With International Women’s Day coming up tomorrow, there’s never been a more urgent need for the cybersecurity industry to fill its 700,000 vacant roles than right now. With economic pressure leading companies to consider thinning their security teams to save money and cybercriminals seeking to take advantage of easy access to malware-as-a-service, the world needs as many talented professionals as possible to defend and protect our digital environments.
That’s why it’s so important to shed light on the fact that only 24% of cybersecurity jobs globally are held by women — and start a dialogue about how we can encourage more women to enter the most exciting and fast-paced realm of technology.
As a woman in cybersecurity, I know firsthand the difficult time woman have breaking into the industry. I found my passion for security through a chance internship that didn’t pique my interest before I fell into a security-focused team. Although security quickly became a strong passion, it took several different jobs to determine what I wanted out of a security role, whether it was compliance, incident management or security operations center management. Like many other talented women even today, my professors and counselors encouraged me to foster my knack for mathematics as a school teacher, rather than a cybersecurity practitioner or any computer science-oriented role.
While cybersecurity has become a more established industry now than it was when I broke into it, I know that we as professionals can do a better job of encouraging detail-oriented, curious and motivated people to try this industry. Cybersecurity has a vast number of different specializations and roles one can work in and people from non-technical industries can make the jump. I know former baristas, lawyers, hospitality workers, military veterans, culinary arts professionals, and chemists who’ve found engaging and successful careers in cyber. It’s an opportunity that we as an industry are missing out on when we don’t encourage women to join us.
We can start by celebrating the critical role that women already have across the industry. At conferences, talks, and meetups, everyone in the industry has a responsibility to showcase that it’s not just an “old boy’s club” like the early days of Silicon Valley and that everyone can find a home here. Think about hosting community events and creating online groups to connect women in cyber with one another. Not only will it help all genders from diverse backgrounds become interested and recruited into cyber, but everyone will make such interesting connections, and build life-long relationships that expand your network.
Strong women-led networks coupled with supportive male allies help security organizations create strong cultural foundations of diversity, equity, and inclusion that otherwise might stop at meeting hiring quotas, and help executives realize that they can’t just focus on getting talent in the door. If a company alienates and isolates talent once they’re hired and don’t support them, then they’re not building to anything greater, and women and underrepresented groups may not feel they have the ability to speak up without repercussions.
Seeking out mentors and mentorship opportunities is a great way that organizations and individuals can ensure that women are supported and heard outside of their everyday work roles, and can help people who are new to cybersecurity develop career goals and figure out what kind of impact they want to have on their team and the profession. I support the notion that a colleague once shared: Everyone should create their very own "board of directors" that they leverage for mentorship over their career. Education for the workforce about what inclusion looks and feels like, recognizing those that become strong allies, and supporting diversity, equity, and inclusion initiatives are all movements that recognize and will reap the long-term rewards of this investment.
As we all know, no two days in cyberspace are alike, and even the best organizations and individuals have to persist through hardships. The work to improve diversity and women-led cybersecurity operations won’t happen overnight, and we can’t place that responsibility on the shoulders of just a few well-known advocates. Much like building a security operations center, think of making cybersecurity a level playing field for all as a team sport. Bring all allies, mentors, relationships, boards, training experiences, and let’s take the field. It’s more than time.
Lisa Tetrault, vice president, global security operations, Arctic Wolf.