Cybersecurity profession needs more women

A decade ago, Lawrence Summers thought out loud about the underrepresentation of women in the sciences at elite universities. He wondered if the reason was “innate” differences between men and women. The firestorm the comments touched off drove Summers from the presidency of Harvard.

For whatever reason, women are still underrepresented in some technical fields. For example, information security. The latest biennial survey from (ISC)2 and Booz Allen Hamilton, “Women in Security” shows that women constitute only 10 percent of the privatesector InfoSec workforce. This in a field for which government agencies and contractors alike are always complaining about insufficient numbers of skilled practitioners.

The survey respondents work in developed countries and in organizations with more than 500 people. I suspect the 10 percent figure is higher in the United States than some other countries, but the survey isn’t broken out by country.

One slightly brighter spot is the subspecialty of governance, risk and compliance, where women in InfoSec tend to cluster. According to Dan Waddell, the managing director of the North America Region at ISC(2), managers looking to diversify their workforces should included these policy and managerial functions in how they think about cybersecurity professionals.

“Don’t just look at the cybersecurity role as a purely 100 percent technical role,” Waddell said. “Once you figure out what makes your employees tick, whether they’re women, minorities or whomever, you might be surprised. It takes that broad range of both technical skills and soft skills to make the true, objective cybersecurity professional.”

Another point, from the survey: salary alone won’t attract women.

“A mix of monetary and non-monetary incentives, such as flexible work arrangements, and varied training and education methods will be important in attracting and retaining the talent the InfoSec profession requires,” the survey said.

The survey also found that within that 10 percent of women in the InfoSec workforce, 9 nine percent of leaders are women but 13 percent of them practitioners.

Compare that to Bureau of Labor Statistics information showing that nearly 27 percent of computer and information systems managers are women, as are 26 percent of chief executives.

To me, this shows women are not entering the cybersecurity field in sufficient numbers to show up in the downstream survey statistics.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.