SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Where to from here? Women in cybersecurity speak up
Fri, 8th Mar 2019
FYI, this story is more than a year old

For this year's International Women's Day, the theme is #BalanceforBetter - focusing on encouraging a more gender-balanced world.

Lack of representation, the glass ceiling, a gender pay gap and toxic attitudes in the workplace are just a few of the challenges faced by women working in technology today.

International Women's Day is an opportunity to reflect on how far the industry has come in treating women more equally, but also to rally together and put measures in place to improve the situation for future generations on the cusp of entering the workforce.

Here are what women working in cybersecurity have to say:

Ping Identity ANZ marketing manager Vivienne Horsfall

Attracting women into IT starts from the grassroots.

Changing the perception of STEM programs in school is paramount.

Programs must be inspirational, relevant and capture the imagination while evoking an intrinsic 'coolness'.

Providing influential female role models and mentors is extremely powerful as girls can project their future self.

Getting excited about the application of STEM in the real world is an important element to capture their imagination.

These experiences must be relevant to the different development stages to have greater appeal. For example, the younger girls tend to want to have fun so an excursion to a theme park working alongside engineers to understand the design and technology of building a roller coaster is appealing.

As they mature there tends to be increased consciousness of the world around them so investigating technologies that are saving the world - cleaning water supplies and our oceans becomes more relevant and finally playing with the technologies that are changing our lives such as robotics - AI.

The workplace itself is changing and as more companies embrace and honour their mantra and truly understand the benefits of a diverse workforce, women will feel valued and the domino effect will prevail.

Aura Information Security virtual security consultant Petra Smith

The cybersecurity skills shortage is approaching three million people globally but less than 20% of the current workforce in the industry are women.

This comes at a time when analysis from AustCyber suggests that a shortage in Australia's cybersecurity workforce may be costing the country more than $400 million in lost revenue and salaries and predicting that we may need 17,600 more cybersecurity workers by 2026.

Diverse teams are better at solving problems and in an industry that's all about solving complex problems, the lack of diversity another business risk.

So how do we solve the problem of gender inequality in technology?

Representation matters.

Women and gender minorities need to see people like them succeeding.

It isn't enough to interest young women to enter the industry.

We also need to break down the barriers that keep women from advancing and becoming tomorrow's role models.  

LogRhythm Asia Pacific and Japan senior regional marketing director Joanne Wong

While we've made good progress in improving gender equity in the workplace, there's still a long way ahead towards achieving greater gender diversity in our technology talent pool.

To help strike the balance, we will need to rally both organisations and individuals.

From an organisational level, companies will have to set the stage to help women acquire tech-related skills.

These organisations can pave the way for women to either shift their careers or develop a hybrid skillset, marrying their current skills with technology.

For example, a finance manager can learn analytics which may be relevant for fintech companies.

On the individual level, it is important for women to adopt a mindset of lifelong learning and constantly upskill to stay relevant.

In a fast-moving environment where organisations are going digital, cybersecurity know-how is becoming an increasingly vital skill set for any employee.

Women who are willing to learn this skill will be able to get an edge over the others and in fact, play a significant role to help the company grow.

Gender fairness at the workplace is a big ambition but definitely one that is achievable.

As a cybersecurity professional, I believe technology will be the heart of some of the biggest changes in the next decade.

Artificial Intelligence will be a huge enabler but we will still need irreplaceable abilities such as human instinct and experience to help us discern false positives from true cyber incidents. Women will be able to harness their 'women's intuition' by giving a different perspective based on their life experiences and wisdom.

It is those who are able to leverage both technology and personal skill sets that will truly stand out from the crowd.

ExtraHop security product marketing senior director Barbara Kay

The need for both male and female cybersecurity professionals creates a great, reasonably level playing field.

Today's youth are growing up surrounded and buffeted by security and privacy concerns.

Using tools like Khan Academy and, anyone can get more comfortable with the technical components and then layer on understanding of the security concepts.

Gaining a certification in security is also a way to establish credibility - and frankly this space is starved for people.

Bring your curiosity and you will find more environments using tools and automation to facilitate effective workflows and an environment that enhances skill development on the job.

When it comes to cybersecurity, learning never stops for both men and women.

CQR Consulting senior security specialist Shannon Campbell

Born in the 60s the term “Information technology” applied to the amazing ability to store and index data in place.

The focus switched to the evolving IT space where coding created capability and then hackers broke the code.

Today, this coding and the hacking focus and stigma of sitting behind a desk staring at a computer all day is what girls believe “being in IT” is all about.

My version of IT is much wider, sexier and much more involved than coding and hacking.

The ‘IT' space has evolved rapidly.

 We have the world at our fingertips, we are interconnected and it is an essential enabler of business. Do we need to change the name of IT to something more representative of today to inspire?

By changing the name, can we reach a whole new generation of girls and young women who want to be communicators, problem solvers and global entrepreneurs in an integrated corporate environment?

Can we help companies build empires, market goods all over the world, secure secrets, create effective and efficient human processes to support this critical enabler?

This new world view must be mentored in the workplace and marketed by women to schools and universities to capture the interest of the next generation and leave them with powerful images of the possible.

Real life stories from real women in ‘IT' will really help in explaining what was the outcome that was achieved by my contribution.

One day I can be reviewing a corporate network to assist executives with a holistic view of people, process and systems to support decision making, smart investments and company growth, the next day assessing the complex business and information communication requirements of a fully integrated jet using satellite communications, airport ground systems, people and process or helping deliver a secure and manageable data store assist in the management and safety of women in hiding from abusive partners.

This approach could shape the education pathway where Information communication technology skills are seen in multiple streams (not just seen as STEM),  align with business and personal goals and enable girls and young women to visualise outcomes much bigger than coding and hacking.

The success of the integrated corporate environment requires a holistic approach to business (including computers, risk, security, people).

You can be a master of one or generalist.

It's not just ‘IT', it's not just for coders and hackers.

There a real skills shortage in information communication technology corporate integration experts.

It's about business goals, communication, risk, security and money at all levels of business.

SolarWinds head geek Destiny Bertucci

International Women's Day is here, and it's great to see that year after year, it's growing in recognition and importance.

In my work, I'm already fortunate to be surrounded by women.

And the good news is that—looking at the wider industry—I can see change is afoot, particularly in encouraging the next generation of female leaders in cybersecurity.

Because I'm so passionate about cybersecurity, and because I'm a mother myself, I feel that STEM programs can help many girls get started in IT.

Just a few weeks ago in Sydney, the Australian Computing Academy (ACA) announced the launch of the Schools Cyber Security Challenges as part of the curriculum for Australian high school students. Initiatives like these will ignite a passion in young children—especially girls—to work in IT and phase out any question of gender equality in the future.

Ultimately, working in IT comes down to a passion for problem-solving, day in and day out. Cybersecurity needs people who love to read and find answers; developers to help create new ways to block threats and help protect data in every sector; and, of course, a dose of charisma and good relationship-building skills go a long way, particularly when driving security policies within an organisation.

International Women's Day is not only a great reminder for people to take practical steps to address the ongoing gender imbalance we face in certain industries and countries, but also that women can break glass ceilings and soar in any capacity.