SecurityBrief Asia logo
Asia's leading source of cybersecurity and cyber-attack news
Story image

Where to from here? Women in cybersecurity speak up

By Kai Ping Lew
Fri 8 Mar 2019
FYI, this story is more than a year old

For this year’s International Women’s Day, the theme is #BalanceforBetter - focusing on encouraging a more gender-balanced world. 

Lack of representation, the glass ceiling, a gender pay gap and toxic attitudes in the workplace are just a few of the challenges faced by women working in technology today.

International Women’s Day is an opportunity to reflect on how far the industry has come in treating women more equally, but also to rally together and put measures in place to improve the situation for future generations on the cusp of entering the workforce.

Here are what women working in cybersecurity have to say: 

Ping Identity A/NZ marketing manager Vivienne Horsfall

Attracting women into IT starts from the grassroots.

Changing the perception of STEM programs in school is paramount.

Programs must be inspirational, relevant and capture the imagination while evoking an intrinsic 'coolness'.

Providing influential female role models and mentors is extremely powerful as girls can project their future self.

Getting excited about the application of STEM in the real world is an important element to capture their imagination.

These experiences must be relevant to the different development stages to have greater appeal. For example, the younger girls tend to want to have fun so an excursion to a theme park working alongside engineers to understand the design and technology of building a roller coaster is appealing.

As they mature there tends to be increased consciousness of the world around them so investigating technologies that are saving the world - cleaning water supplies and our oceans becomes more relevant and finally playing with the technologies that are changing our lives such as robotics & AI.

The workplace itself is changing and as more companies embrace and honour their mantra and truly understand the benefits of a diverse workforce, women will feel valued and the domino effect will prevail.

Aura Information Security virtual security consultant Petra Smith

The cybersecurity skills shortage is approaching three million people globally but less than 20% of the current workforce in the industry are women.  

This comes at a time when analysis from AustCyber suggests that a shortage in Australia’s cybersecurity workforce may be costing the country more than $400 million in lost revenue and salaries and predicting that we may need 17,600 more cybersecurity workers by 2026.

Diverse teams are better at solving problems and in an industry that's all about solving complex problems, the lack of diversity another business risk.

So how do we solve the problem of gender inequality in technology?  

Representation matters.

Women and gender minorities need to see people like them succeeding.

It isn't enough to interest young women to enter the industry.  

We also need to break down the barriers that keep women from advancing and becoming tomorrow's role models.   

LogRhythm Asia Pacific and Japan senior regional marketing director Joanne Wong

While we’ve made good progress in improving gender equity in the workplace, there's still a long way ahead towards achieving greater gender diversity in our technology talent pool.

To help strike the balance, we will need to rally both organisations and individuals.

From an organisational level, companies will have to set the stage to help women acquire tech-related skills.

These organisations can pave the way for women to either shift their careers or develop a hybrid skillset, marrying their current skills with technology.  

For example, a finance manager can learn analytics which may be relevant for fintech companies.

On the individual level, it is important for women to adopt a mindset of lifelong learning and constantly upskill to stay relevant.

In a fast-moving environment where organisations are going digital, cybersecurity know-how is becoming an increasingly vital skill set for any employee.

Women who are willing to learn this skill will be able to get an edge over the others and in fact, play a significant role to help the company grow.

Gender fairness at the workplace is a big ambition but definitely one that is achievable.

As a cybersecurity professional, I believe technology will be the heart of some of the biggest changes in the next decade.

Artificial Intelligence will be a huge enabler but we will still need irreplaceable abilities such as human instinct and experience to help us discern false positives from true cyber incidents. Women will be able to harness their 'women's intuition' by giving a different perspective based on their life experiences and wisdom.

It is those who are able to leverage both technology and personal skill sets that will truly stand out from the crowd.

ExtraHop security product marketing senior director Barbara Kay

The need for both male and female cybersecurity professionals creates a great, reasonably level playing field.

