Despite the progress made in the last decade or so, there are still far too few women in the cybersecurity field—even as the field struggles to find skilled candidates. In fact, while women comprise 51 percent of the population, they represent less than 25 percent of the cybersecurity workforce. And compounding this situation further, women have been disproportionately impacted by pandemic-driven unemployment. When we consider these factors together, it’s clear that there’s an opportunity for alignment—getting more women into the cybersecurity space. It’s a win-win.
The Opportunity for Women in Cybersecurity
Pandemic-related unemployment hit women much harder than men (for instance, one in four women reported job loss due to a lack of childcare—twice the incidence of men). Yet in some ways, the pandemic did not hit the technology sector as hard, partly because these companies were more equipped to switch to flexible work arrangements and remote work. Consequently, leading global technology enterprises were able to reach “almost 33 percent overall female representation in their workforces in 2022, up slightly more than two percentage points from 2019," according to research by Deloitte Global.
Although this development is positive, there is still much work to be done in the technology industry in comparison to other sectors. For comparison to tech’s 24 percent representation, women make up 47.7 percent of the global workforce overall. Additionally, they represent 50.2 percent of the workforce among those with a college degree. Within the tech field, cybersecurity in particular presents a huge opportunity for women who are looking to do a career pivot or grow in their current cyber career.
Why Cyber Offers Opportunities
Now is the perfect time to enter the cybersecurity field, as this sector is hiring as fast as it can. Companies need to fill positions; according to ISC(2), there’s still a shortage of 2.7 million positions. About a third of those who responded to this survey said that a shortfall in cybersecurity team members has led to real-world issues, such as lack of time for risk assessment and management, slowly patched critical systems, hurried deployments and misconfigured systems.
The tech sector is often able to provide more flexibility and remote work options than other sectors. That’s a good perk in general but is especially important to women who need to care for children, as noted above.
Cybersecurity also offers a diversity of positions. It’s not just STEM-centric jobs that are waiting to be filled. The idea that all cybersecurity jobs are technical or require a degree in computer science is a widespread myth that keeps people from entering the field. It’s thought that all cybersecurity roles involve sophisticated technology. While it is true that the technology sector includes the field of cybersecurity, not all cybersecurity professionals are programmers. Many have degrees in liberal arts and possess excellent communication abilities. Others are outstanding problem solvers who don’t have a college education.
What’s more, the ISC(2) survey revealed there are new routes to cybersecurity. A little over half of cybersecurity professionals began their careers in fields unrelated to IT: 17 percent switched from other fields, 15 percent got into the sector through cybersecurity education and 15 percent independently investigated cybersecurity opportunities. More than 75 percent of cybersecurity professionals enjoy their work and are well-paid for it.
Though experience in the tech field and certifications can provide entrée into cybersecurity work, a significant portion of any hiring decision is based on the person being interviewed. That’s why soft skills are also necessary and in demand.
According to resume analysis, women offer a wider variety of skills for cybersecurity jobs. For instance, women tout 52.5 percent more soft skills than men in all four quadrants: leadership, interpersonal skills, analytical ability, and personal qualities. These soft skills, according to research, are crucial differentiators for leaders in the field. Female job applicants mention analytical skills 150 percent more often and 46 percent more skills in the leadership quadrant.
Addressing the Challenges
Cybersecurity has too often been portrayed as a man’s job. Popular shows like Mr. Robot depict young men in hoodies working in some dark room, perpetuating myths about what it’s like to work in this industry. If women can’t picture themselves in a work environment, they’re less likely to seek it out.
Another issue is that young women are underrepresented in STEM programs. Many young women who would otherwise be qualified to pursue a degree in STEM have had their confidence crushed by widespread gender biases, a lack of strong female role models and, unfortunately, parents and teachers who discourage girls from studying topics in the tech field.
In addition, bias in cybersecurity hiring persists. People with credentials in computer science, engineering and other STEM professions are frequently favored by recruiting managers and HR, since they are seen as having the best cybersecurity prospects—while other well-suited candidates go ignored. The onus of change can’t rest on career-seekers; the industry needs to acknowledge and find ways to overcome these stereotypes.
Moving into Cybersecurity
While individuals can’t change the way employers think—or the way they hire, unfortunately—that doesn’t mean there’s nothing to be done. There are a number of ways to start building your experience and resume even before you get the job. Here are three of them:
- Seek out free or inexpensive cybersecurity training programs
- Get involved with professional organizations
- Network, network, network
Women’s Time to Shine in Cybersecurity
What many people, women especially, don’t realize is that there’s a plethora of roles and careers within the cybersecurity industry to be had. Women still only make up 24 percent of the overall cybersecurity workforce, and with today’s threat landscape, that just isn’t cutting it in terms of keeping organizations secure. Women have the soft skills and diverse perspective the industry needs, so it’s time to overcome stereotypes and bias to embark on a rewarding career in a field that will always need workers.
Sandra Wheatley is senior vice president of marketing, threat intelligence and influencer communications at Fortinet. She has more than 20 years of experience developing and managing holistic marketing and communication strategies that build brands and drive business impact. Lynn Dohm is executive director of Women in Cybersecurity (WiCyS), which works to bridge the cybersecurity workforce gap and improve the recruitment, retention and advancement of women in cybersecurity.