This is part of a running series for #IWD2021. We sat down with women leaders across the industry for a Q&A to get their insights on the state of women in cybersecurity. Recognize Women Leaders in the 2021 Tech Ascension Awards.
MJ Kaufmann - Security Specialist at Saviynt
Jaime Lewis-Gross - Director, Solution Engineering at Saviynt
How has the women workforce in cybersecurity evolved over recent years? Where is it heading?
In 2018, women in cybersecurity stood at around 11%. It was predicted that number would rise to 20% of the global cybersecurity workforce and things seemed on track for that to happen.
Once the pandemic hit, society faced the uncomfortable truth that the bulk of cooking, cleaning and child care responsibilities fell on women. As children had to be taught at home and cared for 24/7 while schools were (and some continue to be) locked down, many women stepped away or slowed the momentum of their careers - not just in cybersecurity - but in a range of fields because of the demands at home. As the world re-opens, whether women continue to gain ground in cybersecurity will depend on many things. The positive forces I see aligning for women in cybersecurity include:
Stronger commitment from companies to diversify their technology teams
More women in leadership positions than ever before
Organizations like Women in Cybersecurity (WiCys) & The Diana Initiative that focus not just on Women in Technology, but specifically on Women in Cybersecurity
Finally, we’re looking at a serious skills gap and it seems like a perfect convergence of forces. We sit at a time when organizations are putting more effort into engaging women and (ISC)2 reports 64% of businesses face an infosec skills shortage, with a 3.1M gap worldwide in positions desired.
Here’s the not so good news: It hasn’t. A recent research study talks about women holding only 25% of the jobs in the tech industry. But it gets worse: That number is even lower than the percent of jobs held by women in technology in the 1980s. And with COVID, a woman with children has seen her responsibilities at home double, pulling many out of the workforce.
So let’s take a step back. Which industries are set to grow the most in the post-COVID world? Three of the top five are Education Technology, Telehealth and Real Estate. Education, healthcare, and real estate. All industries predominantly staffed by women - I love this!
So, how can Cybersecurity — the field with the fastest growing IT careers — capitalize? Cybercrime is the biggest threat to every business in the world, but we’re not attracting women with cybersecurity job titles, like Security Engineer and Chief Security Officer. So what about: Ethical Hackers? Data Detectives? We need to create roles that capitalize on a woman’s professional strengths if we’re to attract women to a traditional technology sector.
There’s a real need and a huge marketing opportunity to create a competitive advantage that no one has filled. What woman wouldn’t want to be part of a brand’s mission that literally embodies the message, “I feel your pain” (regarding the threat of cybercrime) across its company values, work culture and product?
Science has proven that women’s brains show more empathy. It’s the ultimate sales pitch. When do we begin?
What advice would you give to young women looking to enter into cybersecurity?
There are several pieces of advice I'd offer to women entering cybersecurity today.
Know your worth - Don’t accept lower pay, fewer benefits, or work for a lousy boss. Your skills are worth a lot in a critical field with a looming shortage. You’ve worked hard for your certifications and degrees. Don't sell yourself short for fear that you won't get hired in the field - you will. Do your research. Check out the company you are interviewing with. Ask questions in the interview. You are as much interviewing them as they are you. Look for the right fit. Don't take less pay than men with equivalent experience and certification.
Don't be afraid to walk away - A good boss who values your input and offers encouragement and guidance is a large factor in job satisfaction. A boss who doesn't trust you won't give you opportunities to grow and will pounce on you at any sign of failure. Walk away, there are plenty of good positions with people who need your skills and want you to succeed.
Don't be afraid to speak up - The perspective you bring adds a new dimension to the problems you will solve. Your team will be richer because of your ideas. If you get interrupted, take a page from Kamala Harris' book and politely remind them that you are speaking. Don't stay silent for fear of being seen as "pushy" or "aggressive"
Forge your path - Ambition is just as acceptable for women as for men. Pursue those extra certifications. Apply for that promotion. Volunteer for that high-profile project. Never be afraid to shine. Work hard, work smart and always look for that path forward.
Pass it on - As you rise, you'll have opportunities to mentor others. Do so. Provide moral support, encouragement, and when you can, opportunity. Defy the "Queen Bee" or "Mean Girls" stereotypes. Demonstrate true leadership by helping others achieve their full potential. A person who feels appreciated will give you their best. Leaders create leaders. Teach the value of equality and diversity by demonstrating it.
I arrived into the position that I’m in now in a completely non-traditional, atypical way. Steve Jobs ended his Stanford commencement speech with, “Stay hungry. Stay foolish.” That’s good career advice, but I’d like to add another point — stay curious.
I started my professional career in the late 90s at a web design and development agency. I wasn’t in sales, marketing, design or engineering. I was in QA. Talk about a role for those who are curious. So that’s the advice: Don’t be afraid of taking a different path. Stay curious. It all adds up to that moment when you’re in a conference room or Zoom with people eager to innovate — don’t be afraid to share your voice. Our industry needs your perspective. Don’t hold back.
How can we get more women involved in cybersecurity?
Start young. We as a society need to make conscious efforts to cultivate tomorrow's security professionals today. Encourage school-age girls to consider careers in cybersecurity. Developing their aptitude and helping them target the aspect of cybersecurity they can thrive in, whether it be Risk Assessment, Penetration Testing, Incident Response or other aspects of the field. Offer classes that develop skills required to work in technology in a safe environment. Girls Who Code is a great example of a way to start. Building camaraderie among girls based on mutual interest reduces the chance they will feel alienated and give up.
For high-school and college-aged students, promote internships and ‘hackathons’ as a way to offer an introduction to cybersecurity - this is an area that businesses can help. Sponsorship of these programs and mentorship through hands-on experience go a long way toward reducing imposter syndrome and building confidence.
Create the roles women are born to have, rooted in the communication and social aspects of technology. It’s no secret that the language of B2B tech is mostly feature-oriented. Imagine how this impacts an outsider’s understanding of what we actually do and what problem we solve. It’s the companies that speak in natural language with a focus on benefits that can attract women from a wide variety of sectors. We won’t bring in new talent until we’re able to better explain how we’re changing the world.