Globally, women are estimated to hold only one-quarter of cyber security jobs, despite representing more than half of the world’s population. The percentage is even lower for senior leadership positions. The non-profit cyber training and certification organization ISC2 found that just 4% of cybersecurity teams are majority-women, and 11% are completely lacking any female representation at all. Half of those teams are in the U.S.
Those numbers are likely surprising to everyone except those of us who have spent our careers in cybersecurity. With a growing number of open positions in cyber and a field that is becoming more complex and diverse, it’s well past time to make changes that allow for more perspectives, more experiences and more diversity in the field.
Why? More people at the table means cybersecurity teams benefit from different approaches to problem-solving. Creative thinking leads to creative solutioning. And as bad actors become more nimble, more innovative and more imaginative, so must those of us intent on preventing them from doing harm.
For businesses, greater diversity in cyber means a stronger cyber security posture, an engaged workforce, better employee retention, and more collaborative teams.
How? I believe there needs to be an industry-wide focus on recruitment at lower levels and an intentional effort made to promote from within, first. Women must also be the ones to encourage other women to pursue careers in cyber, and then help them advance when they do. Throughout my career, I’ve seen women slowly start to comprise a greater share of the cyber workforce and, eventually, its leadership. But it’s still not enough, and my concern is that without a concerted effort to grow the number of women in the workforce, we will lose the progress we’ve made.
At GDIT, there is female leadership and truly empowered women on teams. In my role, I’ve been fortunate to contribute to projects in ways that have had a meaningful, demonstrable impact on their success. For a project with our Federal Civilian team, I helped devise a way to disable doorbell cameras after an FBI agent was killed serving a warrant. Today, those devices no longer give away an agent’s arrival to criminals. I’ve also worked with the automotive industry, showing them how hackers can get into a vehicle’s systems and do harm. Together, we’ve made cars safer for drivers. I also Co-Led GDIT’s Cyber Digital Accelerators (Eclipse Defensive Cyber, Everest Zero Trust and Tidal Post Quantum Cryptography), where I focused on making Internet of Things (IoT) devices harder to hack.
It's both the ability to contribute and the support of leadership that have allowed me to use my expertise and experience to help other women advance in cybersecurity. I contributed to a book called Stronger Together and the proceeds from it fund a scholarship for women and minorities in cyber. I’ve also created a non-profit group called The Cybersecurity DIVAS that is focused on helping women attain cybersecurity certifications, find mentors, and network with peers and leaders in the field.
Collectively, all of this work led to a humbling recognition for me and for GDIT at the Women in Cyber Awards, which will take place late this year. I have been nominated for the “Cybersecurity Woman Hacker of the Year” award and was honored to have received the nominations from a former CIA director who shares a commitment to getting more women and more people of color involved in cybersecurity.
From the front lines it’s easy to see the need and the gaps, but also the incredible contributions and potential that comes from greater inclusion. We can and we absolutely must bring more voices, visions, and views into the cybersecurity workforce. The potential is so great, and the stakes are too high not to.