Today’s youth are growing up surrounded and buffeted by security and privacy concerns.

Using tools like Khan Academy and, anyone can get more comfortable with the technical components and then layer on understanding of the security concepts.

Gaining a certification in security is also a way to establish credibility - and frankly this space is starved for people.

Bring your curiosity and you will find more environments using tools and automation to facilitate effective workflows and an environment that enhances skill development on the job.

When it comes to cybersecurity, learning never stops for both men and women.

CQR Consulting senior security specialist Shannon Campbell

Born in the 60s the term “Information technology” applied to the amazing ability to store and index data in place.

The focus switched to the evolving IT space where coding created capability and then hackers broke the code.  

Today, this coding and the hacking focus and stigma of sitting behind a desk staring at a computer all day is what girls believe “being in IT” is all about.

My version of IT is much wider, sexier and much more involved than coding and hacking.

The ‘IT’ space has evolved rapidly.  

 We have the world at our fingertips, we are interconnected and it is an essential enabler of business. Do we need to change the name of IT to something more representative of today to inspire?

By changing the name, can we reach a whole new generation of girls and young women who want to be communicators, problem solvers and global entrepreneurs in an integrated corporate environment?  

Can we help companies build empires, market goods all over the world, secure secrets, create effective and efficient human processes to support this critical enabler?  

This new world view must be mentored in the workplace and marketed by women to schools and universities to capture the interest of the next generation and leave them with powerful images of the possible.

Real life stories from real women in ‘IT’ will really help in explaining what was the outcome that was achieved by my contribution.  

One day I can be reviewing a corporate network to assist executives with a holistic view of people, process and systems to support decision making, smart investments and company growth, the next day assessing the complex business and information communication requirements of a fully integrated jet using satellite communications, airport ground systems, people and process or helping deliver a secure and manageable data store assist in the management and safety of women in hiding from abusive partners.

This approach could shape the education pathway where Information communication technology skills are seen in multiple streams (not just seen as STEM),  align with business and personal goals and enable girls and young women to visualise outcomes much bigger than coding and hacking.

The success of the integrated corporate environment requires a holistic approach to business (including computers, risk, security, people).  

You can be a master of one or generalist.

It’s not just ‘IT’, it’s not just for coders and hackers.

There a real skills shortage in information communication technology corporate integration experts.

It’s about business goals, communication, risk, security and money at all levels of business.

SolarWinds head geek Destiny Bertucci

International Women’s Day is here, and it’s great to see that year after year, it’s growing in recognition and importance.

In my work, I’m already fortunate to be surrounded by women.

And the good news is that—looking at the wider industry—I can see change is afoot, particularly in encouraging the next generation of female leaders in cybersecurity.

Because I’m so passionate about cybersecurity, and because I’m a mother myself, I feel that STEM programs can help many girls get started in IT.

Just a few weeks ago in Sydney, the Australian Computing Academy (ACA) announced the launch of the Schools Cyber Security Challenges as part of the curriculum for Australian high school students. Initiatives like these will ignite a passion in young children—especially girls—to work in IT and phase out any question of gender equality in the future.

Ultimately, working in IT comes down to a passion for problem-solving, day in and day out. Cybersecurity needs people who love to read and find answers; developers to help create new ways to block threats and help protect data in every sector; and, of course, a dose of charisma and good relationship-building skills go a long way, particularly when driving security policies within an organisation.

International Women’s Day is not only a great reminder for people to take practical steps to address the ongoing gender imbalance we face in certain industries and countries, but also that women can break glass ceilings and soar in any capacity.

