Challenges and victories women see in cybersecurity
Professionals in the cybersecurity field recognize September 1, 2024, as International Women in Cyber Day.
“Celebrating women in cyber is an important way to recognize the invaluable contributions women make to the cybersecurity industry,” says Lynn Dohm, Executive Director of Women in Cybersecurity (WiCyS). “We’ve made tremendous progress in training and mentoring women in cybersecurity. Now, the industry must work to create inclusive environments that enable women to succeed and advance in cybersecurity roles.”
Progress has been made to elevate women in the field of cybersecurity; yet, there are still challenges in the industry for women. Dohm explains, “Women bring outstanding skills and knowledge to cybersecurity, frequently outperforming their colleagues in all seven NICE categories and at all experience levels. Unfortunately, it is estimated that the number of women in cyber is in the range of just 20% to 25%, a percentage that hasn’t changed in years. Even more concerning, women experience a significant lack of advancement opportunities, and the exclusion rate is higher than in most industries. Indeed, women hit a glass ceiling just six to ten years into their cybersecurity career, despite outperforming peers in communications and network security (60.6%), cyber workforce training and awareness (62.3%), cyber/IT leadership and management (64%), and cyber/IT policy and governance (64.3%).”
The importance of representation in cybersecurity
“Throughout my cybersecurity career, I’ve learned that focusing on skills and knowledge is far more impactful than focusing on gender. My approach has always been to deepen my expertise, ensuring my work speaks for itself,” remarks Isabel Castillo, Cloud Security Analyst at Lastwall. “What’s crucial, though, is visibility and representation in the industry.”
Visibility and representation sends a quiet yet clear message about who the industry accepts in cyber roles. When women are underrepresented, it is implied that women are not welcomed.
Castillo says, “The underrepresentation of women in tech-related fields sends a subtle yet powerful message about who belongs in these roles. To challenge this, the industry must actively highlight and celebrate the achievements of women in cybersecurity. This effort isn’t just for the benefit of young girls; it’s equally important for boys to see women thriving in these spaces. By doing so, we can shift perceptions and foster an environment where everyone, regardless of gender, is encouraged and supported to pursue careers in tech. The future of cybersecurity depends on diverse perspectives, and this begins with changing the narrative around who can excel in this field.”
How to dismantle gender inequality in cybersecurity
While gender inequality in a professional field cannot be deconstructed overnight, there are ways for security professionals to act against it. No matter how influential one is in their organization, they can still acknowledge and address gender bias in the workforce. Nicole Sundin, CPO at Axio, breaks down some ways cyber professionals can recognize and respond to gender inequality in the workplace.
How security leaders can act
Security leaders can use their authority in the workplace to support and uplift the women they work alongside. Sundin states, “It’s sad to say, but the pay discrepancy between men and women still exists. As a leader in your organization, you must ask for transparency around this issue, advocate for others and hold management accountable.”
In addition to advocating for equal pay, those in a position of authority can leverage it to ensure women are given equal professional development opportunities.
“Women mentoring women is one of the best ways to help equalize leadership in the workplace,” Sundin asserts. “Women in leadership have an obligation to mentor other women, guide and listen to problems and help elevate them in the workforce.”
How individuals can act
For those who do not currently find themselves in a leadership position, there are still ways to promote gender equality in cyber professions. Sundin comments, “Every woman has been in a position where their ideas or point of view is either co-opted or restated for credit by one a male counterpart. Call it out and take credit for your work and ideas.”
Recognizing International Women in Cyber Day
This International Women in Cyber Day is a chance for cyber professionals to recognize the progress made for women in the industry while acknowledging the setbacks they still face.
Dohm concludes, “International Women in Cyber Day is an opportunity to call attention to the many skills women bring to the table, acknowledge the issues they face and identify ways the industry can become more inclusive. Adding diverse perspectives to the cybersecurity field will enable us to address evolving threats and close an ongoing workforce gap. We all succeed by having allies who actively disrupt the status quo and advocate for diverse talent in the field. To effectively guide women on their cybersecurity journey, we must focus on building connections, sharing knowledge and learning from experienced professionals already in the field to make a significant impact in this industry.”