Get Started
When the technology that’s all around just works, the world works.

Q&A | July 11, 2022

Cybersecurity needs women

Training and development advocate Lisa Kearney on closing a critical talent gap.

Roughly 600,000 cybersecurity jobs remain unfilled today, according to the U.S. Bureau of Labor Statistics. Yet as Lisa Kearney, founder of the training organization Women CyberSecurity Society (WCS2) points out, women still account for just 11% of the cyber workforce. Companies looking to close that gap should be focusing their recruitment efforts on talented women, she says.

In a recent interview for Workflow, Kearney discussed what she’s learned from four years on the job (in addition to two decades in the industry), and what it will take to attract and keep more women in the field. The following has been edited for length and clarity.

 Workflow Guide

Cyberthreat control & management

Read guide

It’s mixed. On the one hand, there’s a lot more awareness of the issue now. When I started WCS2, there were no women in cybersecurity organizations talking about barriers for women. Today there’s a plethora of organizations and support groups for women in the field. So, we started a real movement.

On the other hand, the data is disappointing. Globally, or even just here in North America, women still make up only 11% of the cyber workforce. But some reports say representation has doubled or tripled. Those numbers are inaccurate because the reports include women who work in positions like product management or human resources. The true cyber workforce is where people are working directly to protect system data. This is an important distinction because it’s in the cybersecurity workforce where the bias and barriers exist, and where women still only hold 11% of positions. Unfortunately, there are still people—even women!—using inaccurate data to show that we no longer need to bring more women into cybersecurity.

More advancement of women into leadership positions—right now there’s maybe one woman for every 100 leadership roles. We need more representation, more seats at the table, and the ability to retain women when they get there.

Organizations also have to stop thinking of diversity as a checkbox. They need to understand the benefits that diversity brings. Research has shown that diversity increases employer profits, creates new innovation, and improves employee satisfaction and retention.

Training and education of women is also critical. That’s why we have a mentorship program, and we’re even doing something different this year: focusing on the online safety of women and girls.

11%

Percentage of cyber workforce comprised of women

We’re working with our partners to help women can protect themselves online through settings and controls that minimize the level of violence and hate that they receive when interacting online.

There’s our scholarship program, where we paid the full cost for 20 women to take Security+ training, which is recognized globally. We had mentors for the women all the way through, and they had access to learning platforms. Several who obtained their Security+ certification have gotten job promotions, new jobs, salary increases, or a new job title. Some are also renegotiating their salaries as a result of their certification.

We also have our FAST (Females Advancing in Security and Technology) Awards, for women in the early stages of their careers. One finalist started a WCS2 chapter in Gambia. Research has shown that in Canada, 50% of women drop out of IT careers in the first four years. We want to boost their confidence by recognizing their achievements, so they’ll continue in the industry.

If you’re sitting around a boardroom table with 10 men and ask them a question, you’re likely going to get similar answers. Women have different perspectives, which are so valuable, just as diversity is.

You improve the security of an organization when you have diverse mindsets. With new ways of thinking from women, you can add tremendous value to an organization, not to mention the cybersecurity industry as a whole.

Trending articles

Related

 Facilitate Collaboration Between IT Operations Management and Security Operations with AIOps

Get eBook

Related articles

Securing the digital value chain
ARTICLE
Securing the digital value chain

Training and development advocate Lisa Kearney on closing a critical talent gap.

Understanding your organization’s security posture
ARTICLE
Understanding your organization’s security posture

How the enterprise can mitigate exposure and risk

Securing hospitals against cyberattack
ARTICLE
Securing hospitals against cyberattack

The healthcare industry is a soft target for nation-state and terrorist hacking groups. Waiting for the next attack is not the answer.

The future of security is automated
COLUMN
The future of security is automated

There aren’t enough security analysts in the universe to manage a rising tide of threats. Automation can help.