Related stories
Top stories
Story image
Ransomware hits 65% of organisations in Singapore
Next-generation cybersecurity firm Sophos has released its annual survey and review of real-world ransomware experiences in the State of Ransomware 2022.
Story image
ChildFund launches new campaign to protect children online
ChildFund says WEB Safe & Wise aims to protect children from sexual exploitation and abuse online while also empowering them to become digitally savvy. 
Story image
Customer experience
Gartner recognises Okta for abilities in Access Management
Okta has announced it has been recognised as a Customers' Choice for the fourth time in a row in the Gartner Peer Insights "Voice of the Customer" report.
Story image
Data Protection
Barracuda launches new capabilities for API Protection
"Every business needs this type of critical protection against API vulnerabilities and automated bot attacks," Barracuda says.
Story image
New vulnerabilities found in Nuspire’s Q1 2022 Threat Report
“Threat actors are quickly adjusting their tactics and these exploits tend to get industry attention, but the threat posed by older and attacks still persists."
Story image
Nozomi Networks
Nozomi Networks, Siemens reveal software integration
Nozomi Networks and Siemens have extended their partnership by embedding Nozomi Networks’ software into the Siemens Scalance LPE local processing engine.
Story image
Cloud Security
Aqua Security createa unified scanner for cloud native security
“By integrating more cloud native scanning targets into Trivy, such as Kubernetes, we are simplifying cloud native security."
Story image
A third of companies paying ransom don’t recover data - report
Veeam's report finds 76% of businesses who are victims of cyberattacks paid the ransom to recover data, but a third were still unable to get their information back.
Story image
HackerOne launches Attack Resistance Management solution
HackerOne has launched Attack Resistance Management - a new category of security solution that targets the root causes of the attack resistance gap. 
Story image
BeyondTrust integrates Password Safe solution with SailPoint
BeyondTrust has announced the integration of BeyondTrust Password Safe with SailPoint identity security offerings.
Story image
Supply chain
Jetstack promotes better security with supply chain toolkit
The web-based resource is designed to help organisations evaluate and plan the crucial steps they need to establish effective software supply chain security.
Story image
Qualys updates Cloud Platform solution with rapid remediation
The new update is designed to enable organisations to fix asset misconfigurations, patch OS and third-party applications, and deploy custom software.
Story image
The 'A-B-C' of effective application security
Software applications have been a key tool for businesses for decades, but the way they are designed and operated has changed during the past few years.
Story image
Artificial Intelligence
AI-based email security platform Abnormal Security valued at $4B
"A new breed of cybersecurity solutions that leverage AI is required to change the game and stop the rising threat of sophisticated and targeted email attacks."
Story image
Companies rushing to secure print infrastructure
As the pandemic prioritised communication channels and the shift to remote work, IT departments fell behind in updating the security of print and IT infrastructure.
Story image
Cybersecurity starts with education
In 2021, 80% of Australian organisations responding to the Sophos State of Ransomware study reported being hit by ransomware. 
Find out how you and your business can prevent being caught out by everything from ransomware to cryptojacking.
Link image
Story image
Sift shares crucial advice for preventing serious ATO breaches
Are you or your business struggling with Account Takeover Fraud (ATO)? One of the latest ebooks from Sift can provide readers with the tools and expertise to help launch them into the new era of account security.
Story image
Appian awarded billions in damages against Pegasystems Inc.
Appian has been awarded USD$2.036 billion in damages against Pegasystems Inc as the result of a jury verdict in the Circuit Court for Fairfax County, Virginia.
Story image
Rubrik Security Cloud marks 'next frontier' in cybersecurity
"The next frontier in cybersecurity pairs the investments in infrastructure security with data security giving companies security from the point of data."
Story image
Artificial Intelligence
ForgeRock releases Autonomous Access solution powered by AI
ForgeRock has officially introduced ForgeRock Autonomous Access, a new solution that uses AI to prevent identity-based cyber attacks and fraud.
Story image
Google reveals new safety and security measures for users
Google's new measures include automatic two step verification, virtual cards and making it easier to remove contact information on Google Search results.
