The Importance of Recruiting Women into Cybersecurity
One of the factors driving the frequency of cyberattacks is the lack of qualified cybersecurity professionals. The demand for these professionals is huge in both private and public enterprise. Yet the available supply is very limited. Worse, there are not adequate numbers of candidates coming out of higher education. That means staffing will continue to compromise cybersecurity for some time.
This is important to keep in mind when assessing the number of women working in cybersecurity. They make up only about 10 percent of the cybersecurity workforce, and those numbers are consistent with college enrollment rates. Now and into the near future, women have been largely marginalized from cybersecurity.
Diversity in cybersecurity has historically been a problem. Companies have avoided recruiting women. And when women have been hired, companies have done little to retain them. As a result, many women in cybersecurity have experienced burnout, career stasis, or toxic culture. The number of women entering the field is too low, while the number leaving is too high.
It’s important for all companies to commit to gender diversity. But even without that argument there are compelling reasons to recruit lots more women. Unless they begin entering the field in mass there will be a severe deficiencies in expertise. Organizations will have an even harder time finding cybersecurity staff and suffer from more incidents as a result.
Now is the time to get serious about creating pipelines of women into cybersecurity. The other half of the effort is creating a culture that is professionally supportive. Here are some strategies to improve both efforts:
- Start Early – Programs aimed at young girls provide early exposure to cybersecurity and spark initial interest. That ensures girls continue to seek out cybersecurity majors at the college level. In order to create lasting gender diversity there must be outreach to women/girls at all ages.
- Improve the Image – When most people think of cybersecurity they picture an anti-social tech bro. The image is unflattering at best and overwhelmingly masculine. Computer science is not a career path that enough young girls consider, and cybersecurity is even rarer. That is, in part, because girls have few role models in the industry. Young women need to begin seeing other women working and thriving in these roles.
- Expand the Field – Cybersecurity is also seen as overwhelmingly technical, when in fact it encompasses a lot of things. For instance, cyberattack insurance is one of the fastest growing coverage options. Showing girls how vast and varied the field really is helps to attract more women with wider interests.
- Create a Culture – The culture of cybersecurity is quite simply hostile to women. They are excluded from speaking opportunities, management positions, and fair compensation in many cases. There is also little effort in the industry to support or develop female professionals. The number of women in the industry will continue to lag unless the standard bearers put a real priority on diversity.
Ignoring women in cybersecurity is a lost opportunity. Until the industry is open to all it will never provide the complete protection it promises.