Women In Cybersecurity

RESOURCES FOR WOMEN IN CYBERSECURITY

Q2 2017

WomenInCyber.com is sponsored by SecureStrux, LLC, a women-owned small business that provides specialized services in the areas of compliance, vulnerability management, and cybersecurity strategies.

“Women in Cyber positions today offer some unique perspectives to critical components of the field that can be the one missing piece to ensure the continuity of business operations, fill knowledge gaps, or piece together the puzzle to help keep security transparent within organizations” says Sienna Crawford, Managing Partner at SecureStrux. “SecureStrux supports and encourages these approaches from all our staff and continues to strive to adapt to our customer’s needs by being open minded and using critical thinking skills that cannot come from a book or a classroom.”

DIVERSITY REPORT

Chance for women and minorities to enter the trillion dollar cybersecurity field

Jobs gap opens opportunity for a more diverse workforce

johnmelloembossedJohn P. Mello, Jr.

Menlo Park, Calif. – May 8, 2017

Combating the avalanche of cyber threats populating the landscape these days is putting many organizations under constant stress. Equally stressful is finding qualified talent to fight those threats.

Worldwide demand for information security pros was previously estimated to reach six million by 2019, with 1.5 million of those jobs remaining unfilled because there won’t be anybody with the skills to fill them. And the situation will get worse, as it’s predicted that the gap will jump to 3.5 million in 2021.

That skills gap will be addressed in many ways in the coming years. Education at all levels is being retooled to address demand. Standards are being reviewed to weed out unnecessary requirements. Retraining programs are being launched. All these conduits offer an opportunity to make the industry’s labor pool more diverse.

“The small representation of women in cyber is a big opportunity for them to enter a field with a severe labor shortage,” says Steve Morgan, founder and Editor-In-Chief at Cybersecurity Ventures.

He points out that while 50 percent of professional occupations in the United States are held by women, only 25 percent of computing occupations are so. “That leaves tremendous headroom for women to enter the fast-growing cybersecurity market, which is expected to be worth $1 trillion (USD) cumulatively over the next five years, from 2017 to 2021,” he notes.

Trouble Diversifying

Technology companies, in general, are having trouble diversifying their workforces, but it’s worse in the cybersecurity field. For example, last year, 9.2 percent of information security analysts were black, 7.7 percent were Asian and 8.9 percent were Hispanic, according to the U.S. Bureau of Labor statistics. Women fared slightly better at 21.8 percent of analysts, although globally, they represented only 11 percent of the infosec workforce, according to the Biennial Women in Cybersecurity Report released in March.

The report also found that more women working in cybersecurity had higher levels of education than men — for example, 51 percent had master’s degrees, compared to 41 percent for men — yet fewer held positions of authority (director level or above) than men and, on average, make lower salaries than men.

Worse yet, 51 percent of women working in cybersecurity in North America and Latin America had experienced some form of discrimination, compared to 15 percent of men.

Geeks and Spooks

That discrimination may be related to the “Old Bro” network that’s been a source of manpower for the field.

The pipeline feeding the cybersecurity workforce has traditionally drawn from male-dominated disciplines such as computer science (including hackers and coders) and national security (especially military, law enforcement, and intelligence), writes Betsy Cooper, executive director of the Center for Long-Term Cybersecurity at the University of California, Berkeley.

“As a result,” she adds, “the culture of security largely mirrors that of technogeeks, cops, and spooks.”

However, many women get the “bro” message long before they enter the cybersecurity field by choosing to avoid science and math when they reach middle school. “The situation assumes disastrous proportions when you consider that, by self-selecting out of science and technology, women have closed themselves off from the biggest engines of wealth creation in our era,” Deborah Hurley, associate faculty director for data privacy at Brown University’s cybersecurity program, tells the Society for Human Resource Management.

“The women who do go into science and technology fields encounter a virtually all-male environment or a cliff of discrimination,” she adds.

Economic Benefits of Diversity

Promoting diversity in cybersecurity can not only expand the pool of candidates needed to reduce the skills shortage in the industry but it can improve the field, as well as the bottom line of businesses that buy into it.

“Cybersecurity is an enabler — supporting trusted relationships among people, leveraging machines, making sure that data is properly handled, and so on,” explains Deborah Frincke“, director of research at the National Security Agency.

“Diversity of perspective is an enabler, too — for example, making sure that all views are represented in a conversation,” she continues.

“Cybersecurity needs to support all people — in all aspects where they need it, in the diverse areas where they live, work, and play, for all populations,” she adds.

