There is glaring gender disparity across the cybersecurity industry, with women representing only 16.8% of the cybersecurity workforce and only 2.1% of global cybersecurity companies having female CEOs. Connie Stack, CEO at Next DLP, is leading the charge on changing this disparity. She explains a multi-faceted approach to levelling the field.
The cybersecurity sector is currently riding a major growth wave, with its value set to grow from US$172 billion in 2023 to US$425 billion by 2030, according to industry analysis. At the same time, the sector is grappling with a workforce shortage of nearly 4 million people – a gap that seems certain to increase as the market booms. A major root cause of this issue is the glaring gender disparity across the industry with women representing only 16.8% of the cybersecurity workforce, with only 2.1% of global cybersecurity companies having female CEOs.
This stark disparity not only highlights a gender gap but also underlines a deep-rooted issue within the industry that, despite recognition of the need for greater female representation and its efforts to address this, industry progress remains painstakingly slow. This is especially frustrating when considering that whilst the presence of women in cybersecurity is limited, it is marked by exceptional achievements and resilience.
While this is a huge problem for the industry, the global workforce shortage also presents a unique opportunity to address gender disparity head-on, by actively encouraging and recruiting women into cybersecurity roles. By doing so, cybersecurity organisations can not only fill the growing demand for skilled professionals but also benefit from the diverse perspectives and approaches that women bring to the table, which are essential in combatting a broad range of cyberthreats.
Diversity requires daring decisions
A big part of the problem is that the typical career journey of women in the field of cybersecurity generally runs against the grain of traditional norms and cultural expectations. These women have had to navigate a landscape where their skills and contributions are often underestimated or overshadowed. Their perseverance and success, however, are crucial because they pave the way for future generations of women in cybersecurity, demonstrating that not only can women excel in this field, but they can also lead and drive innovation.
Nearly ten years ago, I made the decision to rebrand Digital Guardian (my former company), updating the primary brand colour to pink. As the cybersecurity industry was then characterised by dark, more conventional brand themes, the industry was in need of a brand refresh and a mini-revolution. I decided on the colour pink, often stereotypically associated with femininity, as I wanted to make a statement of inclusivity within a male-dominated field.
I remember facing significant resistance. However, after some time, the underlying message became clear: the cybersecurity industry needed to attract and retain more women. The eventual acceptance and support of the rebrand demonstrated the power of positive change, even in the face of embedded traditionalism.
The multi-faceted approach to levelling the field
That was only one example of one company in a burgeoning industry, but there are plenty more significant and on-going challenges. How, then, can other organisations take more decisive and effective action to address gender inequality in the industry, and by definition, the global skills gap that threatens to limit the effectiveness of cybersecurity innovation and implementation?
In reality, addressing the diversity dilemma in cybersecurity requires a multi-faceted and sustained approach, including:
● Raising awareness in education settings: the role of educational institutions in nurturing and shaping career aspirations is key, and to ignite interest in cybersecurity among young women, it’s essential to integrate stories of successful women in cybersecurity into school educational resources and content. In addition, guest speakers, multimedia content and even fictional representations of female technologists in school environments can serve as powerful catalysts for inspiration.
● Clarifying career pathways: taking the role of education a stage further, ideally, schools and universities should offer introductory and advanced cybersecurity courses with language and materials designed to attract and engage more female students. These courses should emphasise teamwork and collaborative problem-solving, aligning with the preferences often sought by women.
● Engaging media in shaping perceptions: the media plays a critical role in shaping societal views. Regularly featuring women in cybersecurity as guest speakers, commentators and experts, especially during coverage of major cyber incidents, can help change perceptions and inspire more women to enter the field. Success here depends on organisations putting forward their female experts so their views are available to journalists. A more diverse industry will create more diverse opportunities.
● Celebrating female achievements in cybersecurity: recognising the contributions of women who have significantly impacted the field is vital, not only because it sets a precedent for aspiring women in cybersecurity, but also changes the narrative away from the exception to the norm. This represents a crucial objective that – if and when achieved – will signal that gender equality has made the transformational impact the industry so badly needs.
The importance of opportunity-based equality
In addition to these foundational steps, organisational leaders are pivotal in driving change through their commitment to initiatives that bring career opportunities in cybersecurity, particularly for young women. Ideally, this approach should encompass a proactive role for leaders in recruitment processes, ensuring they attract and hire qualified female candidates. Once hired, this commitment to gender diversity can be supported by on-going mentorship schemes, giving women the opportunity to maximise their potential over the short- and long-term.
It’s no exaggeration to say that the cybersecurity industry is currently at a crossroads. The need for gender diversity is a strategic imperative for the growth and resilience of the industry as a whole and the organisations they support. The way forward involves bold, innovative approaches, active nurturing of future talent and a celebration of the successes of women who have paved the way.
The journey towards a more gender-diverse cybersecurity landscape is undoubtedly challenging, but with collective resolve and concerted efforts, it is a goal well within reach. The industry must continue to challenge the status quo, breaking down barriers and building a future where cybersecurity is enriched and strengthened by diverse perspectives and talents.Click below to share this article