International Women in Cyber Day: Why we need more women in the field
This International Women in Cyber Day, you may be fatigued by the countless articles about gender equality and inclusion in the cyber security industry – how to achieve it, how to maintain it and that it is still woefully lacking.
Even in 2024, there are still barriers to being a woman in the cybersecurity field. Once you obtain a role within the industry, in many organisations recognition is not always consistent between genders, and often we must work harder to be recognised as successful in the same role. In recent reports, women only make up a quarter of the cyber security workforce and female cyber security specialists are still paid less than their male equivalents.
When given the opportunity to write on the topic, I felt deflated. A highly skilled, highly motivated friend of mine recently announced her departure from the industry, as she has chosen to lend her skills and talent to another technology field. The cyber security industry demands a lot and does not always cater for the competing societal, familial and economic constraints and expectations placed on women.
I am taking this opportunity to tell my female colleagues that the cyber security industry needs them, and to provide some ideas on what cyber security leaders can do to retain female talent.
The cybersecurity field needs professionals who are resilient in the face of challenges and adversaries; curious enough to keep learning and investigating; and compassionate towards the people behind the systems and information (who we are working to protect). Succeeding in cyber security requires the ability to multitask, face technical and non-technical challenges, accept change and often, do this without an overt thanks (nonetheless - it is rewarding in other ways).
Women embody these traits; simply look to the heroines in ancient mythology! Athena – the goddess of wisdom and strategy, known for her intelligence and tactical skills. Artemis – the goddess of the hunt, known for her strength and her role as protector. Atalanta – a mortal heroine known for her speed and endurance. You could also look to modern history! Ruth Bader Ginsburg – United States Former Supreme Court Judge known for her intelligence and pragmatism. Malala Yousafzai – education activist known for her bravery and determination. Indra Nooyi – Former CEO, PepsiCo known for her strategic prowess. Or even better - look even closer to your female colleagues. Every day we have difficult conversations, manage competing priorities, face high expectations and are cognisant to threats and vulnerabilities as the perceived weaker sex in the world.
Our attributes and experiences as women put us in good standing to succeed in this industry. I have listed mostly the 'soft skills' we bring because it's these intangible soft-skills and emotional intelligence and resilience that are critical and so often neglected in the cyber security industry (but never doubt a woman's tenacity to learn and problem solve, and our technical knowledge and skills.)
The World Economic Forum reports that the main barriers to retaining women in cyber security are long work hours, lack of professional development, imposter syndrome, workplace discrimination and difficulty returning to work after taking time off. Here are some solutions to these barriers:
Encourage mentorship. Access to female mentors and visibility of female leaders in cybersecurity will entice more women to join the industry and provide other women with the support to stay.
Offer leadership opportunities. Cybersecurity Venture analysis of the Fortune 500 companies found 85 had a female CISO - that is a dismal 17%. Be a champion and an ally by giving us a chance to lead, make decisions and deliver outcomes – we do it every day in all other facets of our lives.
Prioritise work-life balance. More than one-third of female respondents (36%) in an ISC2 survey felt that they could not be authentic at work. We all have lives outside of work, so get to know us and appreciate that we have hobbies, friends and families who keep us very busy outside of work.
And, of course, equal pay among all cyber security specialists is key.
To my fellow women in cyber security - when you feel overwhelmed and frustrated, please remember that the cyber security industry needs diversity and the traits stereotypically feminine - compassion, empathy, listening-skills, communication skills and pragmatism. Please remember the cyber security industry and the people we protect need you.