Story image

Women in cybersecurity: Slowly but surely, change is coming

24 Apr 2017

Many industries are working hard to even-up gender disparity within their fields – and with good reason. Not only do companies with a more diverse workforce offer a more obvious level playing field for new recruits; studies have found that diverse workplaces are more profitable, productive and have greater levels customer satisfaction.

These findings make it all the more concerning for the information security industry, in which only 11% of positions in the global cybersecurity workforce are occupied by women.

In an industry that is also facing a recruitment crisis, with 40,000 of the 128,000 positions opening in the US annually remaining unfilled, it is clear that more needs to be done to address the cybersecurity gender gap as well as increase industry recruitment levels in general.

An image problem

Despite being by definition a forward-thinking industry, it remains a male-dominated profession. And, as highlighted by the Center for Cyber Safety and Education’s (ISC) Biennial Women in Cybersecurity Report, the workforce gap is “expected to reach 1.8 million by 2022”.

This is no small problem, as Lysa Myers, a security researcher at ESET, noted in 2015. Speaking to WeLiveSecurity, she expressed her concern that “there are still just a handful of women in the industry,” a fact she attributes partly to an image problem within the technical industry.

“I think there is an unfortunate stereotype about technical jobs where people are spending all day and night in a dark basement,” she said.

“But that isn’t reality at all.”

Information gap

One of the other reasons behind the gender gap – and recruitment in general – is a lack of understanding about the different roles available under the umbrella of information security.

This lack of understanding of the profession and the possible career paths open to both men and women was also highlighted in a recent report by Raytheon and NCSA cited in a 2015 article by Myers, “which found that the majority of both male and female students are not being exposed to the possibility of jobs in this industry.”

Redressing the balance

Fortunately, several organizations and initiatives have been set up with the aim of redressing the balance. One of these initiatives is ESET’s own Women in Cybersecurity Scholarship, which awards a $5,000 scholarship to a woman pursuing a college level degree and aspiring towards a career in cybersecurity.

Last year’s winner, Chelsie Power, is now working as an information security analyst, as well as studying for her Master’s Degree in Cybersecurity at Cal State University, San Marcos.

She says: “The award was incredibly helpful in that it paid for my books, additional training materials, and some tuition. It more than validated my career choice, giving me the confidence to keep honing my skills as an information security analyst.

“I think any field benefits from a diverse workforce to leverage broader perspectives, especially in cybersecurity, where cyberthreats and attack vectors are increasingly creative and sophisticated.”

Other organisations aiming to redress the balance and improve recruitment rates include the US-based National Center for Women in Information Technology, and Girls Who Code, which aims to educate and inspire high school girls to pursue careers in computing.

Routes in

While the perception may be that those wishing to pursue a career in cybersecurity need to have a technological background, this is not necessarily the case – Myers herself started her career as a florist, moving on to a receptionist’s role, before gaining experience in her company’s virus lab.

A 2015 report written by Myers on Women in Federal Cybersecurity also revealed that several high-profile female cybersecurity experts started their careers in different fields. Nothing is impossible.

Sign of change?

While the percentage of women in cybersecurity security jobs remains low, there are some signs that interest in cybersecurity as a career is beginning to increase.

ESET’s Cyber Boot Camp – a program in which students from San Diego receive five days of intense education in the art of computer system defence – has seen the percentage of girls in attendance rising from 0% to 40% in three years.

Myers also believes that interest in the sector is growing. Speaking in 2015, she said: “More people are realising what a solid, secure and interesting career choice it is, and as more companies are realising how crucial computer security is to their bottom line, there are a lot of different types of people dealing with a lot of different aspects of technology.”

Article by Welivesecurity.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.