There is no security without awareness. Truly an inseparable pair!
Over the last week, at RSA Conference 2018, we’ve had the opportunity to talk with you, hear your stories, and discuss initiatives in security awareness. On that note, we’d like to open the dialogue regarding gender parity – or lack thereof – in cybersecurity. It’s no surprise that the cybersecurity industry has long been painted as a ‘boys club’, with very few women in its ranks. Things are changing slowly. Let’s move things along by jumping right into the discussion. Enjoy the read!
***
Johanna Vazzana is currently holding a position as a cybersecurity strategist at a global information security firm. But her journey was long and hard to get there.
Early in her career, Vazzana applied for a technical cybersecurity position. Recounting her experience, she explains how her numerous certifications resulted in the hiring manager telling her: “I’m surprised to be interviewing a mom.”
Vazzana never got the job.
No question that a gender gap has pervaded the technology landscape since its formation, but in today’s technology industry, the gender gap hasn’t gotten any better – gender parity remains low in the information security field. A recent report has found that women in cybersecurity comprise 11% of the global workforce. Is there a correlation between women and a talent shortage? There is: “Increasing the number of women in cybersecurity is not simply for diversity’s sake but for the sake of the industry,” said Ian Glover, President of CREST, a UK-based nonprofit accreditation and certification body representing the IT security industry.
So how do we go about increasing the number of women in cybersecurity? How do we bridge the gap and strengthen gender parity, changing the perception that the industry is sexist or inhospitable to women?
The Importance of Education
Forward-thinking women in cybersecurity are taking a front seat at running events to network and support other women considering entering the information security field. These events help recruit and retain women. For example, AWSN works to connect women in security in Australia and abroad. It supports women who are already in the industry and enables them to collaborate on common projects, along with inspiring the next generation to pursue a career in information security. Similar programs include Executive Women’s Forum (EWF) and She Secures.
She Secures is an online and offline community for women professionals and cybersecurity enthusiasts. The organization’s aim is to grow their community of young African women to bridge the gender gap in cybersecurity. She Secures provides women with a vibrant platform to learn and bond with like-minded women, whether as hobbyist or professionals in the field.
Teaching girls at a young age about cybersecurity via college courses and school curriculum could help put more effort into attracting female talent and women in cybersecurity. For example, the CyberFirst program in the UK, offers girls 11-17 years of age the tools, knowledge, and skills required to build and protect small networks and personal devices. Competitions are held to support girls and boost their interests and skills in a fun way to help them learn about cybersecurity and practice skills in a simulated real-world environment.
Another initiative, Girls Go CyberStart works as a gateway for young women to explore the cybersecurity field. “This program builds a pipeline for young women in cybersecurity,” said Jay Ramsey, State Director of Career Technical Education.
Best-in-class organizations in information security are focusing on hiring women. They provide mentoring programs and are developing a ‘cyber code of conduct’ to facilitate greater gender equality within their companies.
As the future of cybersecurity will focus on IoT, virus screening, logical functioning of connected devices, and securing health data, women have the power to carry these new developments forward and are proving that cybersecurity is no longer just a ‘man’s world’. Take a look at the gender gap within your organization. It may be time to hire and retain some much-deserving female talent and increase the number of women in cybersecurity.
Gender Parity: Words to Actions
Mobilize your organization. Next time you speak to stakeholders, present your case on gender parity in cybersecurity. Learn about the most recent initiatives involving women in cybersecurity. How can your organization play a role in progressively changing the status quo in the industry?
RSA Conference 2018 has served as an excellent platform to discuss important questions. You’ve learned new concepts shaping information security and discovered the latest technology. You’ve engaged in stimulating conversations with security leaders, conference speakers, and panelists on various cybersecurity matters.Now, it’s time to take women in cybersecurity seriously. Are you ready for change?