I don’t normally accept guest posts, but in this case, I wanted to get a perspective from someone trying to help solve diversity issues at a grass roots level. Without any further ado, please enjoy this guest post from Jodie Nel the event organizer for Cyber Security Chicago.
From financial services to the healthcare industry, organizations across the country are racing to close industry-wide gender disparities. Unfortunately, the cybersecurity industry has been slow to up its diversity efforts.
In fact, women comprise only 11 percent of the global information security workforce, where there have been select instances of women being underpaid compared to their male counterparts and experience some form of discrimination at work. Aspiring female cybersecurity professionals need to overcome a number of barriers to entry — whether it be lack of role models, wage disparities, or discriminatory behavior in the workplace.
Given 1.8 million cybersecurity roles are expected to go unfilled by 2022, this gender gap is particularly disheartening as the demand for skilled security experts is quickly surpassing supply. The industry must proactively attract, retain and develop female security talent or this divide will continue to grow.
The Invisibility Factor
Although it’s considered to be one of the most progressive fields, the cybersecurity industry has fallen behind when it comes to diversifying the workforce. Commonly viewed as a “boys club,” the security industry has long discouraged women from even considering a career in the field. According to a study by the Center for Cybersecurity Safety and Education, 51 percent of women in cybersecurity in North America and Latin America have indicated that they have experienced multiple forms of discrimination. As for the women who have broken into the industry, they did so by going to much greater lengths to prove their ability and skills. What’s more, women in cybersecurity were found to be more educated than their male counterparts, with 51 percent of women entering the profession holding a master’s degree or higher.
Visibility, or a lack thereof, is one of the underlying reasons for the shortage of women in technology. Because security teams are frequently perceived to be boys clubs, women on the job hunt are often dissuaded from pursuing a career in such a male-dominated industry. The few women who do have a spot in the field are often left out of high-priority projects that could raise their profile both inside and outside an organization. With limited access to projects and public-facing opportunities, female security pros face a number of challenges when seeking upward mobility.
Further, this invisibility deters women from attending and leading keynote sessions at industry-specific conferences. Although many cybersecurity events are in need of female speakers, these sessions demand high-level and well-known industry leaders. From an event organizer’s perspective, sessions can’t just hire a female speaker for the sake of diversifying a conference panel, as event organizers must recruit high-profile speakers with the technical know-how to engage attendees. That said, recruiting just any female speaker isn’t enough, and can even appear condescending or a form of tokenism.
With this in mind, several cultural shifts must occur within security organizations in order to raise the profiles of their female employees.
Raising Profiles in a Male-Dominated Field
Although the gender disparities in the cybersecurity industry are increasing, there are several steps women can take to begin reversing this issue. Holding open office hours and providing mentorship can help more junior women lay the foundation for their cybersecurity career paths. Women can also get more involved with their company’s public relations and/or marketing teams to take on media opportunities whenever possible. Gaining media exposure can help women become well-known thought leaders in their area of expertise.
Beyond increasing visibility, women can inspire one another to pursue a career in cybersecurity by debunking the field’s persisting stereotypes. The media and public perception often suggests only men with technological backgrounds have access to cybersecurity positions. However, this is far from the truth. The problem is that many job-seekers are unaware of the non-technical careers that fall under the large umbrella of cybersecurity. For example, security architects and social engineers don’t necessarily require prior technology or security experience, but have proven valuable roles in the cybersecurity space. Rather than viewing this challenge as an obstacle, organizations should see this as an opportunity to partner with educators to teach girls at younger ages the benefits and opportunities of joining the cybersecurity workforce.
Women in cybersecurity must proactively increase their visibility to achieve gender equality. Whether it’s dispelling stereotypes or seeking out public speaking opportunities, women in cybersecurity can diversify the industry and develop much-needed talent.