with schools aimed at attracting females to science and computing at early ages. I concur that part of the problem is a cultural mindset that males are more destined to be scientists and programmers. It is a mindset that can be changed via STEM and education. The barriers can be brought down.
In order for the gender gap to disappear, society has to change its ideas on women’s true place in American society.
Women provide a diverse perspective to a workplace dominated by male personalities. No one sex is superior to the other when it comes to the ability to design, develop, innovate, research, etc.; these are key traits of individuals in STEM fields. Our nation needs more women in technology professions such as programming, engineering, information security and management disciplines. Research is also dramatically lacking in gender diversity, which hurts our ability overall to innovate and develop breakthrough solutions.
There have been numerous attempts at explaining why there is such a massive gender gap between men and women in STEM fields. Explanations include biology (which is nonsense), a lack of interest in school age children, the “leaky pipeline” excuse and general stereotypes, amongst others.
Organizations—such as The Franklin Foundation, where I am an advisory board member—believe the only reason why the gap exists is because society and our schools have yet to support a different model.
Girls are not encouraged to become programmers; rather, they’re taught to become housewives. They’re not pushed to become neurosurgeons; instead, they’re guided toward nursing. You do not see commercials enticing young women to go to school to be physicists, but it is nearly impossible to miss ads promoting beauty schools and vocational nursing programs. In order for the gender gap to disappear, society has to change its ideas on women’s true place in American society, which is in lock-step with men.
These are the kind of programs and initiatives that need to be replicated globally. An exceptional program to is The Women in Cybersecurity Initiative, which was created in 2013 and provides a “continuing effort to recruit, retain and advance women in the field of information security. It brings together students, faculty, researchers and professionals to network and share experiences and knowledge,” according to its website.
Another excellent program run by The SANS Institute, is called the Cyber Talent Immersion Academy for Women. The Institute provides accelerated training and the certification program offers women a fast track to top jobs in cybersecurity. Qualified candidates complete SANS’ intensive world-class training and earn GIAC certifications at no charge.
Companies have also joined in the efforts to create a more diverse workforce that includes women with specialized programs and scholarship opportunities. Many Fortune 500 companies have such programs. As companies create this outreach, they should also expand this mindset to their recruiters to connect goals to company information security functions.
These and other similar efforts need greater publicity, marketing and accessibility. They can be a basis for helping balance gender inequality in the cybersecurity workforce. The field of cybersecurity needs to be advertised as encompassing opportunities for both genders. Cybersecurity is coding, but it is more than that. It also incorporates executive management, policymaking, diplomacy, marketing research, compliance, intelligence, technology foraging, communications and thought leadership as elements of the discipline. It can be very financially rewarding, with flexible employment on-site or remote, and most of all, it is integral to our digital future.
There is something there for everyone, and women need to be a key part of the cybersecurity employment equation from any aspect or perspective they choose.
This piece first appeared on ITSecurityplanet.com.