Every year, International Women’s Day highlights the importance of ensuring gender equality in all industries and disciplines. This day inspires us to do more to celebrate the contributions of women across sectors, acknowledge the unique challenges they still must overcome and, most importantly, take action to address gender imbalances that persist throughout our societies today.
On this important day, the Cybersecurity Tech Accord celebrates women in cybersecurity and launches the campaign “#MyCybHerStory.” Throughout March, some of our signatory representatives will tell their stories about finding and thriving in a career in cybersecurity. These inspiring women will share their perspectives on what makes these careers fulfilling, sending a clear message to women and girls everywhere that might embark on this professional journey: cybersecurity needs your talent, representing all dimensions of diversity, now.
Cybersecurity is a field in constant evolution that needs a diverse workforce, but data shows that the sector is currently affected by a major talent gap that is especially pronounced when it comes to gender. The data indicates increasing demand for cybersecurity professionals generally; in 2021, there were 2.72 million unfilled positions in cybersecurity worldwide. In addition, last year, researchers estimated that by the end of 2021, women would hold only 25 percent of cybersecurity jobs globally. We can see that progress is achievable through the number of women holding cybersecurity positions in 2021, which is nearly double what it was in 2013, though the overall number remains low.
“Ensuring diversity of backgrounds and experiences of cybersecurity professionals is vital in a world where threat actors are extremely skilled and evolve every day. No one perspective is sufficient to provide answers to today’s cybersecurity challenges,” said the Women4Cyber Foundation in partnership with the Cybersecurity Tech Accord. “Moreover, when gender is a factor in narrowing the pool of people pursuing cybersecurity careers, we exacerbate the already problematic shortage of cybersecurity skills.”
Diverse perspectives are also crucial to international political discussions on cybersecurity, namely the United Nations (UN) dialogues on responsible state behavior in cyberspace. Problems related to digital peace and security are extremely complex, requiring a multitude of voices around the negotiating table with expertise on issues from technical to geopolitical. Cyber threats also have gender-specific impacts that need to be taken into account. As reported by United Nations Institute for Disarmament Research (UNIDIR), “the accessibility and unattributable nature of cyberspace has exposed women to a disproportionate amount of stalking and online harassment, as well as to targeted disinformation campaigns to dissuade their political participation.” However, women remain underrepresented in multilateral cybersecurity negotiations, comprising, on average, a third of the delegates accredited to the UN First Committee, dealing with disarmament and threats to peace, including in cyberspace.
Clearly, we need to do more to promote cybersecurity careers among women at every level and ensure that the sector becomes more inclusive with representatives that mirror the rich dimensions of diversity reflected worldwide.
On this important day, we stress the importance of and our commitment to supporting the following best practices:
- Make cybersecurity a rewarding and welcoming career for everyone by considering different backgrounds, experiences, and perspectives in designing and filling cybersecurity roles at all levels, including leadership. Further, ensuring all facets of the hiring process are inclusive is key. This includes recruiting from fields outside the traditional science, technology, engineering and mathematics (STEM) fields as potential fruitful sources of cybersecurity candidates and ensuring that women are involved in the hiring process for all open positions. Providing flexible working arrangements and enforcing a zero-tolerance policy for gender and other types of discrimination can foster a healthy internal environment and promote career growth once a candidate is hired.
- Clearly communicate the skills needed in cybersecurity careers. This will dispel myths about this path only requiring highly technical competencies. Critical thinking, problem-solving, attention to detail and multitasking are other skills in great demand in this field.
- Refocus your internal culture and language on more inclusive terms, as research shows that the militaristic/gendered culture and terminology often found in the cybersecurity field can alienate women looking to join. Taking steps to refocus the culture and make the environment more welcoming and inclusive will go a long way to ensure a diverse and productive workforce.
- Ensure young girls’ exposure to advice and information about the cybersecurity industry. Research finds that young women decide on their future careers when they are, on average, fifteen years old. To this end, we must support outreach in schools focused on cybersecurity for young women, children and teens. Such an approach will require efforts from both the public and the private sector. Ensuring school programs include information sessions on a greater variety of careers and ensuring the industry as a whole is more visible during these early touchpoints will go a long way.
- Create more opportunities for women to get acquainted with the cybersecurity field by organizing regular networking activities, “open door” events, informal meetups, and other engagement formats as appropriate, either virtual or in person. This would give women interested in cybersecurity the chance to meet other women in the field, ask specific questions, receive unmediated guidance and advice about breaking into the industry, and make valuable connections.
- Track data on diversity and inclusion in these careers, both at the company level and by relevant government departments and agencies, to understand whether efforts to make these careers more inclusive are delivering results and assess what more needs to be done to achieve this objective.
- Fund the talent pipeline by establishing scholarships and continuing education programs, with a particular focus on women professionals, tied to current or future employment to get and retain female talent in the field.
Many of our signatories have launched initiatives to ensure greater promotion of cybersecurity careers with women professionals, some of which include:
- The “Women Tech Quest” event by 10Pearls is an online tech competition for women across Pakistan and globally. It was launched in 2017 to inspire women to excel in the tech field.
- Avast has been working with organizations like Czechitas, AjtvIT and Code First Girls by assisting in training young girls and women interested in pursuing a career in IT and cybersecurity.
- Atos’ annual conference called “Women in Atos” highlights the importance of diversity within the tech field. Cybersecurity was the main discussion topic during their 2021 event.
- Capgemini’s global grogram called “Women@Capgemini” focuses on recruiting, retaining, and developing talented women, with a dedicated network for women in cybersecurity.
- Synack developed an initiative titled “Courageous Women in Cybersecurity” designed to “ring female security leaders and executives together to empower and enable each other in having a bigger impact in their companies and industry.”
- Telefónica’s #LadyHacker (#MujeresHacker) campaign is designed to highlight the role of women in the technology sector and raise awareness among young girls about their ability to study STEM subjects and to pursue careers in these areas.
We hope that our #MyCybHerStory campaign and our signatories’ initiatives and success stories will inspire women to embark on cybersecurity careers and encourage other companies to join in this effort to make the cybersecurity field more inclusive moving forward.