From the Spring 2021 Issue

Addressing Skills and the Gender Gap in Cybersecurity

Carmen Marsh
President and CEO | United Cybersecurity Alliance

There are not enough women being properly trained to meet the demand for skilled cybersecurity professionals; therefore, not enough women filling open positions in the cybersecurity field. Even though there has been an uptick in the number of women in cybersecurity, we are still far from having the gender balance needed. Mindset diversity is extremely important in any decision-making process and research shows that a more diverse workforce leads to higher company performances.

From day to day demands in our careers and lives, it is rare to not only take the time, but to have the time to analyze and look at the types of impacts people have on us, the effects we have on one another, and the world we live in. Though, it is perhaps the best way to challenge the ideas that we have accepted as truth, however, these truths may not stand up to scrutiny. Asking these types of tough questions led to an epiphany for the team at Inteligenca.

It was not only about finding a solution to a common problem, but also the importance of building a thriving work culture, keeping the team motivated, and being unmatched in their ability to create value for clients. A substantial part of that value was having diverse mindsets within the organization in order to bring the best innovation and expertise.

“Two years were spent studying available data and completing research and analysis to better understand the root cause for the gender gap of women in cybersecurity.”

When a client asked Inteligenca to locate diverse cyber risk analysts, they hit a huge wall. Three-hundred applicants applied and only two were women. This created a bigger picture. Two years were spent studying available data and completing research and analysis to better understand the root cause for the gender gap of women in cybersecurity.

Coupled with panel conversations with those in the field and data that was reviewed, attention was brought forth to several factors as to why more women are not joining the cybersecurity field. Some of the findings are listed below:

  1. There is too much information available on the internet about roles in cybersecurity and their job specifications.
    • There is too much information to sift through, thus discouraging interested parties from researching and learning more about the cybersecurity field. What was especially true is there are not any clear guidelines about where to begin and what questions to ask.
  2. Some stereotypes of those in cybersecurity are not attractive.
    • The keyword “cybersecurity” in the search engine will bring up several pictures of men in hoodies staring at computers. These resulting images do not elicit a positive response for women interested in joining the cybersecurity field.
  3. Some environments are not inviting to women.
    • When women learn in an all women’s group, they are more engaged, and ask questions up to 70% more often than when they are in a mixed gender class. They also score 30% higher on tests when they are in female-only classes.
  4. Cybersecurity jobs require longer hours and provide less flexibility than careers in other fields.
    • Most women will not consider a career in cybersecurity if there is no schedule flexibility available, especially before they have started a family.
  5. The high cost of industry certifications, which are in demand by hiring managers.
    • An entry-level position in the cybersecurity field requires certain certifications which are costly. These certifications are required for an entry-level position.
  6. Some recruiters and hiring managers ask for 4 years of experience in their entry-level job descriptions.
    • Women tend to only apply for jobs where they can meet most of the job requirements; therefore, women with even some technical experience will shy away from applying.
  7. Students that graduated with a Computer Science degree, including a master’s in cybersecurity, often are not able to find jobs after they complete their studies.
    • There is a significant gap between theory and practice in cybersecurity. Theory in the cybersecurity field goes only so far. Most employers will ask for working knowledge before hiring candidates.

After all of this data was collected, reviewed and realized, Carmen Marsh, CEO and Managing Partner of Inteligenca, created a free, fast-tracking program in 2019 called 100 Women in 100 Days Cybersecurity Career Accelerator (100W100D). This is an all-inclusive upskilling program dedicated solely to women. Within the hour of 100W100D being announced, more than sixty women reached out to inquire about signing up. In turn, proving that women are interested in cybersecurity.

Once the program was well received by women, the next crucial step was to raise the funds to ensure the 100W100D program would remain free for all students. Craig Newmark, Founder of Craigslist, expressed a personal interest in 100W100D and invested his money to fund and support the program. Thanks to the interest and funds from Craig, the first 100W100D program launched May of 2019. Since its release, Sacramento, CA invested in upskilling two more cohorts in 2020, further showing that the skills and gender gap in cybersecurity is ever-present and needs to be addressed.

All of the challenges found through research is what inspired the development and launch of 100W100D, a program which would set women up for success on day one. It was vital to incorporate several aspects of training, including content, that would assist in the changing of preexisting perceptions held by both men and women about working in the field of cybersecurity. The team committed themselves to the following:

  1. Establishing the 100 Women in 100 Days program as a flexible, all-female student learning environment. Women attending the program feel that being part of the program is being part of a sisterhood where everyone looks out, encourages, and empowers one another.
  2. Making the Accelerator program a completely free-of-cost training program for women, including all fees associated with industry certifications such as those offered by CompTIA. This removes a large barrier for women to enter into the cybersecurity industry, as the cost of certificates can vary between $1800 and $5800 per person.
  3. Working with recruiters and employers to revise entry-level job descriptions and finding better ways to open doors to the less experienced candidates, but those that are eager to learn and grow. This also means more women will be hired, thus increasing gender diversity.
  4. Raising awareness and providing clear paths into the cybersecurity field. Hosting monthly webinars discussing options, jobs, roles, and career paths for those that are looking to join the cybersecurity
  5. Starting a global “Cybersecurity Woman of the Year”award event to create role models and change the perception of existing stereotypes of those working in cybersecurity.
  6. Working with local employers to provide a more flexible work schedule for women, starting with the students in the 100W100D program.
  7. Engaging in sessions with cybersecurity experts, often women, sharing their experience with working in a male-dominated field. This alone can be enough for women to feel more confident in pursuing a career in the cybersecurity field.
  8. An entire program divided between theory and practice work. This includes real-life simulated scenarios for students to solve, and also an internship opportunity that provides them with hands-on projects. This gives the students what they need to build a portfolio of projects to share with future hiring managers. This is where the Accelerator program shines.

Conclusion

The women that participate in 100W100D Cybersecurity Career Accelerator gain the latest industry knowledge, in-demand certifications, and hands-on projects taught by cybersecurity experts. In 100 days, women are learning the skills they will need on day one of their job. This program addresses many existing issues related to the workforce in cybersecurity, however, the two largest are closing both the gender and skills gap, and all at the same time.

A technical background is not required to join the cybersecurity field, contrary to popular belief. There are an abundance of jobs within the cybersecurity field in Marketing, Sales, and Project Management, to name a few. In fact, there are 45 different job categories with hundreds of roles within these categories. There are many different paths to take in the cybersecurity field. Women should not limit themselves in the belief that they must have a technical background.

Any woman who attends the 100W100D accelerator program has an opportunity to not only change their careers, but also their lives. With a mere 20% of women occupying a job in the cybersecurity field, it is of paramount importance to not only address the skills and gender gap, but to do whatever is possible to close these gaps. Whether it is 100W100D or another program, we need to invite and include diversity in the workforce, and help create a more productive work environment for all companies and their employees. lock
Carmen Marsh

Leave a Comment