If you take a historical look at security, there is a perception that industry professionals are predominantly male and ex-military. One could assume that this view is but one barrier to overcome in achieving gender equality in security. Further suggesting that this view persists, statistics from Frost & Sullivan’s most recent “Women in Security” study showed that women represent only 10 percent of the security workforce.

“From a woman’s perspective, we do face a list of challenges, and we don’t always talk about them,” said Carmina Lees, vice president of the Security Business Unit at IBM UKI.

There is more we need to do to get the gender balance right in the security space, but are we boiling the ocean by talking about it like it’s a problem?

It’s time for women in security to challenge themselves and use their skills to their advantage. Without stereotyping too much, women tend to be naturally stronger than men in certain areas. We have an innate tendency to collaborate and network — attributes that help to gain trust and connect the dots across an organization. On paper, women are also more loyal and tend to change employers much less frequently than men.

Breaking Barriers

Promotion and pay can be topical and sensitive, especially if there are life factors hindering the likelihood of excelling in a career. Recent research from the Institute of Fiscal Studies found that women earn 18 percent less per hour than men on average, and the gap increases considerably after women have children.

This comes back to organizations recognizing the importance of work-life balance and how a new milestone in somebody’s personal life, whether male or female, does not necessarily impact their career performance.

“I’ve always tried to stay true to my values by being a mum, having a career and being myself,” said Carmina Lees.

The barriers to achieving gender equality may already be coming down as women become more comfortable being themselves both inside and outside of work.

The Rising Influence of Women in Security

The statistics suggest that there is still a shortage of women in security. Let’s take a different angle by looking at the impact of influencers in the industry.

Women Win the War

Women’s influence in security dates as far back as World War II. About three-quarters of the workforce at Bletchley Park was female, and many women had important roles, such as codebreaking. Although few women received the same level of recognition as their male peers, the collective success of the group at Bletchley Park led to a breakthrough in national security and, ultimately, the birth of the information age.

Shifting the Paradigm

It’s important that those working in the industry aren’t automatically branded as technical; there are numerous examples of successful women in business roles leading companies or departments. The IBM UKI Security Business Unit is a great example of strong female representation across various functional areas, particularly in the leadership team.

It is not limited to just one team, however. “There are so many inspiring leaders at IBM, many of them female,” said Wendi Whitmore, director of IBM X-Force Incident Response and Intel Services. “In the typically less diverse security industry, it is great to see IBM successfully shifting that paradigm.”

Working Together

Women have made apparent gains in the industry, but none of this success would have been attainable without the support of our male counterparts. We must pursue the goal of equality together, accepting organizational change.

There is no doubt that the barriers to gender equality in the workplace are changing as employers increase their focus on cultivating people. Balance can only be built if the people in leadership positions want it and understand the benefits of gender neutrality.

To raise the profile of women in security, we must move away from initiatives focusing specifically on women and recognize both male and female styles.

More from CISO

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…

What’s new in the 2023 Cost of a Data Breach report

3 min read - Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the research points to new opportunities for containing breach costs. The research, conducted independently by Ponemon Institute and analyzed and published by IBM Security, constitutes the…

Cyber leaders: Stop being your own worst career enemy. Here’s how.

24 min read - Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. We’ve been beating the cyber talent shortage drum for a while now, and with good reason. The vacancy numbers are staggering, with some in the industry reporting as many as 3.5 million unfilled positions as of April 2023 and projecting the disparity between supply and demand will remain until 2025. Perhaps one of the best (and arguably only) ways we can realistically bridge this gap is to…

Poor communication during a data breach can cost you — Here’s how to avoid it

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…