Before beginning my career in cybersecurity recruitment, I worked in the female-dominant industry of travel public relations. I was largely oblivious to the challenges of being a female in the workplace because I was surrounded by other strong businesswomen on a day-to-day basis. As a result, it came as quite the shock when entering the male-centric world of cybersecurity. I was surprised by just how little women trusted themselves when it came to applying for high-level managerial positions, and how few females there were in this space.
It’s become a running theme when attending cyber networking events that for every 20 men I see, there will be one woman. While so many clients I work with accentuate the fact they require more females in their workplace, they tend to only see it from a gender diversity “tick a box” standpoint and are often frustrated or confused as to why they need more women in their team.
In Forbes’ article on the shortage of women in cybersecurity, Priscilla Moriuchi, Director of Strategic Threat Development at Recorded Future, said, “We need people with disparate backgrounds because the people we are pursuing, (threat actors, hackers, 'bad guys') also have a wide variety of backgrounds and experiences. The wider variety of people and experience we have defending our networks, the better our chances of success.”
While I believe this is true, I’d also like more attention paid to the value being added by women in the security space. Some of the work done by women in cyber recently was driven into the spotlight by Forbes’ US list of the 50 Top Women in Technology.
This list includes Manal Al-Sharif, who resides in Sydney, and is well-known for being the first Saudi woman to specialize in information security. She is also the Founder of Women 2 Hack Academy, Australia's first social enterprise dedicated to discovering women leaders and nurturing them to pursue a career in cybersecurity. She’s breaking down barriers and really proving what females are capable of achieving in this space.
New research from Cybersecurity Ventures found that women now represent 20 percent of the global cybersecurity workforce. While this is up from 11 percent in 2013, there’s still so much work that needs to be done.
Often, when I meet with female candidates, they’re completely unaware of their value in the market and just how much their skillset is worth. They undersell themselves both in terms of seniority and salary. There needs to be better recruitment strategies around attracting and influencing more females to get into, or progress, within cybersecurity.
It’s encouraging that we’re seeing more and more female cybersecurity graduates coming through now – the level of job applications I’m receiving from junior-level females is proof of this. That said, it’s imperative that we continue to aid young women in seeing cybersecurity as a progressive and attractive career path, and also to allow females at mid-senior levels to value their own worth.
In order to do this, recruitment and HR professionals need to be consultative with female candidates about the value of their skillset in the current market. Without giving them this kind of education, along with the confidence to ask for more, their abilities – which are like gold dust in today’s market – will be taken advantage of by employers who will often try to get them at the cheapest price possible.
Similarly, when I meet with exceptional female candidates and they say they lack the skills or experience to apply for a more senior role or managerial position, I do everything in my power to provide them with the confidence to go for it. In a male-centric industry, it can be intimidating to imagine managing peers, which will almost always include managing men.
This is justifiable as there will, unfortunately, always be those who will have a problem with female authority. Even as a young female recruiter, I come across clients in cybersecurity who are initially hesitant to work with me, and sometimes even make it obvious they’d rather work with my male counterparts instead. That is until I deliver them with a good service and prove their initial judgments to be false. If this is the kind of predisposition that even recruiters have to deal with in the security space, then I can understand why female candidates I work with are hesitant to apply for those senior positions. It’s imperative that we challenge the status quo and encourage girl power in this thriving industry.
Editor’s note: For more resources on this topic, visit ISACA’s SheLeadsTech website.