The cybersecurity industry is resource-strapped with respect to skilled labor. There is simply not enough talent to fill critical holes.
According to recent a report by the industry’s largest security certification body, (ISC) 2, the information security field will experience a 1.5 million deficit in professionals by 2020. Yet women, who could help fill that gap, are sharply underrepresented, comprising only 10 percent of the global workforce — a number that’s remained stubbornly static for years.
The issue is not education. The study showed that women are closing the gap on men with respect to computer science and engineering degrees, and they have a higher concentration of advanced degrees — 58 percent versus 47 percent globally. By taking advantage of the growing interest among women in technology today — and encouraging even more interest tomorrow by reaching out to teenagers and young girls — industry leaders could significantly address the workforce shortfall.
Female recruits also bring a vital, fresh perspective and approach to cybersecurity’s complex challenges.
Gaining a broader perspective
Solving cybersecurity challenges requires a mix of skills that aren’t adequately represented by a single, homogenous group. This includes technical knowledge, critical thinking, project management, understanding of organizational behavior, planning and communication abilities. Diversity of thought brings organizations fresh points of views and guards against “groupthink” and “expert overconfidence,” which can limit creative answers to problems. Those perspectives can inspire new thinking about how to defend against the complex, advanced attacks that threaten businesses today.
Leveraging critical soft skills
(ISC) 2 research shows that companies need to look beyond technical skills during the hiring process because those skills alone don’t fully address the nuances around cybersecurity management. Women are likely to be better at collaborating across multiple stakeholders. They are careful at managing business objectives and risk management in cybersecurity. And women tend to be more progressive around training methods, offering increased accessibility and a wider variety of opportunities to improve retention and employee success.
Attracting top female talent
To gain the advantages women deliver, the information security industry needs to think about recruitment in the long term.
The general perception among women that cybersecurity is a “man’s world” stubbornly persists. Because of that, younger women need extra encouragement and support if they are going to be convinced such a path is for them. To overcome this and begin filling the female talent pipeline, young girls need more access to things like computer camps or girl-centric programs such as Girls Who Code. This exposure can set off a positive chain reaction to tech-related degrees.
Cybersecurity career paths and opportunities should also be promoted through career counseling in schools — as early as junior high — and regional organizations should be offering internships. Community colleges are well-positioned to work with private sector businesses to encourage this. The industry would also do well to run image campaigns that spotlight women in security and IT fields, giving young women role models and a view into career possibilities.
Once inside the industry, programs that pair junior talent with seasoned sponsors — male or female — would support career advancement and boost retention. And, companies must understand that women are looking for more than just salary incentives. A combination of monetary incentives, flexible work arrangements, training and continuing education is highly appealing to female cybersecurity talent, according to (ISC) 2.
Capitalizing on a growth opportunity
Across industries, growing organizations are building increasingly large and complex networks to support new business services, and cybersecurity has emerged as a critical strategic focus. Gartner estimates that IT security spending will soar from $75 billion in 2015 to $101 billion in 2018, reflecting a 35 percent increase. This directly correlates to the explosion of cybercrime costs, which are expected to quadruple from $500 billion in 2015 to $2 trillion in 2019. With this increase in spending, the cybersecurity industry presents an attractive opportunity for women looking for stable employment and high wages for the foreseeable future.
Recruiting more women into information security is a win-win. Women are assured of an exciting, stable and cutting-edge career path, and businesses looking to stay ahead of the security curve get a much-needed source of highly educated talent. This not only helps alleviate the labor shortage and skills gap, it broadens perspectives within the security team, strengthening program strategy and the ability of the organization to defend against the onslaught of the advanced cyberattacks.