If businesses are to get a grip on their cybersecurity, they need to close the gender gap
Cybersecurity threats are growing at an alarming rate across the globe while at the same time, cybercriminals are becoming even more sophisticated in their methods of attacks. Meanwhile, the shortage of cybersecurity talent is making it difficult for organizations and industries to meet these constantly shifting security demands.
As such, the cybersecurity landscape has become increasingly challenging. In fact, cybercrime is expected to cost the world $10.5 trillion annually by 2025 but organizations are struggling to build the specialized skills required to manage these growing threats. According to ISACA’s latest State of Cybersecurity Report, 63 percent of enterprises have unfilled cybersecurity positions while labor shortages in the UK have become particularly acute. In fact, while there are currently about 339,000 cyber professionals in the UK (up 13 percent year-on-year), there is still a shortfall of 56,811 workers (up 70 percent year-on-year).
And yet, despite this growing need for cybersecurity talent, we also continue to see significant underrepresentation and exclusion of women within the cybersecurity sector. A recent report on women in cybersecurity found that as of September 2022, women made up only 25 percent of the workforce in the global cybersecurity industry -- with the UK doing marginally better with women making up 36 percent of the nation’s cybersecurity workforce. But, women are expected to represent only 30 percent of the global cybersecurity workforce by 2025 and 35 percent by 2031. This means that over a period just shy of a decade, the number of women in the industry will have grown by only 10 percent.
This lack of inclusion of women in the cybersecurity workforce is not only detrimental to the sector and to businesses’ security because it facilitates the continued shortage of much-needed cybersecurity skills, but also because it enables blind spots in cybersecurity through a narrowed lens of perspectives in the field.
That’s why, if businesses are to tighten up their cybersecurity, they need to start meaningfully and seriously closing the gender gap.
Gender equality as a driver of progress
Ensuring the increased inclusion of women into the field of cybersecurity would do more than just fill empty chairs in the industry, it will also play a key role in broadening and strengthening an organization’s security capabilities by bringing diverse perspectives to problem-solving and innovation.
In fact, it’s been well-proven that including women helps to ensure better outcomes of technological solutions by enabling organizations to approach the functionalities of technologies from a different perspective, thereby reducing any blind spots that would not get caught otherwise. For example, women internet users face a higher number of cybercrime incidents while being at an increased risk of financial data loss, violations of privacy, and security breaches.
Additionally, a more diverse workforce ultimately improves business performance as companies with a gender-diverse employee base tend to have better financial returns than national industry averages.
But, most importantly, by empowering more women to enter the cybersecurity industry, which is a well-paying, highly productive, and future-proof industry for employment, we would be able to strengthen and diversify national economies.
Attracting more women into cybersecurity
According to the World Economic Forum, there’s a perception that awareness of cybersecurity is low among women and that the low participation of women in cybersecurity is due to a lack of access to cybersecurity education. This is not true.
In fact, 82 percent of respondents to a global survey of female STEM undergraduate students said they had either some or a lot of knowledge about cybersecurity while 58 percent said they had access to cybersecurity education and 68 percent had already taken a cybersecurity-related course.
So, what exactly is acting as a barrier to entry for women in cybersecurity and how do we create a more inclusive cybersecurity workforce?
Well, it’s not as simple as just recruiting more women into cybersecurity roles. Emphasis needs to be placed on training and education as well as encouraging women and young girls to pursue cybersecurity as a career path by providing mentorship and access to other female role models within the industry.
One of the biggest reasons that women don’t consider a career in cybersecurity is often because they’re simply not exposed to it as an option for them. As such, there remains a significant opportunity to attract more women into the field by exposing them to the broad and diverse positions available within cybersecurity from a young age (from secondary school to tertiary educational institutions) as well as through internships, projects, and other cybersecurity-related experiences like hackathons
The underrepresentation of women in the cybersecurity sector has a direct negative impact on the security and protection of people, organizations, industries, and entire economies. That’s why the inclusion of more women in cybersecurity is critical to not only closing the talent shortages of cybersecurity professionals but also creating a cyberspace that is safer while enabling a more inclusive cybersecurity industry.
Debi Dowling is Chief of Staff & VP of Strategic Programs at Onapsis.