Skip to main content

Women in Cybersecurity: Where We Are and Where We’re Going

Here’s how to bring gender equality to a thoroughly male-dominated field

IBM President and CEO Ginny Rometty speaking at an awards ceremony in 2018.

This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American


Meg Whitman, Ginni Rometty, Marissa Mayer and Safra Catz are among the few women who have broken the glass ceiling as CEOs of technology companies. However, while women make up half of the global population, we maintain significantly less representation at the C-Suite level in the technology field and particularly poor representation in cybersecurity. The cause of this may surprise you, but the solution doesn’t require too much effort to implement.

In February 2018, Cybersecurity Ventures optimistically predicted that by the end of 2019, women will represent more than 20 percent of the global cybersecurity workforce. We’re now only a few months away from that prediction either coming true or falling flat. Also noteworthy is the fact that the cybersecurity field still yearns for experts to join the workforce, whether they are male or female.

It’s estimated that there will be a shortage of nearly two million cyber positions by the year 2022, and this shortage will increase over time unless radical and rapid change becomes a reality. Just take a look at the roster of any cybersecurity event anywhere in the world, and you will see the clear disparity in representation between males and females.


On supporting science journalism

If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.


FROM GRADE SCHOOL ONWARD

Gender stereotyping from childhood plays a key role in the lack of women in cybersecurity. We must first overcome this challenge at home before overcoming male domination in the cybersecurity workforce.

Invest in STEM. To encourage women to consider cybersecurity as a profession, our education system must offer opportunities for learning at least from middle school, if not through the entire K–12 journey. Federal governments can play a critical role in this journey by creating well-funded and tailored programs in science, technology, engineering and math (STEM) for our future young female population.

Additionally, as a culture, we need to teach and practice that technology—inclusive of cybersecurity—is gender-neutral. Neither cybersecurity nor any line of code has any preference for gender.Participation in and contributions to STEM programs gives young girls a broad glimpse into the bright future, high potential and breadth of cybersecurity, and equally importantly, why this evolving field is so important in our increasingly interconnected lives.

Scholarships and role models. In university, young female students can often be intimidated by the sheer number of male students in a technology-centric curriculum (or specific courses). Check out the statistics of the graduating class of any major university that offers engineering, science and/or technology degrees: the ratios are striking and significantly skewed. Many female students simply feel there is “no chance” for success in such male-dominated curricula and, as such, enroll with reservations because they have been compelled to do so. Consequently, they eventually never participate in the technology workforce or simply quit and enroll in disciplines that are not technology-related.

We can overcome these fears by providing merit-based scholarships, co-op programs, academic incentives and workforce internships targeted to educate, excite and attract young females into technology-centric programs, and even more specifically for cybersecurity. This should become required coursework in the freshman year of any technology-centric university. By bringing women entrepreneurs in cybersecurity as guest speakers, lecturers and adjunct professors from the workforce in addition to recruiting more female professors, we can inspire young women to embark on technology-centric programs and degrees, which will help to prepare them better for the workforce and the lucrative field of cybersecurity..

Give them the experience: hire a female intern! Finally, as proposed above, we need to hire more female interns starting with high school students and especially into the university years to give them an opportunity in cybersecurity, no matter how simple or advanced the internship or co-op.

Of course, hiring must be based not only on merit but also on the curiosity, drive and passion of the individual. During the internship, mentorship by female executives who have “been there, done that” can play a significant role in inspiration, talent recognition and eventual workforce retention. The network externality effect of female teenagers should never be underestimated!

Continuous fostering is needed. Inspiring more women to enter cybersecurity is the first challenge. Next, the ability to excel and break through the glass ceiling, which is real and undeniable in the male-dominated cybersecurity workforce. Here are my thoughts on climbing the corporate ladder no matter how small or large the organization.

LET’S SMASH THE GLASS CEILING TOGETHER

Women have to work twice as hard because of our role and responsibility in life outside of the workforce. I speak from experience as I am the mother of two children who not only look up to me but also depend on me. So how can you or your organization help?

Acknowledge the gap. We have a problem with gender equality in this country. Recognize this gap, and set monthly, quarterly and annual goals to close this gap in whichever manner makes sense to your organization.

Conduct positive discrimination through active recruiting. Simply put, we need to recruit more women. Call it what it is, positive discrimination, to balance out our industry. Look, this is the natural course of correction if you want to get to equality. Yes, I know it is challenging especially since the pipeline is sparse; however, we need to start and keep at it. Engage support organizations that are focused on women in cybersecurity. They exist and are already making headway; for example, see Alta Associates and the EWF

, and talk to any of the women who are involved in any capacity with these organizations to better understand what support groups such as these can do for you.

Mentorship matters. Leverage women leaders and those upcoming in cybersecurity today as role models. Make a concerted effort to promote the trailblazers who are already in your workforce, but don’t forget to train, coach and mentor new entrants who can also eventually reach the pinnacle of leadership and technical prowess.

Make equality a responsibility. Equality is a moral responsibility and has to be a genuine effort by the leaders in your organization. Equality cannot just be an HR or CEO agenda line item. Nor can it be just a numbers game. It has to become a pervasive cultural responsibility that is sourced from our mind and heart. If you are a man or woman, it is your moral responsibility to speak up if you see inequality and to help those just starting out in their career by making a concerted effort to grow your female peers into positions of technical and business leadership that will eventually bring balance and sustainability to your organization. Remember what I said: positive discrimination.

WHERE DO WE GO FROM HERE?

It continues to be a slow process, but our society must change its perception of women at the outset. STEM is gender-neutral and must be made available for everyone. Cybersecurity is also gender-neutral and can be taught from an early age. Leadership in technology and business is equally gender-neutral as well. Let’s nurture opportunities for women early and equally as we do for men today.

At the end of the day, diversity drives creativity. Men and women each bring their own unique skill sets to the workforce and today’s cybersecurity workforce requires a holistic, analytical and diverse skill set. This makes women a key asset to the organization and EQUAL to men.

Yes, as women, we like to say that we are more supportive, analytical, persuasive, have better intuition and are more detailed oriented than men. But for now, let’s start with nurturing the opportunities available and create equality instead of tagging who is better at what because goodness is not gender, race, religion or country of origin. Goodness is goodness and works best when we are whole and working together as one team.

We have made some progress towards gender parity over the last 100 years but are still struggling in economics, education, technology and political systems. We have a long journey ahead of us, perhaps another 100 years! I want to augment my role model, the Notorious RBG. Women will have achieved true equality when men share with them the responsibility of bringing up the next generation and in a 40-year span we have four to five female presidents.

I was fortunate that I was given a chance to work in cybersecurity. We all need to continue to promote females in cybersecurity, and I am 100 percent confident that more women will scale to greater heights if we are simply given the opportunity early on in our lives.

Nahal Shahidzadeh is co-founder and COO at Acceptto. She is also an entrepreneur with broad experience covering financial services and managing private funds. Previously, she worked on microprocessor design and development of the Pentium 4 microprocessor at Intel Corp. with eight issued and pending patents.

More by Nahal Shahidzadeh