June 30, 2017 By Douglas Bonderud 3 min read

Women are underrepresented in IT. Estimates vary — as noted by Information Security Buzz, women make up 8 percent of the U.K. cybersecurity workforce, while Information Age reported that they represent only 11 percent of security professionals worldwide.

Numbers are slightly better in the technology market at large, where 25 percent of all IT staff are women. However, the Center for Cyber Safety and Education and ISC2’s “2017 Global Information Security Workforce Study” put the shortfall of cybersecurity experts at 1.8 million positions by 2022.

In a digital world crying out for more experts and trying to bridge the emerging cybersecurity skills gap, there’s a strong case for finding, training and hiring women to tackle tough IT jobs. In fact, there’s evidence that the XX factor offers significant advantages for the industry.

The Cybersecurity Gender Gap

While women are getting more traction in the workplace, they still face real challenges, from corporate cultures steeped in an old boys’ club mentality to earning less pay than male colleagues for the same work. But a study by Russia’s National Research University Higher School of Economics Neurolinguistic Laboratory, published in Human Physiology, revealed a critical advantage for women when it comes to multitasking.

According to the study’s author, Svetlana Kuptsova, “Our findings suggest that women might find it easier than men to switch attention.” While the exact mechanism isn’t known, the researchers hypothesized that women tend to spend more time thinking before diving into tasks, while men are often more impulsive. For cybersecurity professionals confronted with the need to handle multiple high-priority tasks at the same time, this XX advantage could prove invaluable.

Talking the Talk

As noted by Fortune, women are also, on average, better at communicating complex subjects in a clear and concise manner. Given the rise of IT as a line-of-business initiative, and the vested interest of C-suite members in knowing the details, potential pitfalls and outcomes of any cybersecurity plan, IT experts must now be able to both manage the technical jargon of vendors and deliver clear, high-level reports to stakeholders when the need arises. This helps ensure that IT departments and management are on the same page when it comes to security budgets, expectations and response strategies.

Target Market

Cybersecurity strategies are no longer confined to the local network. IT professionals are increasingly part of the front-facing discussion about onboarding stakeholders and consumers to ensure both personal and corporate data is secure. According to Tech.co, this offers a key opportunity for women: effective market targeting.

Consider a company rolling out new cybersecurity and user access protocols to keep financial data safe. Assuming an equal proportion of male and female clients, there’s a difference in how they behave.

The Harvard Business Review noted that repeated studies have demonstrated that women are less inclined to take risks than men. An all-male IT team might insist that that new two-factor authentication won’t hamper the user experience, for example, while female security professionals could provide the critical push to focus on risk-mitigating aspects of technology, such as reduced chances for identity theft, more control over personal data and protection from collection agencies if fraudsters breach online accounts.

Problem Solving From Different Perspectives

Niloofar Razi Howe has spent two and a half decades working with technology companies and is now the chief strategy officer at RSA. While she acknowledged the unique challenges facing women as they climb the cybersecurity ladder, she also pointed to a key advantage: a different approach to problem-solving.

“Women do tend to approach and solve problems differently than men — not better or worse, just differently — and when you’re trying to solve problems, why wouldn’t you want all options on the table?” she wrote on the official RSA Conference blog.

Women’s experience in the world is fundamentally different from men, leading to a different perspective when it comes to problem-solving. In cybersecurity situations, this could be as simple as having another opinion, which could open a new line of thought and ultimately lead to better-protected data and more proactive IT defense.

To counter the increasingly agile attacks of cybercriminals, it pays for companies to think outside the box. By adding more women to security teams, getting outside the box takes less time and yields better results.

New Initiatives to Close the Cybersecurity Skills Gap

There’s a shift underway in the cybersecurity industry. Infosecurity Magazine reported that more than 100 executive women in security recently participated in the very first Executive Women’s Forum (EWF) Cybersecurity Women on Capitol Hill Public/Private Symposium.

Beyond simply closing the cybersecurity skills gap, conference attendee Cindy Miceli of Alta Associates argued that “the skills and perspectives that women bring to cybersecurity teams are invaluable.” Specifically, adding the XX factor to existing security efforts can help improve overall efficiency, enhance communication, effectively deploy new access policies and shed new light on existing security issues.

More from CISO

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

The CISO’s guide to accelerating quantum-safe readiness

3 min read - Quantum computing presents both opportunities and challenges for the modern enterprise. While quantum computers are expected to help solve some of the world’s most complex problems, they also pose a risk to traditional cryptographic systems, particularly public-key encryption. To ensure their organization’s data remains secure now and in the future, chief information security officers (CISOs) should educate themselves about quantum computing, proactively address the coming quantum risks to cybersecurity and work to establish cryptographic agility in their enterprise.A future cryptographically…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today