Growing ransomware attacks aren’t the only problem facing the cybersecurity industry today, according to experts in this episode of The Insuring Cyber ââPodcast. Another concern within the cybersecurity workforce is the gender gap.
“I think everything we have done so far to encourage more women in cybersecurity is still not enough,” said Dr Magda Chelly, a cybersecurity professional, former head of information security, speaker and entrepreneur. She describes herself on Twitter as a cyberfeminist and also founded Women on Cyber ââSingapore, an organization that offers cybersecurity training, mentorship, events and scholarships, as well as career advancement for professional women wishing to start or pursue a career in cybersecurity.
âI feel like cybersecurity really, really needs a major overhaul,â added Theresa Payton, CEO and chief advisor at cybersecurity consultancy Fortalice Solutions and author, with her latest book titled Manipulated: At the inside cyber warfare to hijack elections and distort the truth. Payton has also previously starred in former CBS TV series Hunted, a reality show in which teams compete to stay off the grid and disappear into today’s digital world.
These two women joined the latest episode of The Insuring Cyber ââPodcast to discuss the lack of gender diversity within cybersecurity and how the field can work to become more inclusive when it comes to attracting. talents. This is something Payton knows all too well after making history as the first woman to serve as the White House Chief Information Officer overseeing the IT operations of George W. Bush and his staff. administration from 2006 to 2008.
âBack then it was interesting, because as I walked around the first day and introduced myself to the team,â she said, âI continued to have different people from time to time. times that were like – I’m paraphrasing – but something to the effect of, ‘Oh, you’re not what I expected.’ “
Indeed, Washington DC-based think tank New America has reported that while the number of women in cybersecurity is growing, it is still a predominantly male industry.
A recent report (ISC) 2 on the cybersecurity workforce found that, according to the survey results, women currently make up about a quarter of the total cybersecurity workforce.
The New America report cited a 2017 Global Information Security Workforce on Women in Cybersecurity study from the Center for Cyber ââSafety and Education, (ISC) 2, Alta Associates and Frost and Sullivan, which found that women at almost every level cybersecurity are paid. less than their male counterparts, and more than half of women in cybersecurity report experiencing discrimination, compared to just 15% of men.
Payton said she believed the lack of gender diversity was in part due to the issue of branding in cybersecurity.
âWhat image comes to mind when you hear the word cybercrime? Is this image a room filled with happy, diverse and productive people who make a difference? Or is it a guy hunched over his computer wearing a dark hoodie? Said Payton. âIf you are a woman and you envision the next 30 to 40 years of your professional life, which career would you choose? The one who looks threatening? “
She said to remove barriers not only for women, but for all under-represented groups in the industry, hiring managers need to broaden their criteria.
âDegrees and certifications can be an indicator of a successful hire, but it shouldn’t be the only one,â she said. âReally, the best cybersecurity professionals, and women in particular, are insatiable learners. They are highly skilled problem solvers. And they always think of designing for the user without underestimating the opponent. So I always say try your luck with a different degree or path and invest in cross-training to attract more women. “
She added that representation goes a long way, as role models and encouragement are essential in attracting under-represented professional groups to the field.
âI firmly believe that while we lack D&I (diversity and inclusion) in cybersecurity, and this is an aggravating problem,â she said, âwe have no shortage of talented women who are looking for their next career opportunity. “
To these women, Dr Chelly said it’s important that while the field aims to broaden its scope when looking for talent, cyber-professional women also broaden their minds as to what can be done. look like their career.
âDon’t assume that a career looks a certain way, that your job will look a certain way, and that you have to do things a certain way. These are all preconceived ideas, âshe said. âEveryone has their own journey. So depending on your life experience, depending on what you want, you will be able to build your career and your life however you want.
She added that it’s important to stay open to learning and evolving with specific goals in mind.
âIt’s really important to make sure you understand what you want to achieve, what your goals are and that you are able to judge yourself very objectively,â she said.
However, she offered additional advice.
âThis does not mean that, for example, a professional woman has to achieve perfection,â she said. “Perfection does not exist.”
In fact, letting go of the idea of ââperfection is an important lesson for businesses and individuals when they think about their cybersecurity as well.
“There is no 100% security,” said Dr Chelly. âNo matter what each company does, no matter what an individual may do around their own cybersecurity, there is always a residual risk. And so, there is always a possibility that someone, somewhere, is being hacked.
This is where surveillance comes in as an important tool for preventing and reducing the impact of cyber events after they have occurred, she said, adding that another tool crucial for businesses is cyber insurance.
âAnytime we are actually exposed to a successful cyber attack, we can actually have or suffer very large financial losses. And therefore, those financial losses could actually have a negative impact on our business, on our cash flow, âshe said. “What can help is cyber insurance.”
There is no doubt that as attacks continue to evolve in frequency and severity, the cybersecurity field will need a wide range of professionals capable of providing training and services to businesses and individuals with need protection.
âIn order to address this shortage of diverse talent and women in cybersecurity, we really need to focus on the fact that there are a lot of talented and strong women in the workforce,â said Payton. “We just need to attract them and give them mentors to come and fight cybercrime with the rest of us.”
Check out the rest of this episode to find out what else Magda and Theresa had to say, and be sure to check out new episodes of The Insuring Cyber ââPodcast released every other Wednesday with the Insuring Cyber âânewsletter. Thanks for listening.