By Coty Sugg
When it comes to gender diversity, the cybersecurity field is not evolving fast enough. Most notably, women represent just 11% (Note: Link opens a PDF) of this profession, according to a study by (ISC)2 and Symantec from 2013. Moreover, this statistic has remained basically unchanged despite double-digit annual increases in this profession’s employment as a whole — in 2012, for instance, the InfoSec workforce grew by 306,000 (Note: Link opens a PDF).
Addressing this issue, the Netherlands American Chamber of Commerce hosted their Women in Cyber Technology event. For this event, held on August 22, 2016, a panel of women from the private and government cyber technology arenas came together to speak about their experiences:
Marci McCarthy, CEO & President of T.E.N., a technology executive networking organization
Major Julianna Rodriguez, Chief, Cyber Technical College for the U.S. Army Cyber School
Deborah Johns, a technology recruiter
McCarthy, Rodriguez, and Johns began by sharing their stories of how they got into the industry and from there, they offered advice on how other women might start a career in information security.
It All Starts with Education
“In general, obviously, the math and engineering paths are where she would start,” said Johns. “But there are different schools, different clubs that young girls and women can join. Because you really have to start young if we want to get more women into the field.”
McCarthy added that “Cybersecurity has a high demand but short supply of qualified talent. Having your girls involved in STEM education at an early age can be a wonderful path to success in a technology profession. Yes, you can do a Science and Technology type of study, but pair that — if you are a business-minded individual — with a Marketing or Business degree, or a Law area like Cyber Law. Pair some of those things with technology to create new opportunities for yourself.”
“One of the things I love about the military,” said Rodriguez, “is that it is congressionally mandated that we need women! We see women coming in at — the lowest age is 18 and I believe the highest is around 30. We are looking at ways to make these adults passionate about studying cybersecurity. Because, again, to be able to solve those problems and prevent them is going to require a depth of knowledge that you can’t just get overnight.”
An Average Day in Cybersecurity
The panel then described an average day for someone in the cybersecurity field, as well as the kinds of questions and practices someone in the field would consider.
“I would expect that every day that professional thinks: How is this going to affect this business?” said Johns. “What threats are current and most dangerous? What threats have I heard other companies are dealing with? They have to be aware of what is going on.”
“A cybersecurity attack,” said McCarthy, “can happen at any given time. If you’re a security team member, CSO, or CISO, you will be held accountable for what is happening immediately. You will be judged for how you handle the situation, handle your team, and respond effectively. The most effective CISOs have great communication and great relationships with the other members of the company or their board of directors. They are meeting with their executives and business leaders; they’re building awareness with their end-users on best practices and they are building strong security programs wherever they can.”
“For anybody outside of the Army, if you’re looking for what you can do to contribute in this field, first learn how to do basics,” added Rodriguez. “Educate others on what not to do and show them what your best practices are. In the same way we have basic hygiene rules like washing your hands and brushing your teeth, we also have cyber hygiene rules such as ‘don’t click on suspicious links’ because that can affect your entire organization. Even if you get into this field and you don’t think you are technical enough for it, taking away the basics can be valuable for any position.”
Age Discrimination and Higher Learning
The panel closed by discussing age discrimination and higher learning opportunities for those interested in gaining the skills needed to enter the profession.
“Interestingly, the average cybersecurity executive is a white male aged 45-50 years old, who rose up in the ranks over time,” said McCarthy. “However, cybersecurity itself as a profession is only about ten or fifteen years old.”
“This industry has a big need and it is only going to keep growing,” said Johns. “More and more things are transitioning to apps and mobile devices, and that creates more security threats; the more threats, the more the company has risks, and the more risks, the more that companies need security professionals to take care of them.”
“My main goal is getting people started on the track toward the career they want,” said Rodriguez. “A lot of information you need [to become adept in this field] is available online. If you want to get into this to add value to yourself and your company but you aren’t sure about this path as a career field, then a fantastic thing you can do is learn basic programming or become an Excel wizard. There are free, dynamic resources for you to use, and people of all age ranges can use it.”
Opportunities abound in cybersecurity — a fast-growing field that’s employing more professionals every year. Although women remain a small percentage of workers in cybersecurity, with the right education, the right abilities, and the right aptitudes, the path to success for all genders looks bright in this field.
About Coty Sugg
Coty Sugg is currently the Corporate Communications Manager for T.E.N., an information security executive networking and relationship-marketing firm. In this position, Coty is responsible for the planning and execution of T.E.N.’s PR, marketing and communications.