There are currently more than 200,000 unfilled cyber security positions in the United States. And by 2020, the information security field is expected to have a deficit of 1.5 million professionals worldwide.
Yet the cyber security industry doesn’t have to remain anemic. There is a way to boost our numbers and better protect our nation’s public and private institutions.
The solution: We need more women in cyber security.
Women account for 47 percent of the U.S. workforce, yet they make up just 10 percent of information security professionals, according to a new study from ISC2.
With the demand for cyber security professionals increasing, women have the potential to be game-changers in our industry. But how do we reduce the gender gap?
Educate and Empower
Great strides have been made to get more girls involved in science, technology, engineering and mathematics (STEM), but women are still underrepresented in the STEM workforce.
“Women are not avoiding the cyber security field by choice,” says Rebecca Onuskanich, CISSP, director of Midwest Operations at Lunarline, Inc. “We are not educating young girls about cyber security or STEM in general.”
Onuskanich was introduced to the industry when she was assigned a cyber security position as an enlisted airman with the U.S. Air Force. And she’s stuck with it for more than 15 years.
“I chose to stay in this field because I love the challenge! Every day we see a new vulnerability or threat in which we have to be faster and smarter than,” she says. “A day does not go by in which I don’t learn something new.”
As the training director at Lunarline’s School of Cyber Security, Onuskanich trains hundred of people each month on everything from cloud security to risk management and most of her students are men. Yet she believes the industry is one that women are well suited for.
“Women have a keen ability to multi-task and have a tendency to pay more attention to detail, both skills critical to be a successful cyber security professional.” she says.
Cyber security incidents already cost businesses more than $500 billion a year, and that cost will only increase as our world becomes more connected. So the need to get more women in the “game” is urgent. But making the sector more co-ed isn’t just about education – it also requires better opportunities and compensation for women.
Pay inequality is a big part of the problem. The ISC2 study found that 47 percent of men reported annual salaries of at least $120,000, compared to only 41 percent of women. And women working full time in the U.S. are still paid just 79 percent of what men are paid.
Training is another part of the equation. The average age of entry for women in the cyber security field is 30, which means it can be an uphill battle to obtain the professional skills and experience needed to keep pace with our male counterparts. According to the ISC2 study, 71 percent of female respondents felt that training programs are essential to creating a healthy working environment for women.
“The adaptive nature of cyber threats demands a talent management strategy that will broaden the skill sets and knowledge of the information security profession,” said Angela Messer, the executive vice president leading Booz Allen’s predictive intelligence business in the firm’s Strategic Innovation Group. “We must demonstrate to young women thinking about entering the industry the many opportunities that await them and reinforce for those currently working in cyber security that they have bright futures ahead.”
A More Secure Tomorrow
Creating a bright future for women in cyber security is possible. But to make it a reality, we need to continue developing and supporting cyber security programs and initiatives that engage women and girls at every age.
Several organizations are already paving the way, including the National Center of Women & Information Technology, Women’s Society of Cyberjutsu, Women in Cyber Security and the Anita Borg Institute. These groups are raising awareness and providing valuable networking, education and mentoring opportunities that are empowering women to succeed in cyber security. Meanwhile, programs like CyberGirlz, CyberSTEM Camp and TeckTrek are leading the outreach to younger generations of girls.
These organizations are the backbone of the effort to bring more women into our field. And we – the women and men of the cyber security community – need to rally around them to help spread awareness to schools and employers that cyber security is a badass profession. So, to quote the wise words of 702, “where my girls at?”