The XX Factor: The Critical Role of Women in Closing the Cybersecurity Skills Gap
Women are underrepresented in IT. Estimates vary — as noted by Information Security Buzz, women make up 8 percent of the U.K. cybersecurity workforce, while Information Age reported that they represent only 11 percent of security professionals worldwide.
Numbers are slightly better in the technology market at large, where 25 percent of all IT staff are women. However, the Center for Cyber Safety and Education and ISC2’s “2017 Global Information Security Workforce Study” put the shortfall of cybersecurity experts at 1.8 million positions by 2022.
In a digital world crying out for more experts and trying to bridge the emerging cybersecurity skills gap, there’s a strong case for finding, training and hiring women to tackle tough IT jobs. In fact, there’s evidence that the XX factor offers significant advantages for the industry.
The Cybersecurity Gender Gap
While women are getting more traction in the workplace, they still face real challenges, from corporate cultures steeped in an old boys’ club mentality to earning less pay than male colleagues for the same work. But a study by Russia’s National Research University Higher School of Economics Neurolinguistic Laboratory, published in Human Physiology, revealed a critical advantage for women when it comes to multitasking.
According to the study’s author, Svetlana Kuptsova, “Our findings suggest that women might find it easier than men to switch attention.” While the exact mechanism isn’t known, the researchers hypothesized that women tend to spend more time thinking before diving into tasks, while men are often more impulsive. For cybersecurity professionals confronted with the need to handle multiple high-priority tasks at the same time, this XX advantage could prove invaluable.
Talking the Talk
As noted by Fortune, women are also, on average, better at communicating complex subjects in a clear and concise manner. Given the rise of IT as a line-of-business initiative, and the vested interest of C-suite members in knowing the details, potential pitfalls and outcomes of any cybersecurity plan, IT experts must now be able to both manage the technical jargon of vendors and deliver clear, high-level reports to stakeholders when the need arises. This helps ensure that IT departments and management are on the same page when it comes to security budgets, expectations and response strategies.
Cybersecurity strategies are no longer confined to the local network. IT professionals are increasingly part of the front-facing discussion about onboarding stakeholders and consumers to ensure both personal and corporate data is secure. According to Tech.co, this offers a key opportunity for women: effective market targeting.
Consider a company rolling out new cybersecurity and user access protocols to keep financial data safe. Assuming an equal proportion of male and female clients, there’s a difference in how they behave.
The Harvard Business Review noted that repeated studies have demonstrated that women are less inclined to take risks than men. An all-male IT team might insist that that new two-factor authentication won’t hamper the user experience, for example, while female security professionals could provide the critical push to focus on risk-mitigating aspects of technology, such as reduced chances for identity theft, more control over personal data and protection from collection agencies if fraudsters breach online accounts.
Problem Solving From Different Perspectives
Niloofar Razi Howe has spent two and a half decades working with technology companies and is now the chief strategy officer at RSA. While she acknowledged the unique challenges facing women as they climb the cybersecurity ladder, she also pointed to a key advantage: a different approach to problem-solving.
“Women do tend to approach and solve problems differently than men — not better or worse, just differently — and when you’re trying to solve problems, why wouldn’t you want all options on the table?” she wrote on the official RSA Conference blog.
Women’s experience in the world is fundamentally different from men, leading to a different perspective when it comes to problem-solving. In cybersecurity situations, this could be as simple as having another opinion, which could open a new line of thought and ultimately lead to better-protected data and more proactive IT defense.
To counter the increasingly agile attacks of cybercriminals, it pays for companies to think outside the box. By adding more women to security teams, getting outside the box takes less time and yields better results.
New Initiatives to Close the Cybersecurity Skills Gap
There’s a shift underway in the cybersecurity industry. Infosecurity Magazine reported that more than 100 executive women in security recently participated in the very first Executive Women’s Forum (EWF) Cybersecurity Women on Capitol Hill Public/Private Symposium.
Beyond simply closing the cybersecurity skills gap, conference attendee Cindy Miceli of Alta Associates argued that “the skills and perspectives that women bring to cybersecurity teams are invaluable.” Specifically, adding the XX factor to existing security efforts can help improve overall efficiency, enhance communication, effectively deploy new access policies and shed new light on existing security issues.