One emotion few of my peers experience is the feeling of walking into a room and being the only woman - and it didn't matter whether I was visiting a Security Operations Center (SOC), attending a Chief Information Security Forum or meeting with Information Security leaders in various industries. Meeting after meeting and at all levels, I have concluded that the low numbers of women and minorities working within cybersecurity and across the IT discipline is a concern from a personal standpoint and a business risk that I feel few recognize.
The cybersecurity industry continues to grow at an incredible rate. A recent study by the organization Women in Cybersecurity found that security professionals worldwide are expected to increase to nearly 4.2 million by 2015. Although women hold 56 percent of all professional jobs in the U.S. workforce, only 25% of all IT jobs are held by women.
As a member of this minority I am obviously passionate about this topic. Professionally, this topic interests me because I feel having diversity drives the intelligence-driven acumen behind an effective cybersecurity infrastructure. It’s vital, in my mind, to have different points of view, different sets of eyes on the data, and different ideas and thoughts generated around ways to solve problems, both in and out of IT and cybersecurity.
I have also experienced, first-hand, the gender gap within IT as well as the challenges managers face in finding the degree of talent required within the cybersecurity community. These talent and gender gaps, I believe, can be mitigated in large part with a stronger focus on women and minorities.
The first step, I believe, is providing awareness of this issue by exploring organizations and resources aimed at increasing cyber and IT opportunities to women and minorities. We should also examine different ways a company or organization can get involved and make a difference.
Although women today comprise more than half of the U.S. professional workforce, only 28 percent of the Science and Engineering workforce are women, according to the National Science Foundation (NSF). What is more alarming, according to a whitepaper from ISC2 and Symantec, is that only 11 percent of Information Security professionals are women.
This trend is not new. A report issued in 2004 by the Information Technology Association of America (ITAA) trade group showed that the percentage of women in the IT workforce declined from 25.6 percent in 1996 to 24.9 percent in 2004.
A number of factors may contribute to the lack of women in the IT workforce:
1. A lack of Science, Technology, Engineering and Mathematics (STEM) focus in the classroom.
2. The need for companies in various sectors to better advertise IT and cybersecurity careers to young women.
3. The need for organizations to dedicate themselves to building an awareness and approach toward introducing women and minorities to IT and cybersecurity.
Diversity encourages innovation and innovative solutions. These are two key tenets of a sound cybersecurity platform. Next week we will discuss solutions to introduce women and minorities to cyber and IT in an effort to diversify our workforce and solve some of the toughest problems facing our industries and companies today.