Cyberweapons are a constant and evolving threat to society. They have the potential to shut down entire electric power grids and bring companies to their knees. Securing networks against the threat is possibly the most pressing priority, and the cybersecurity market is expected to grow from $75 billion in 2015 to $170 billion by 2020 as a result.
One of most pressing priorities for companies in ensuring cybersecurity is what seems to amount to a massive talent shortfall. Current estimates place the talent shortfall at around 1 million professionals, more than 209,000 of which are in the U.S - up 74% over the past five years, according to a 2015 analysis of numbers from the Bureau of Labor Statistics by Peninsula Press. Michael Brown, CEO at Symantec, the world’s largest security software vendor, has predicted that demand for cybersecurity talent will increase to 6 million globally by 2019 and the shortfall will go up to 1.5 million.
There is a simple answer to the problem: women. Cybersecurity has a massive gender problem. According to the Women’s Society of Cyberjutsu - a non-profit that aims to help empower women to succeed in Cybersecurity - just 11% of the world’s information security workforce are women. The trade training body’s 2015 Global Information Security Workforce Study found that it was 10%, a number that had not moved from two years ago.
The dearth of women in cybersecurity reflects a general trend throughout the computer sciences, but even by the incredibly poor standards of diversity in the field it is still embarrassingly low. Women account for only around a quarter of roles in some computer and mathematical occupations according to the Bureau of Labor Statistics. In fact, the number of women interested in taking computer science majors was found to have dropped 79% between 2000-2008, and peaked 30 years ago when society was far less dominated by computers.
The causes for this are many, and much the same as the issues confronting women across science, technology, engineering and mathematics (STEM) industries. That they run deeper is perhaps due to the even more intense stereotypes and a hiring policy seemingly more inward looking than anywhere else. Nicole Eagan, chief executive officer of Darktrace, a cyber security company, attributes the issue to legacy security companies hiring ‘from the same pool of men’ labelling the industry an ‘old-boys’ network.’ And this problem snowballs. Without role models already succeeding the industry, young women are discouraged from getting involved in STEM at an early stage because it can seem unrealistic. This has, according to the US News/Raytheon STEM Index, 33% of women said they did not consider cybersecurity as a career because they felt they weren't qualified.
The prevalent stereotype of the cyber security expert is that of the teenage boy holed up in his dark bedroom perfecting his hacking skills, a hoodie-wearing techie. This is not an especially an appealing prospect to the majority of women. This needs to change, and it can only do so if cybersecurity companies adjust what they are looking for in prospective employees. The ‘hacker’ background that most are looking for is logical but it favors men disproportionately. There are also many benefits to be found in hiring those with an academic background, and this would likely attract far more women into the fold. Diversity is vital to innovation, and with cyber threat constantly changing as hackers find new ways to get into companies networks and wreak havoc, this is going to be vital if we are going to stand a chance.