Cyber security is a thriving industry that’s so cutting-edge that employers are having trouble filling job openings. In an ISSA report titled “Resolving the Cybersecurity Workforce Shortage,” Senior Information Security Officer Kerry Ann Anderson of State Street Global Advisors put it succinctly.
“The cybersecurity field is currently experiencing a growing shortage of practitioners with over a quarter-million positions remaining unfilled in the US alone and a predicted shortfall of 1.5 million cybersecurity professionals by 2019.”
This problem is only made worse by the lack of women working in the field. According to the 2017 Global Information Security Workforce Study, only 11% of cybersecurity professionals are women. Looking only at North America, the same study finds that women make up 14% of the cyber security workforce.
We Need More Women in Cyber Security
Right now the industry has a huge demand for new workers, and we need more of them to be women! It’s not just good for teams, it’s good for business. According to a 2015 McKinsey report, companies that were “in the top quartile for gender diversity were 15% more likely to have returns above the industry mean.”
That’s why, as Women’s History Month draws to a close, we wanted to encourage women who’re interested in this growing field and offer them some advice from women in technology or cyber security roles. Let’s take a look at 10 pieces of excellent advice for women in cyber security.
Ann Barron-DiCamillo, Vice President, Cyber Threat Intelligence & Incident Response, American Express
Embrace new work opportunities or experiences as they come to you – they might be quite outside of your ‘job duty’ but these are the kinds of events that can lead to a new and exciting career opportunities you hadn’t considered.
Also, I’d say get experience, exposure or knowledge in the five foundations to become an effective cyber analyst or operator:
- Computer basics, including how computers work to virtualization and networking
- Linux fundamentals
- Windows fundamentals
- Programming including Python, HTML, Java
- Security basics from buffer overflows to SQL injections to the basics of finding anomalous network activities
Meg Layton, Director of Engineering, Cyber Security Services
The number one piece of advice is to be flexible. Technology moves so fast — each new innovation leads to new opportunities: opportunities previously unexplored or even unimagined. The career that I have now did not even exist when I started out in this world. If you remain flexible, you can take advantage of opportunities that come your way.
Lisa Kostova, Senior Director of Product, Entelo
Believe in yourselves. Ask for forgiveness, not permission. Go out, build stuff, break stuff and state your ideas and opinions with confidence. And remember – those doubts and fears, they’re just in your head.
Nora Mullaney, Software Engineer
Don’t be intimidated by those who seem to know more than you. It’s very easy to techno-babble at someone and seem intelligent. Never be afraid to ask questions if you don’t understand something. It’s a great way to learn. If the person you ask can’t/won’t explain, it’s likely he/she doesn’t really understand.
Niloofar Howe, Life Member, Council on Foreign Relations
There is a lot of fodder out there about how hard it is to be a woman in technology. Ignore it. Those issues exist in most industries, especially ones that are male-dominated— law, banking, finance, etc. Human beings are flawed, and so any organization run by us will be inherently flawed. That’s okay. Don’t focus on flaws because there is no perfect organization. Instead, live at the intersection that maximizes your ability to work on things that excite you and people who inspire you. If that is in the tech sector, fantastic. We need diversity in tech— not because it’s a social good — but because diversity drives innovation, diversity drives productivity, diversity leads to better outcomes, and importantly, diversity leads to a better organizational culture.
Caroline Wong, Vice President of Security Strategy at Cobalt
Women in this field say it’s actually fun, and they’re having a good time. They are feeling they are doing meaningful and impactful work and it’s deeply satisfying to them. You don’t necessarily have to have a computer science degree to contribute
Megan Garcia, Senior Fellow New America, Director of New America CA
One of the biggest lessons we try and share via New America’s Women in Cybersecurity Project is that there are so many different types of jobs in the cybersecurity and information security fields. There are lawyers, communications people, policy experts, marketing professionals, along with engineers and [people in] more technical roles. And we know that the narrow stereotype of a guy coding in a hoodie keeps many women from thinking they might thrive in the field, when at the same time, so many companies need people and are actively trying to recruit women.
Rinki Sethi, Director of Information Security at Palo Alto Networks
When you are new, you kind of feel lost. You get most of your experience in your first job, but when you look to the left and right and nobody looks like you, you are already intimidated. If you are new to cybersecurity, whether you’re looking for technical mentorship or peer sharing, seek out those people with whom you can meet and share stories. It could be someone you are working with that you can meet with to talk through successes or challenges. Approach somebody and let them known that you’re new or mid career. It could start even as a friend, any of those people you naturally gravitate toward, or somebody in a leadership role.
Any question you ask, whether it’s in a new role, working on a new project, or asking for a raise, you are taking a risk. Because of the possible no, women tend to not ask the question. Put yourself out there, take risks. If you are a woman who is not putting yourself out there and willing to take risks, It’s on you. You have to ask yourself, ‘Why am I not asking that question? What am I afraid of? What kind of risk am I taking here?’ The worst thing that is going to happen is that someone says no.
Michele Guel, Distinguished Engineer and Chief Security Architect
When I talk to female cybersecurity professionals at industry conferences and gatherings, I often tell them to “Be bold!” Don’t be afraid to send that initial email to a company leader, go to a networking event or volunteer to be a speaker at a local school or college. The process of achieving the mission at hand – tackling the gender imbalance while elevating our leadership roles in cybersecurity – begins with us.
Haiyan Song, SVP Security Markets, Splunk
The best way to break stereotypes in tech is to be comfortable in your own skin. The confidence you carry allows people to focus on the merits of your opinions and contributions. To help women break into the security industry, we need more female role models to step up and show that there are no gender-specific qualities that make a cybersecurity professional great at their job. Female cybersecurity professionals who are looking to help close the gap should offer their wealth of experience to others and mentor them through the challenges of breaking into a male-dominated industry.
“Go out, build stuff, break stuff…”
There is a clear need for more talent in tech and cyber security. By encouraging more diversity in tech, we get qualified individuals from different backgrounds who can help us solve the problems of tomorrow and stand against the wave of cybercrime sweeping the world. So, as Lisa Kostova said, don’t be afraid to go out, build stuff, and break stuff.
We wanted to give a big thank you to all of the women who appear on this list. You inspire us! As more and more people seek training to become cyber security professionals, we hope that more women will take the leap and join the cyber community.
Is there a woman in tech that we missed who inspires you? Let us know in the comments below!