Aug 04 2021

The Cybersecurity Shortage Is Real, and Women May Be the Solution

Three quarters of security jobs are filled by men. That should change.

The tech industry has been plagued by two chronic human capital problems: a shortage of specialized cybersecurity talent and a vast underrepresentation of women in technology roles.

There are about 465,000 open cybersecurity positions in the U.S. today, according to CyberSeek, and 61 percent of organizations surveyed by the IT association ISACA consider their security departments understaffed. About the same percentage of respondents say it takes three months to more than six months to fill an open security job. The cyber talent shortage is rapidly becoming a crisis.

Ironically, America’s tech industry started as a majority-female industry. As Mary Ann Sieghart notes in Wired, during the 1950s and ’60s, roughly 90 percent of programmers and systems analysts were women. By the 1990s, however, men held most of those positions. 

Today, an employer looking to hire a certified cybersecurity professional could be hard-pressed to find one who is female. According to (ISC)², women still hold only 24 percent of cybersecurity roles; ISACA found that 86 percent of cybersecurity teams are mostly made up of men.

The Making of a Cybersecurity Pro

My shift into cybersecurity came at a pivotal moment in my education. With just two classes left to complete my associate degree in computer game programming, I realized I did not want to be a programmer anymore. I was having nightmares about code not compiling.

REGISTER: Explore more ways your organization can gain a competitive edge in the weekly CDW Tech Talk Series. Click the banner below to register.

At the same time, I was interning in the IT infrastructure branch of the Federal Deposit Insurance Corp. My cubicle was just outside the security team’s section. One day I found myself knocking on the office door of one of the security architects. We had a great conversation; I learned a lot about what he did, about the overall information security team and more about the field in general.

That was my lightbulb moment: I decided I wanted to do what they did. Just a few weeks later, I successfully transferred my internship and my college credits to pursue a career in cybersecurity.

That was roughly 12 years ago. Since then, I have worked across several security projects and teams, earned a few notable security certifications, and worked with several great mentors who have helped me succeed in this field.

I have also had the immense pleasure of working for women in powerful positions, including CISOs, IT managers, security researchers and engineers. For me, a mentor can come in any shape or size if that person shares your passion, but as we look to diversify the technology industry, it is critical for young girls to be able to see themselves in leadership positions. The impact this can have on shaping the future workforce is huge.

It’s encouraging that the media has finally shown women starring in more technical roles (such as in the film Hidden Figures), which was uncommon even a decade ago. There is still much work to be done, however.

Women in Security Is Good for Business

There are many reasons to support increasing women’s representation in tech, especially cybersecurity. Here’s the biggest: Cybersecurity is everyone’s problem, and the mission of protecting sensitive data is better met by a truly diverse team that can offer more perspectives and viewpoints for tackling a given situation. Women are good for business.

MORE FROM BIZTECH: Learn how to build a security framework for a distributed workforce.

The women that I know in this field are brilliant. They are threat intelligence researchers, policymakers, CISOs, CIOs and CEOs of their own cybersecurity firms. These women fought for and flourished in those roles because they had the chance to do so. They had the resources, the opportunities, the drive and the support to push through and become great role models in our space.

To keep this momentum, businesses must do their part to create opportunities for women to explore technical roles through education, mentorship and scholarships. To that end, the Day of Shecurity initiative was established in 2017 with the objective of bringing more women into the cybersecurity community. The goal is to educate women about the skills required to pursue a cybersecurity career and to provide resources to get them started.  

This year’s Day of Shecurity, on March 23, was a 12-hour virtual event with over 1,700 registrants from more than 50 countries. Dozens of organizations, including giants such as Amazon Web Services, Google, Netflix, Raytheon Technologies and Salesforce, sponsored the event and advertised open security positions.

By increasing the number of trained cybersecurity professionals across all levels and categories, Day of Shecurity is arming the next generation with the ability to network, learn from each other and advance in key skills like red teaming, blue teaming, leadership, cyber governance, compliance, risk management and more.

Across the globe, businesses are beginning to realize that employing more women in tech and cybersecurity roles can fill an enormous need. The variety and number of companies willing to support this initiative shows that reshaping industry norms is very possible. It’s clear that there is a deep pool of largely untapped talent, and workforce diversity is a better, more creative way of doing business.

SolisImages/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.