“We Need Every Wo(man) on Deck…”
The challenges of getting more women into STEM and cybersecurity
If you haven’t heard, there was a big upset at the RSA Conference this year: of the 20 keynote speakers, only one was a woman. Echoes of this same issue were heard at other conferences, including DefCon (Hautala, 2018). Their defense involves a reiteration of the lack of diversity in cybersecurity. This lack makes it difficult to find female leaders in the field. Is this really a justifiable defense?
Let’s talk about why we don’t have more women in cybersecurity (currently 11-20% of the cybersecurity workforce are women) … and why few of them are in leadership positions (Frost & Sullivan, 2017), (Ashare, 2018).
First, why are women reluctant to enter the field? Sources have reported that women are put off by the stereotype of the guy in the hoodie that leaves no room for a feminine counterpart (Limbago, 2018). There’s also the issue of dominate language based on masculine contexts and warfare analogies that deters women from cybersecurity. In STEM, girls are not actively being recruited and often are victims of more stereotyping: that girls aren’t interested in tech or girls aren’t good at math (Hill, 2018), (Gonser, 2018).
In addition, conferences like RSA with predominantly male speakers tend to exclude women. This lack of inclusiveness hurts recruitment efforts as women do not feel wanted in the tech world.
The second part of this is exit: Why do women leave the field? Women currently in the field have reported discrimination, less pay and having to “prove” themselves to be in technical positions. That isn’t a welcoming environment. Add to that the difficulties in getting promoted and unconscious gender bias (Elephant in the Valley, 2016).
Other reasons women don’t want a career in cyber include the long working hours (often more than men to “prove” their worth) and their responsibilities to the family. In today’s society, women are still seen as the caregivers for both children and the elderly (Marcus, 2016), (Britt, 2013). Men have mentioned “babysitting” their children, but that’s not something we associate with women: it is their responsibility to take care of the children and often have difficulties getting the support they need (Rinaldi, 2017), (Marcus, 2018), (Starbuck, 2017). This unconscious bias extends to maternity leave and flexible work schedules, which are mainly the domain of women (Kirkman, 2018).
It must also be noted that many sources have mentioned insecurity as an issue to encouraging women to both enter and stay in the cybersecurity arena. But this may also be another consequence of unconscious bias as women are told they are “aggressive” as opposed to assertive. The characteristics of being a strong, opinionated woman are often discouraged at the confusion of the women involved (Marcus, 2018). In addition, women lack role models of either gender. A disturbing consequence of the #metoo movement has been an increasingly reluctance of men to help guide junior women (Tan, 2018). This is exacerbating an already concerning trend.There are women in management. But women in leadership positions tend to be leaders in fields considered more “feminine” such as Human Resources (Sherman, 2016).
Is this a generational issue? Will time solve this…?
REFERENCES
Ashare, M. (2018). Women Breaking Barriers in Cybersecurity. Retrieved from: https://www.onlineeducation.com/women-breaking-barriers/cybersecurity
Britt, S. (2013). The Sacrifice Women Make For Their Families Does Not Come Cheap. Retrieved from: http://www.littlepinkbook.com/the-sacrifice-women-make-for-their-families-does-not-come-cheap/
Elephant in the Valley (2016). See the Stories. Retrieved from: https://www.elephantinthevalley.com/
Frost & Sullivan (2017). The 2017 Global Information Security Workforce Study: Women in Cybersecurity. Retrieved from: https://iamcybersafe.org/wp-content/uploads/2017/03/WomensReport.pdf
Hautala, L. (2018). Women cybersecurity leaders: RSA Conference can’t find you. Retrieved from: https://www.cnet.com/news/rsa-conference-doesnt-have-women-cybersecurity-experts-keynotes-oursa/
Gonser, S. (2018). Jobs in cybersecurity are exploding. Why aren’t women in the picture? How high schools are trying to attract girls to this lucrative tech field. Retrieved from: https://www.nbcnews.com/news/us-news/jobs-cybersecurity-are-exploding-why-aren-t-women-picture-n865206
Hill, C. (2018). Why So Few? Women in Science, Technology, Engineering, and Mathematics. Retrieved from: https://www.aauw.org/research/why-so-few/
Kirkman, A. (2018). Elkhart woman’s pregnancy discrimination lawsuit aims at AT&T Mobility attendance policy. Retrieved from: https://www.southbendtribune.com/news/local/elkhart-woman-s-pregnancy-discrimination-lawsuit-aims-at-at-t/article_9910543e-bdc9-5533-a7fa-e099e687e3df.html
Limbago, A. (2018). Why So Few Women Work In Cyber Security (And How We Can Change It). Retrieved from: https://www.forbes.com/sites/quora/2018/01/29/why-so-few-women-work-in-cyber-security-and-how-can-we-change-it/#5dd7799a6c22
Marcus, B. (2016). The Top 5 Sacrifices Women Make For Their Career. Retrieved from: https://www.forbes.com/sites/bonniemarcus/2016/08/29/the-top-5-sacrifices-women-make-for-their-career/#5127fe1a7d75
Marcus, B. (2018). It’s Obstacles Women Face In The Workplace – Not A Lack of Ambition – That Causes Them To Opt Out. Retrieved from: https://www.forbes.com/sites/bonniemarcus/2016/08/15/its-the-obstacles-women-face-in-the-workplace-not-a-lack-of-ambition-that-causes-them-to-opt-out/#1e42145a2667
Rinaldi, K. (2017). Motherhood Isn’t Sacrifice, It’s Selfishness. Retrieved from: https://www.nytimes.com/2017/08/04/opinion/sunday/motherhood-family-sexism-sacrifice.html
Sherman, K. (2016). Why We Don’t Need More Women in IT. Retrieved from: https://www.linkedin.com/pulse/why-we-dont-need-more-women-katy-sherman
Starbuck, A. (2017). Having children is career suicide. Retrieved from: https://kwib.co.uk/2017/10/16/having-children-is-career-suicide/
Tan, G. and Porzecanski, K. (2018). Wall Street’s Strategy for Handling #MeToo Is Avoiding Women at All Costs. Retrieved from: http://time.com/money/5469516/wall-streets-strategy-for-handling-metoo-is-avoiding-women-at-all-costs
Dr. Susan Cole is a 2008 graduate of the University of Fairfax with a PhD in Information Assurance (Cybersecurity). She received her MBA from Salem International University (2007), her MA from American University in International Politics (1995), a BA from Wilson College in Foreign Languages (1994) and an AA in Mandarin Chinese (1997). For her PhD, she studied what influences the decision making process for IT and Cybersecurity managers in their recommendations to adopt and implement new security technology in their organizations. The specific technology she researched was Biometrics. She has achieved and maintains certification as both a Certified Information System Security Professional (CISSP) and a Certified Ethical Hacker (CEH). She also obtained her Certificate of Cloud Security Knowledge (CCSK). She’s held numerous positions from Cybersecurity Policy writer for an enterprise to a member of an Incident Response Team. Much of her career has focused on certification and accreditation (C&A) activities, now assessment and authorization (A&A) under NIST’s Risk Management Framework. She provided consulting support to small companies and now works as an Information System Security Officer (ISSO). Dr. Cole has been teaching since 2012 and has been involved with Colorado Technical University (CTU), Concordia University, Baker College, University of Maryland (UMUC), and Thomas Edison State University (TESU).
