The Gender Gap in Cybersecurity Can, and Should Be, Closed

By Chuck Brooks

There are huge, growing demands for a modern cybersecurity workforce in both the private and public sectors; there is also a significant shortage of skilled professionals. There is an especially wide gender gap in cybersecurity and in many technology jobs as well. But this is a gap that can, and should, be closed.

Cybersecurity does not need to be a mostly male domain. As we continue to evolve into the new digital era, new opportunities arise and the real task is outreach and effective communication to bring women into the emerging cybersecurity career realms.

Last year, (ISC)², published a study ‘Women in Security: Wisely Positioned for the Future of InfoSec’ (Note: link opens a PDF) that surveyed nearly 14,000 professionals worldwide and revealed that the InfoSec workforce was predominantly male. In fact, only 10% of information security professionals were female. That means that a majority of women who are, or can be, skilled cybersecurity workers are an untapped group.

An excellent article in Forbes highlights the gender discrepancies: “The small representation of women in cyber is a big opportunity for them to enter a field with a severe labor shortage. There are one million cybersecurity job openings in 2016. More than 209,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years, according to a 2015 analysis of numbers from the Bureau of Labor Statistics by Peninsula Press, a project of the Stanford University Journalism Program. Demand for cybersecurity talent is expected to rise to 6 million globally by 2019, with a projected shortfall of 1.5 million, says Michael Brown, CEO at Symantec.”

The good news is that a great number of cybersecurity job opportunities exist and the numbers are growing. Indeed, it is a huge market, Cybersecurity Ventures recently reported worldwide spending on cyber defense products and services is forecast to exceed $1 trillion for the five-year period from 2017 to 2021.  The market expansion will add to the cybersecurity workforce shortage, which is expected to reach 1.5 million cybersecurity job openings by 2019, according to the most recent Cybersecurity Jobs Report.

The challenge at hand, to ameliorate the shortage of cybersecurity professionals and close the gender gap, is to educate, train, and facilitate women to fill the pipeline for a qualified information security workforce.

There are a variety of organizations that provide education and certifications including CompTIA, (ICS)2 The National Cybersecurity Institute, (just a sampling of a very large list) and many colleges and universities.

It is important to attract future cybersecurity professionals at an early age. STEM programs are extensive and there are many new programs associated with schools at early ages aimed at attracting females to science and computing. I concur that part of the problem is a cultural mindset that males are more destined to be scientists and programmers. It is a mindset that can be changed via STEM and education. The barriers can be brought down. 

Personally, I am closely associated with the Franklin Foundation for Innovation as an Advisory Board Director. One of their programs is called, “PROGRAM, RESEARCH, DISCOVER, AND LEAD #LIKEAGIRL.

Women provide a diverse perspective to a workplace dominated by male personalities. No one sex is superior to the other when it comes to the ability to design, develop, innovate, research, etc.; these are key traits of individuals in STEM fields. Our nation needs more women in technology professions like programming, engineering, information security, and management disciplines. Research is also dramatically lacking in gender diversity, which hurts our ability overall to innovate and develop breakthrough solutions.

There have been numerous attempts at explaining why there is such a massive gender gap between men and women in STEM fields. Explanations include biology (which is nonsense), a lack of interest in school age children, the “leaky pipeline” excuse, general stereotypes, amongst others. We believe the only reason why the gap exists is because society and our schools have yet to support a different model.

Girls are not encouraged to become programmers; rather they’re taught to become housewives. They’re not pushed to become neurosurgeons; instead they’re guided toward nursing. You do not see commercials enticing young women to go to school to be physicists, but it is nearly impossible to miss ads promoting beauty schools and vocational nursing programs. In order for the gender gap to disappear, society has to change its ideas on women’s true place in our American society – which is in lock-step with men.

These are the kind of programs and initiatives that need to be replicated globally. An exceptional program to point out is The Women in Cybersecurity Initiative, created in 2013, the initiative provides a “continuing effort to recruit, retain, and advance women in the field of information security. It brings together students, faculty, researchers, and professionals to network and share experiences and knowledge.”

Another excellent program is run by The SANS Institute. It is called the Cyber Talent Immersion Academy for Women.  The Institute provides accelerated training and the certification program offers women a fast track to top jobs in cybersecurity. Qualified candidates complete SANS’ intensive world class training and earn GIAC certifications at no charge.

Companies have also joined in the efforts to create a more diverse workforce that includes women with specialized programs and scholarship opportunities. Many of the Fortune 500 companies have such programs and they can be found on their websites. As companies create this outreach, they should also expand this mindset to their recruiters, to connect the goals to the companies’ information security functions.

These and other similar efforts need greater publicity, marketing, and to be made more accessible. They can be a basis for helping balance gender inequality in the cybersecurity workforce.  The field of cybersecurity needs to be advertised as encompassing opportunities for both genders. Cybersecurity is coding but it is more than that. It also incorporates executive management, policymaking, diplomacy, marketing research, compliance, intelligence, technology foraging, communications, and thought leadership as elements of the discipline. It can be very financially rewarding, with flexible employment on site or remote, and most of all it is integral to our digital future.

There is something there for everyone and women need to be a key part of the cybersecurity employment equation from any aspect or perspective they decide to choose.


Chuck Brooks

Charles (Chuck) Brooks serves as the Vice President for Government Relations & Marketing for Sutherland Global Services.  Chuck is also an Advisor to the Bill and Melinda Gates Technology Partner network, as Chairman of CompTIA’s New and Emerging Technology Committee, as a Fellow at The National Cybersecurity Institute, and serves on Boards to several prominent public and private companies and organizations. 

More about Chuck