Story image
Video: 10 Minute IT Jams - An update from IronNet
Michael Ehrlich joins us today to discuss the history of IronNet and the crucial role the company plays in the cyber defence space.
Story image
Digital Transformation
How to modernise legacy apps without compromising security
At a time when digital transformation has become central to business, even the most important applications come with a ‘use-by’ date.
Story image
Remote Working
How zero trust and SD-WANs can support productive remote working
The way people connect with applications and data has changed, users are remotely accessing resources that could be stored anywhere from a corporate data center to the cloud.
Story image
Noname Security partners with Netpoleon to target API issues
Specialist API security firm Noname Security has appointed Netpoleon as its distributor in Australia and New Zealand.
Story image
Use of malware, botnets and exploits expands in Q1 2022
"As zero-day attacks and other vulnerabilities among companies like Google and Microsoft come to light, threat actors are quickly adjusting their tactics."
Story image
Zerto unveils updates to ransomware recovery capabilities
"Organisations face increased risks from the volume and sophistication of ransomware attacks prevalent today."
Story image
Managed service providers: effective scoping to avoid costly vendor pitfalls
Managed security services are outsourced services focusing on the security and resilience of business networks.
Story image
Application Security
What are the DDoS attack trend predictions for 2022?
Mitigation and recovery are vital to ensuring brand reputation remains solid in the face of a Distributed Denial of Service (DDoS) attack and that business growth and innovation can continue.
Story image
Digital Transformation
Physical security systems guide the hybrid workplace to new heights
Organisations are reviewing how data gathered from their physical security systems can optimise, protect and enhance their business operations in unique ways.
Story image
Hard numbers: Why ambiguity in cybersecurity no longer adds up
As cybersecurity costs and risks continue to escalate, CEOs continue to struggle with what their investment in cyber protection buys. Getting rid of ambiguity becomes necessary.
Story image
Tech job moves
Tech job moves - Datacom, Micro Focus, SnapLogic and VMware
We round up all job appointments from May 6-12, 2022, in one place to keep you updated with the latest from across the tech industries.
Story image
Ivanti and Lookout bring zero trust security to hybrid work
Ivanti and Lookout have joined forces to help organisations accelerate cloud adoption and mature their zero trust security posture in the everywhere workplace.
Story image
Workato unveils enhancements to enterprise automation platform
"The extra layer of protection with EKM, zero-logging, and hourly key rotation gives customers a lot more visibility and control over more sensitive data."
Story image
SpaceDC partners with Aofei for data center sales in Asia
SpaceDC has partnered with Aofei Data International to sell Aofei's data centers, CDN and SDN in China.
Story image
A10 Networks finds over 15 million DDoS weapons in 2021
A10 Networks notes that in the 2H 2021 reporting period, its security research team tracked more than 15.4 million Distributed Denial-of-Service (DDoS) weapons.
Story image
Amazon Web Services / AWS
RedShield leverages AWS to scale cybersecurity services
"Working with AWS gives RedShield the ability to mitigate significant application layer DDoS attacks, helping leaders adopt best practices and security architectures."
Story image
Absolute Software expands Secure Access product offering
Absolute Software is enhancing its Secure Access product portfolio, enabling minimised risk exposure and optimised user experiences in the hybrid working environment.
Story image
ThoughtLab reveals 10 best practices for cybersecurity in 2022
The benchmarking study reveals best practices that can reduce the probability of a material breach and the time it takes to find and respond to those that happen.
Story image
Fortinet training edges toward closing cybersecurity gap
The Fortinet Training Institute has made significant progress in closing the cybersecurity skills gap, on track to train one million people by 2026.
Story image
KnowBe4 celebrates reaching 50,000 customers worldwide
KnowBe4 has reached the milestone of 50,000 customers, adding nearly 2,500 in the first quarter of 2022 alone.
Story image
Data backup plans inadequate, data still at risk - study
The Apricorn 2022 Global IT Security Survey revealed that while the majority organisations have data backup plans in place, data for many are at risk.
Story image
Anniversaries remind us to review identity risks
World Password Day provides a timely reminder for ordinary citizens and organisations to stop and think about the risks associated with digital identities.