What’s more, studies by McKinsey & Co. and the Massachusetts Institute of Technology have found that companies with diverse work forces can reap financial rewards.

McKinsey says that companies in the top quartile for gender or racial and ethnic diversity are more likely to have financial returns above their national industry medians.

Companies in the bottom quartile, it continues, are statistically less likely to achieve above-average returns.

It adds that diversity is probably a competitive differentiator that shifts market share toward more diverse companies over time.

Meanwhile, MIT found that moving from an all-male or all-female office to one split evenly along gender lines can increase revenue by 41 percent.

More importantly, however, in a world economy where innovation is the life blood of success, diversity is a crucial component.

Writing recently in Fortune, Sarah Lewis-Kulin and Jessica Rohman of Great Place to Work, which researches and creates best workplaces lists, note:

“The tech industry’s struggle to become more inclusive has consequences that reach beyond the experience of individual employees. In the idea economy, businesses risk missing promising solutions or entire markets for their products when they lack voices from diverse backgrounds.”

Stay tuned for the Q3 2017 edition of Women in Cybersecurity.

John P. Mello, Jr. a freelance writer specializing in business and technology subjects, including consumer electronics, business computing and cyber security.

grayfooterline

Q1 2017

WomenInCyber.com is sponsored by SecureStrux, LLC, a women-owned small business that provides specialized services in the areas of compliance, vulnerability management, and cybersecurity strategies.

“SecureStrux is a leader in providing women tremendous opportunities in the cybersecurity field” says Sienna Crawford, Managing Partner at SecureStrux. “We strive to empower them in every project they take on and develop their skill sets as they advance throughout the company” adds Crawford.

EDITOR’S DESK

List of Women in Cybersecurity Associations to Join Now

stevemorgancvheadshotSteve Morgan, Editor-In-Chief

Menlo Park, Calif. – Jan. 17, 2017

This edition provides a list of associations for women in the cybersecurity field. The list includes events, jobs, training, and other resources. For recent news features on women in cyber, go here.

Roughly 11% of the cybersecurity workforce are women, compared to 25% in technology, and 50% of professional occupations overall. The following women in cyber associations aim to move the needle way up on those numbers:

  • The Executive Women’s Forum (EWF) serves female executives in security, risk management and privacy. There’s no cyber in it’s name, but EWF has an impressive advisory board with women in cyber from organizations that include Carnegie Mellon University, Johnson & Johnson, J.P. Morgan Chase & Co., and Microsoft.
  • The League of Women in Cybersecurity (LoWiCyS) is a new non-profit organization, focused on helping to fill the CyberSecurity workforce gap by increasing the percentage of women in the field. Their most notable initiative areas are low cost, hands-on cybersecurity education, opportunities for real-world experience, workforce entry/reentry support, and mentoring.
  • The Phi Beta Cyber Society is a volunteer group of outstanding women (and men) who have devoted their careers to cyber defending and protecting the United States and its citizens, businesses, educational institutions, and organizations of all types. Top women in cyber are encouraged to join and visit with high school girls at local schools in the U.S.
  • Women in Defense (WID) — started in 1979 — an affiliate of the National Defense Industrial Association (NDIA), cultivates and supports the advancement and recognition of women in all aspects of national security — including cybersecurity. The WID Annual National Conference features keynote speakers from NASA, NSA, DHS, CyberCom and StratCom.
  • Women in Security and Privacy (WISP) promotes development, advancement, and inclusion of women in the cybersecurity field. WISP’s calendar is an excellent resource providing a list of their own innovative events alongside other women in cyber events, and various security and hacker conferences in the U.S.
  • The co-founders of the Women’s Security Society (WSS) is a who’s who of UK women in cyber. WSS has more than 1,200 members from all over the UK, men as well as women, from across the spectrum of the security world. The organization provides networking, events, and career opportunities for its members.
  • Lisa Jiggetts is founder of the Women’s Society of Cyberjutsu (WSC), a nonprofit for women in cyber. Cyberjutsu sounds like a martial art — and Jiggets is a 10th degree black belt with credentials that include MBA, CISSP, ECSA, C|EH, SCNP, MCSE, CCNA, SCSA, Network+, and A+. Her organization provides training, networking, mentorship, and a job board.

Cybersecurity Ventures provides a list of industry associations, some of which have women in cyber groups, networking events, and other resources.

Steve Morgan is founder and CEO at Cybersecurity Ventures and Editor-In-Chief of the Cybersecurity Market Report and the Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies.