Women are highly underrepresented in the field of cybersecurity. In 2017, women’s share in the U.S. cybersecurity field was 14%, compared with 48% in the general workforce.
Women are even less well-represented in the upper echelons of security leadership. Only 1% of female internet security workers are in senior management positions.
Women’s representation is important because women tend to offer viewpoints and perspectives that are different from men’s, and these underrepresented perspectives are critical in addressing cyber-risks.
The low representation of women in internet security is linked to the broader problem of their low representation in the science, technology, engineering and mathematics fields. Only 30% of scientists and engineers in the U.S. are women.
The societal view is that internet security is a job that men do, though there is nothing inherent in gender that predisposes men to be more interested in or more adept at cybersecurity.
Women are also generally not presented with opportunities in information technology fields. In a survey of women pursuing careers outside of IT fields, 69% said the main reason they didn’t pursue IT jobs was because they were unaware of them.
Women are also generally not presented with opportunities in information technology.
Organizations often fail to try to recruit women to work in cybersecurity. According to a survey conducted by IT security company Tessian, only about half of the respondents said that their organizations were doing enough to recruit women into cybersecurity roles.
Gender bias in job ads further discourages women from applying. Online cybersecurity job ads often lack gender-neutral language.
Boosting women’s involvement in information security makes both security and business sense. Female leaders in this area tend to prioritize important areas that males often overlook. This is partly due to their backgrounds. Forty-four percent of women in information security fields have degrees in business and social sciences, compared with 30% of men.
Female internet security professionals put a higher priority on internal training and education in security and risk management.
Female internet security professionals are also adept at selecting partner organizations to develop secure software.
Increasing women’s participation in cybersecurity is a business issue, as well as a gender issue.
Product designs require a trade-off between cybersecurity and usability. Female cybersecurity professionals can make better-informed decisions about such trade-offs for products that are targeted at female customers.
Attracting more women to cybersecurity requires governments, nonprofit organizations, professional and trade associations, and the private sector to work together. Public-private partnership projects could help solve the problem in the long run.
Attracting more women to the cybersecurity field requires a range of efforts. Cybersecurity job ads should be written so that female professionals feel welcome to apply. Recruitment efforts should focus on academic institutions with high female enrollment. Corporations should ensure that female employees see cybersecurity as a good option for internal career changes. And governments should work with the private sector and academic institutions to get young girls interested in cybersecurity.
Nir Kshetri is a professor of management at the University of North Carolina Greensboro. Distributed by The Associated Press.