Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
Oct. 26 — Women are underrepresented in the burgeoning cybersecurity field and companies may be losing out by not having more diversity on their security teams, industry professionals tell Bloomberg BNA.
Michelle Cohen, data privacy member at Ifrah Law in Washington, said that despite an abundance of job openings “women represent only 10 percent of cybersecurity professionals and the industry may reportedly have a staff shortage of 1.5 million people by 2020.” The lack of candidates can be traced to “women being underrepresented in intelligence, the military and security,” she said.
The cybersecurity industry is fast growing and offers high paying jobs. According to a 2015 Dice report, the average cybersecurity engineer earns $170,000 annually.
According to a 2015 Raytheon Corp. report, 52 percent of women job-seekers surveyed believed that “cybersecurity programs or activities aren't available.” Paul Crichard, head of cybersecurity intelligence for Raytheon U.K., said in the report that “it's just woeful that we don't have anywhere close to the number of women we need in” cybersecurity jobs.
Michelle Dennedy, chief privacy officer at Cisco Systems Inc. in San Jose, Calif., told Bloomberg BNA that gender diversity in the cybersecurity workplace is valuable because it is very good for business. Leaders should understand that “the company's bottom-line will grow as diversity increases,” she said.
Increasing the number of women in the cybersecurity profession “is less of a day-to-day game and more about legacy,” Dennedy said. Hiring more women for cybersecurity roles is a boon for innovation and will drive an increase of ideas in a diverse market place, Dennedy said.
The increase in consumer demand for cybersecurity solutions has led to a heightened demand for computer security professionals for external and internal technology teams.
The cybersecurity market is expanding to new levels. According to an Oct. 12 International Data Corporation report, “worldwide revenues for security-related hardware, software and services will grow from $73.7 billion to $101.6 billion.” Because many companies are fearful of the next massive data breach—for example, the Yahoo! Inc. hacking attack that affected over 500 million accounts—there are plenty of job opportunities in the market.
A growing cybersecurity market will need an ample supply of talented cybersecurity professionals to meet the rising demand.
Debra Farber, co-founder of San Francisco-based advocacy group Women in Security and Privacy, told Bloomberg BNA that many tech companies miss the boat if they don't hire women in cybersecurity roles.
Hiring gender diverse candidates will drive growth in the cybersecurity field by introducing innovative ideas that otherwise may have never reached product teams, security teams and the board room, she said.
Each year, thousands of attendees flock to popular events that are well-known to cybersecurity researchers and professionals, such as the RSA Conference and Black Hat USA. However, the traditionally male-dominated cybersecurity events, also known as hacker conferences, may discourage some women from attending or fully participating, Farber and Dennedy said.
Networking and touting one's computer security skills at the hacker conferences is an important entry point into the cybersecurity industry, Farber said. Attending a hacker conference allows candidates to present white papers on cybersecurity research and to compete in hacking competitions to show corporate leaders “what they are worth,” she said.
Farber said that some cybersecurity conferences may feature “women wearing scantily clad outfits” to attract new business partners, and this may be a turn off to women trying to enter the cybersecurity profession.
Dennedy agreed that the culture surrounding some cybersecurity conference may be “intimidating to some women.” These conferences and other cybersecurity-focused events should focus on the potential candidates' knowledge and work ethic rather than women in “school girl outfits on Ferris wheels to attract the top security recruits,” she said.
Women interested in the cybersecurity field or those already employed at large U.S. tech companies may want to call on corporate leaders to increase the number of internal and external cybersecurity training initiatives.
According to non-profit advocacy group Women's Society of Cyberjutsu, women make up only 11 percent of the cybersecurity workforce. The U.S. government does a somewhat better job of attracting women cybersecurity candidates. According to Office of Personnel Management data, women make up approximately 25 percent of the federal cybersecurity workforce.
Companies should have outreach programs that bring in qualified female candidates to learn about the industry from “generational voices,” Dennedy said.
Cohen said that time isn't running out for women to obtain board level cybersecurity position. “There's definitely time for women to develop and advance their privacy and data security skills, but we need to take advantage of those opportunities,” she said.
Although gender diversity should be a goal for any company, “filling up the company with a bucket of ladies” isn't going to cure the gender diversity problem, Dennedy said. Diverse voices and viewpoints from all corners of the company will help any cybersecurity team thrive, she said.
Cohen said that companies may attract more female cybersecurity candidates by offering more robust workplace flexibility programs.
Workplace flexibility “is incredibly important to many women” cybersecurity candidates, Cohen said. Companies that tend to “demand office time” instead of allowing work from home arrangements will miss out on female candidates that may be of great value to the organization, she said.
According to a 2015 Frost & Sullivan report, women in the cybersecurity profession are more likely to bargain for flexible work schedules—over 70 percent of female respondents—rather than more monetary compensation.
Although there is “nothing inherently wrong” with employee policies that don't allow work-from-home arrangements, “it's foolish to lose or miss out on amazing employees and candidates simply for being inflexible,” Cohen said.
At the end of the day, workplace “flexibility shouldn't inhibit advancement” for women in cybersecurity, she said.
To contact the reporter on this story: Daniel R. Stoller in Washington at firstname.lastname@example.org
To contact the editor responsible for this story: Donald G. Aplin at email@example.com
Copyright © 2016 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)