Bringing Women Into Cyber
Bringing Women Into Cyber
By Maggie Engler
As an early-career cybersecurity professional, I know I haven’t seen it all, but in the few years I’ve worked in the industry so far, I’ve seen countless articles on 1) the shortage of talent in cybersecurity positions, and 2) the lack of women in the workforce. From those two points alone, it seems like we could be doing some things better to encourage more women to consider security as a career:
Stop hiring for culture fit. Often in tech, companies like to brag about having a startup culture, even long past the startup stage. I get why teams would want someone who would fit in right away, but if you’re looking to hire someone exactly like your current employees, you’ll miss out on a lot of potential candidates, as well as the chance to have a more diverse, higher-performing group. Instead of using a vague term like “culture fit,” I would encourage having deeper conversations about what specific personal traits would help someone succeed in the role (for example, creativity in problem-solving, curiosity and willingness to learn), and how to gauge those traits – rather than relying on what school they went to or what video games they play as heuristics for how well they will fit in the organization.
Emphasize the human element. When people think of cybersecurity, they think of hackers, whose stereotypical image is a young, antisocial male in a hoodie. Rest assured that none of these attributes are necessary for success in security. At its core, cyber is about people. It’s about understanding user behavior to design secure and usable features, to monitor systems for anomalous actions and so much more. It’s also a highly collaborative field, despite the lone genius archetype. The cybersecurity industry can be more appealing and welcoming to women and other underrepresented minorities in part by highlighting the discrepancies between the stereotypes and realities of the job.
Make it about the mission. During my undergrad at Stanford, I had an interesting conversation with one of my professors about the comparatively low number of female students in my major, electrical engineering. He told me that in the computer science department, when faced with similar statistics some years back, they had made a conscious decision to change their messaging. The new promotional material, introductory courses and selection of guest speakers focused less on the idea of inventing cutting-edge algorithms or making a fortune, and more on using technological skills to address social problems. Computer science is now the most popular degree among undergraduate women at Stanford, who represent about 30 percent of the major.
To be transparent, my only evidence of this effort is anecdotal, and I certainly don’t have data around how much of the demographic shift could be explained by the strategy described. But there might be something to the idea of gender differences in motivation, and one of the most compelling things about working in cybersecurity, especially for those who might otherwise choose a different path, is the opportunity to serve in an increasingly critical role protecting data, systems and infrastructure.
Maggie Engler is a Cyber Analyst at Cyence.