Growing the number of women in cybersecurity with Olivia Rose
Cybersecurity is a field on the cutting edge, yet when it comes to gender parity, there’s still much progress to be made. For women, breaking into a male-dominated field like cybersecurity comes with a unique set of challenges.
Data from the (ISC)² Cybersecurity Workforce Report reveals that the landscape of women in cybersecurity is complex and — at least in some ways — evolving:
- Women make up 24% of the cybersecurity workforce — a major increase from 11% in 2017
- Women earn more degrees and cybersecurity certifications on average
- More women than men hold leadership roles like IT Director, CISO and CIO
FREE role-guided training plans
Seeing these numbers on the rise is exciting and encouraging. However, not all of the statistics are positive:
- Of women in cybersecurity, 56% will leave to pursue jobs in another field
- 17% of women earn salaries between $50,000 and $99,999, compared to 29% of men
- Women in security management roles earn an average of $5,000 less than men in the same roles
In Infosec’s podcast “Growing the Number of Women in Cybersecurity,” Oliva Rose, the director of global executive risk solutions at Kudelski Security, shares her experiences as a woman in the field and shares some valuable advice with women considering a career in the cybersecurity world.
What can companies do to encourage women and minorities to take cybersecurity jobs? And just as important, how can companies encourage them to stay?
Network to overcome isolation
For many women working in cybersecurity, it’s unfortunately easy to feel like a stranger in a strange land. It’s not uncommon to be the only woman on a team or in an entire department, and the feeling of being the “odd woman out” can be enough to drive women to look for jobs in fields with better minority representation.
This leads us to the million-dollar question: what can cybersecurity companies do to make women feel less isolated at work? In this case, the most obvious answer (hire more women) is only one part of the equation, since retention rates for women in cybersecurity are also quite low.
According to Rose, access to networking opportunities is vital. Encouraging women to participate in conferences and professional groups can help them meet other women in the field and foster the sense of community they’ve been missing at work. For women trying to get their foot in the door, Rose suggests volunteering at conferences because it waives the fee! RSA, SecureWorld and ISACA are just a few of the many conferences available to women in information security.
Close the confidence gap
Self-doubt and insecurity can loom over women’s cybersecurity careers like storm clouds on an otherwise sunny day. Many women experience Imposter Syndrome, which is the perception that they’re not as skilled or as smart as their colleagues or that they’re not good enough for the job.
Although men can also experience extreme self-doubt at work, women and minorities are much more susceptible to it. Why? It largely stems from feeling like an outsider. This feeling of being on the outside looking in has ramifications on women’s careers in cybersecurity.
Many women feel the need to prove their skills with certifications and degrees. On average, women in cybersecurity hold more certifications than their male colleagues. They’re also more likely to earn a postgraduate degree, according to the (ISC)² Cybersecurity Workforce Report. Rose has experienced this herself, saying, “You have to know your stuff. You may have to know your stuff more than the five other guys in the room.”
How can we help women feel more confident in cybersecurity jobs? Networking and mentorship are two powerful strategies. Since self-doubt is something that can’t be fought in isolation, connecting women with peers who understand what they’re going through can be immensely beneficial.
Recruit from non-traditional backgrounds
Despite the long-running debate on the value of a college degree in cybersecurity, many recruiters still prefer to hire people with degrees in STEM. That alone disqualifies a huge number of professionals, many of them women, who would make a big contribution to the field.
To hire more women in information security roles, recruiters will have to break the mold and look beyond traditional education requirements. Why? Because women don’t graduate from STEM programs at the same rate as men. In the 2015-2016 school year, women earned only 18.7% of bachelor’s degrees in computer and information sciences. In other words, there just aren’t as many women who fit the bill.
Instead of hiring based on degree, Rose recommends looking for candidates with the right combination of skills and personality traits. Rose herself has a degree in English and built up her cybersecurity skill set with certifications. She also picked out a few skills and personality traits that every information security professional uses on the job: communication, collaboration, active listening and organization.
Raise retention rates
Although the number of women taking cybersecurity jobs is on the rise, retention rates for women in cybersecurity — and technology in general — are lagging behind.
For the tech sector in general, 56% of women will leave to pursue jobs in another field, according to a report by (ISC)². That number is double the rate of men leaving technology jobs.
Lower earning potential for women cybersecurity professionals may also contribute to them leaving the field. Fewer women fall into the $50,000-$99,999 salary bracket than men. Even women who rise in rank to cybersecurity management roles can look forward to lower average earnings than their male counterparts. Pay parity is just one way to boost retention rates for women in cybersecurity.
The future of women in cybersecurity
While the number of women taking cybersecurity jobs has grown in recent years, companies can continue making positive changes to keep that number rising. Many female cybersecurity professionals encounter similar pain points, like lower pay, self-doubt and a lack of networking opportunities with fellow women in the field. By addressing these issues head-on, we can ensure that the future of women in cybersecurity is a bright one.
In the meantime, female cybersecurity leaders like Rose have this to say: “Go for it!” Working in cybersecurity is fast-paced, exciting and puts you on the leading edge of fighting the bad guys.
If you'd like to see the whole episode and hear all of Olivia Rose's answers, you can find the whole episode on our YouTube channel.
FREE role-guided training plans
Sources
- Three ways to attract more women to tech jobs, WeWork
- Seven Ways I’ve Learned From Other Women To Fight Imposter Syndrome, Fast Company
- Women in Science, Technology, Engineering, and Mathematics (STEM): Quick Take, Catalyst
- Women in Cybersecurity, (ISC)2
- Catherine Ashcraft, Brad McLain and Elizabeth Eger, "Women in Tech: The Facts"
In this Series
- Growing the number of women in cybersecurity with Olivia Rose
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get free resources in your inbox!
Sign up for our newsletter and get free cybersecurity resources in your inbox every week. Prepare for your next cert, learn new skills, increase your salary and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity