News from the murky world of cybersecurity seems to keep getting worse. From alleged election-related hackings to massive data breaches to DDoS attacks now capable of crippling some of the biggest websites on the Internet, the present is bleak, and the future appears to be even more daunting. However, there could be a new weapon emerging against cyberattacks of all types, and it’s not software patches or firewalls or new security protocols. It’s manpower, or to be more specific, womanpower.
A gap that needs closing
Like many STEM fields, cybersecurity has traditionally been underrepresented by women. In fact, a 2016 study from the Center of Cyber Safety and Education found that women make up just 10% of the global cybersecurity workforce – a percentage that, disappointingly, hasn’t increased since the Center’s 2014 study on the same subject.
If any industry is currently crying out for an influx of talent, though, it’s cybersecurity. Data breaches hit an all-time high in 2016 with 1,093 in the United States alone, a 40% increase from 2015’s 780. The business sector and healthcare industry were the hardest hit. Furthermore, while record-breaking DDoS attacks like the one on Dyn made headlines for taking websites like Twitter and PayPal offline, dealing with these devastating attacks has been a reality for businesses and websites of all sizes for years. With DDoS-for-hire services gaining popularity and DDoS botnets gaining size thanks to IoT devices, the problem is only getting worse.
This is undoubtedly bad news for businesses, governments, and the Internet at large, but it’s great news for a demographic in search of high-paying jobs.
According to the Bureau of Labor Statistics by Peninsula Press, an initiative of the journalism program at Stanford University, in 2016 saw more than 200,000 cybersecurity jobs unfilled in the United States alone, with postings in that industry increasing 74% over the last five years. A 2015 study from Cisco estimated there were one million cybersecurity job openings around the world, a number that Michael Brown, CEO of Symantec, expects to grow to six million by 2019. Brown also projects that a full 1.5 million of those jobs will go unfilled.
With this dearth of skilled cybersecurity workers, it’s no surprise that leading companies all over the globe are looking to the half of the population that has historically been underrepresented in cybersecurity.
Increasing gender diversity in cybersecurity isn’t just a numbers game. A 2014 analysis by the National Center for Women and Information Technology looked at 2,360 global companies and found that gender-balanced companies performed better financially, particularly when women held a significant number of top management positions. Gender-balanced companies also demonstrated superior productivity and team dynamics.
To help fill the gap in cybersecurity, companies and even cybersecurity defense contractors such as Raytheon have launched aggressive recruitment initiatives aimed at women. Post-secondary educational institutions are joining in as well, with private women’s colleges like Bay Path offering degrees in information security, stressing the leadership, problem solving, analytics, and communications skills necessary for careers in this industry.
Public colleges and universities are also focusing efforts on getting women into information technology and cybersecurity programs. Brigham Young University, for example, appeals to the large population of Mormon women that make up its student body by presenting cybersecurity as an option for women who want to pursue a career while also embracing the traditional homemaking values prized by the Mormon faith.
Words from leading women
As much as the cybersecurity industry needs to focus on recruiting women, many women are already working as leaders in the industry. Internet security firm Imperva Incapsula recently compiled a list of the top 50 women in Internet security, including their advice on getting into the industry and what can be done to attract women to it.
For instance, international cyber attorney Christina Ayiotis recommends a long-term approach to attracting women to STEM careers such as Internet security, saying companies need to commit to building the pipeline and processes that address retention. “Women need long-term career progression support from those who have the power to put them in available leadership roles, including at the Board level,” she said.
For women and students looking to distinguish themselves in security, Tumblr security engineer Aloria recommends being proactive to demonstrate passion for the field. She says this can include sharing small tools or scripts, participating in CTFs, and writing blogs.
The battle against cyber attacks of all types is only going to intensify in the future, and women in cybersecurity may very well be a major part of the solution. It will take a concerted effort from women, educational institutions, and companies combined, but with women getting involved in internet security and other STEM fields, the war on cybercrime might just be winnable.
For more on gender equality in the tech industry, see Girls In Tech: From One Event To A Global Movement.