You might think that a field that is progressive by its very nature would have more diversity in terms of gender, but in reality, women are still a minority in this cyber security. In the U.S., women make up only 14% of the U.S. cyber security sector and female representation in this industry as a whole stands at a mere 11%. Cybersecurity Ventures states that the global cyber security workforce will be composed of 20% female experts by the end of 2019. Although that is a 9% increase since the initial data was released in 2013, the gender gap is still huge and we need more women to enter the workforce.
There are small but significant achievements that can be held up as leading exemplars for ways to improve gender diversity in the industry. In Israel, for instance, where the industry continues to mature, women were behind 15% of newly founded cyber security teams. One quarter of the Australian cyber security workforce is female. Enabling women to advance into leadership positions is one way we can improve these numbers. As Sara Laschever discussed at last year’s Scientista Symposium, there are several obstacles women will need to overcome when aiming for higher positions, many of which can be combatted by implementing strong negotiation skills and strategies. As the number of female cyber security experts continues to rise, we can also look to several key players in the industry as role models.
There’s a common misconception that tech professionals are shut-ins who work tirelessly day and night. However, this stereotype is certainly bucked by Katie Missouris, a seasoned cyber security entrepreneur who sports hot pink hair. Moussouris is the mind behind Microsoft’s bug bounty program and has earned the nickname ‘Bug Bounty Queen’ because of her expertise. She designed what is essentially a virtual bounty hunting program that identifies glitches in computer code. Individuals are rewarded for catching errors before someone else takes advantage. Years of experience have led Moussouris to understand the inherent flaws within code that allow outside hackers to get into a system. Subsequently, she founded Luta Security. The company specializes in vulnerability disclosure and improving security programs (including bug bounty), and has done work for the US Department of Defense and the UK National Cyber Security Centre, among other clients.
Moussouris is not alone in heading a cyber security company in a male-dominated landscape. The leaders behind one of the UK’s top cyber defense companies, Darktrace, are two powerful women, one of whom is 35-year-old Poppy Gustafsson. She was instrumental in escalating the 5-year-old company’s valuation to $1.25 billion. In an article with the Evening Standard, she discusses how Darktrace utilizes artificial intelligence to identify and slow down threats before the damage becomes irreversible. It’s similar to the approach used by Dr. Bhavani Thuraisingham, Executive Director of the Cyber Security Research and Education Institute at the University of Texas at Dallas. Dr. Thuraisingham has been specializing in data analytics for cyber security for the past thirty years and she has had roles in both the federal and commercial sectors.
When talking about cybersecurity at a global scale, it would be remiss not to mention Ruth Shoham, one of Israel’s leading experts in the field. Shoham currently serves as the Executive Director of Israel’s National Cyber Directorate and supports a local initiative called CyberGirlz. The program aims to introduce high school-aged girls to the wonders of technology. Students can participate in hackathons, gain training in coding, and develop connections with female mentors who also work in tech. CyberGirlz directly addresses one of the reasons why women don’t seek out employment opportunities in cyber security, or technology in general: a lack of exposure to role models in the field. Many young girls don’t even realize that working in tech or cybersecurity is a viable career option. However, a degree in cyber security opens up many employment opportunities. Maryville University highlights several lucrative career options, such as working as an Information Security Analyst, Information Assurance Engineer, and Network Architect. The median salaries for these different positions range from $60,000 to over $100,000, which is well over the average salary of many professions in the US.
Natalia Oropeza, Chief Cyber Security Officer at Siemens AG, offered another explanation as to why women don’t enter the cyber security workforce. In an interview with Bloomberg, she mentioned that women, in general, want to feel that they are making a direct impact to society, but they feel that a job in tech is disconnected from working with other people. It’s hard to argue with Oropeza’s theory, considering that careers in tech have been marketed that way. However, this perspective is based on massive misconceptions. Data breaches can threaten banks, healthcare institutions, government agencies, and corporations big and small. In the end, citizens will be the ones suffering the repercussions of these breaches. If that isn’t life-changing, then it’s hard to say what is.
Hopefully, changing perspectives will help attract women to a sector in dire need of talent. Any woman who has the qualifications can certainly excel in the field. The ladies featured above are just a few of the names among thousands of women who are closing the gender gap. If you are intellectually curious and want to be part of that change, cyber security is a field that needs you.
Audrey Patterson is a law-student turned cyber security professional. She has been working as an Information Security Consultant for a number of years now and has personally mentored young women who are interested in entering the field