Enterprise is facing a major worldwide challenge that involves a lack of people qualified to staff positions in the information security field. Specifically, women are underrepresented amongst the ranks of those professionals in the field of information security. There simply are not enough people trained, experienced, and ready to handle the workload facing companies today.
According to Mark Weatherford, the US Department of Homeland Security's (DoHS) former Deputy Undersecretary for Cybersecurity who resigned in 2013, the lack of qualified cyber security professionals requires immediate attention [1]. In staffing open positions, organizations must look beyond the applicant pool of those with collegiate qualifications.
This problem could be better managed if the incredible gender disparity that exists in the IT field were bridged.
A Serious Lack of Women in IT Security
Even with all of the advances women have made in business all the way up to CEOs, there's still a major lack of women in computer sciences. Over a 10-year period from 1990 to 2010, the number has gone from 30 percent down to 18 percent with only 11 percent working as information security professionals [2].
Although women hold almost half of the jobs in America, fewer than 25% of technology, mathematics, science, and engineering jobs are held by women. These startling numbers were reported in 2011 by the U.S. Department of Commerce.
Some of the reasons include lack of awareness, the cultural opinion that women aren't good at math, and the belief held by women that the profession is not welcoming to women.
Qualified women could help to reduce the 30,000 unfilled positions and contribute their talents to the profession. There's no question that diversity helps to enhance creativity. Research data from the Center of Talent Innovation shows that companies with diverse employees are 45 percent more likely to enjoy increased market share, and 70 percent more likely to experience new markets.
Addressing the Issues & Education
The future is now and there is a call to action for women in information security. Even the 2014 RSA Conference in late February, which was held in San Francisco, addressed the lack of female professionals in the information security sector with a session entitled “Right Skills, Right Time, Right Industry: Women in Security” [3].
Fortunately, this April, IBM, Microsoft, Google, Facebook, Lockheed Martin, and other organizations will be casting a brighter light on the issues by sponsoring the first National Women in Cybersecurity Conference to be held at the Marriott in Nashville, TN on April 11-12.
The conference is directed toward bringing women from faculty, students, professionals, and researchers together for mentoring, networking, and the sharing of experiences. Individuals or any enterprise interested in supporting women's retention and recruiting efforts are encouraged to attend.
Balancing the numbers between men and women in the cybersecurity industry is going to take time but by raising this concern in the proper venues not only will the stigma fade, but critical roles will also be filled that desperately need to be staffed.
References
[2] https://www.csoonline.com/article/2134505/info-sec-industry-still-struggles-to-attract-women.html
Since 1999, Jacqueline has written for corporate communications, MarCom agencies, higher education, and worked within the pharmacy, steel and retail industries. Since joining the tech industry, she has found her "home".
