This month is Women’s History Month and today is International Women’s Day—a time to reflect as individuals, societies, and industries on our progress for quality and equity for women.
As a woman working in cybersecurity, I know firsthand that engaging girls, women, and people of color in cybersecurity as early as possible is critical to the growth and impact of our industry.
Security threats are increasingly complex, frequent, and impactful; they come from outside and inside the organization and everyone is vulnerable. The landscape requires a workforce of security professionals who bring diverse expertise, backgrounds, and skills to these cybersecurity challenges. And we know there is a huge opportunity with estimates of one million unfilled cybersecurity roles.
Yet, in 2021, women represented about 25 percent of the global cybersecurity workforce—only one-fourth!1 We can and should do more to encourage more people with diverse perspectives to enter the profession. As we reflect this month, it’s a great time to think about how we can bring more women into cybersecurity and why it’s mission-critical we do so. I promise it’s a great industry to work in!
Encouraging and nurturing the careers of women in cybersecurity is important for a number of reasons:
- Our cyber adversaries come from diverse backgrounds, which means that our defender community must be equally diverse in order to understand and succeed against them.
- We are facing a massive talent shortage in cybersecurity of more than 2.5 million job openings. This is putting a strain on security teams and organizations of every size. We can vastly decrease the deficit by deliberately expanding our hiring and mentorship of underrepresented groups who can bring so much to the table.
- Innovation is everything! And what’s more conducive to innovation than bringing together new perspectives, ideas, and experiences to solve today’s challenges? Cybersecurity depends on it because cybercrime tactics keep evolving. In fact, an MIT Technology Review article referred to cybersecurity versus cybercrime as “an innovation war.”2
- Studies show that diversity of thought and leadership is just good for business. A study from Cloverpop showed that gender-diverse teams make better business decisions 73 percent of the time.3
With all these compelling reasons to promote diversity, why is there such a shortage of women in cybersecurity?
What people believe about women in cybersecurity
To learn more, Microsoft Security commissioned a survey to find out what is contributing to the skills shortage gap. Our main goals were to identify the dynamics fueling the gender gap in cybersecurity and to explore strategies for Microsoft to overcome those barriers.
Although most respondents (83 percent) said they believe there is an opportunity for women in cybersecurity, less than half of female respondents (44 percent) believe they’re sufficiently represented in the industry. A lack of representation can then reinforce the gender gap by dissuading women from entering cybersecurity. More women than men (54 percent versus 45 percent) say there is gender bias in the industry that results in unequal pay and support. It’s extremely important to break through biases that limit women’s career options.
Many respondents indicated a bias that cybersecurity isn’t a traditional career choice for women. Several respondents revealed how entrenched such beliefs are: “There are fewer women interested in high tech,” said one. “Women get bored with computers because they are better caregivers,” said another.
Some women expressed these biases themselves. The survey indicated women are more likely than men (71 percent versus 61 percent) to think that cybersecurity is “too complex” of a career. Men are more likely than women (21 percent versus 10 percent) to feel qualified to apply for a cybersecurity job posting. And more women than men (27 percent versus 21 percent) believe men are seen as a better fit for technology fields.
That breaks my heart.
Many believe gender bias starts early. More than one in four (28 percent) believe that parents are more likely to steer their sons to technology and cybersecurity fields than their daughters. The women surveyed are more likely than men (31 percent versus 26 percent) to believe this. Another possible contributor is that women typically have fewer cybersecurity role models—parents, mentors, or peers—who could spark their interest in the profession.
Click here to read the full article on Microsoft.