In recent years, more and more women have climbed the corporate ladder to occupy important positions in the business world serving as role models for young girls. However, according to Kaspersky Lab’s “Beyond 11 Percent: A Study into Why Women Are Not Entering Cybersecurity”, cybersecurity remains largely untapped by women, accounting for only 11% of the total workforce in the industry. The report outlines some interesting facts on why cybersecurity continues to be a difficult career for women to break into.
According to the report, women in cybersecurity face a harsh reality: often being the only female in a room full of men – which may be one of the main reasons most decide not to pursue a career in the field. It is important to emphasize that the lack of women in the industry can generate a snowball effect: the less women in IT security, the more likely women considering the field may lose interest in it. The 2017 Global Information Security Workforce Study, conducted by (ISC) and its Center for Cyber Safety and Education, shows that 42% of participants agree that it is important to have a role model of the same gender in their career of interest. In fact, half of the women surveyed prefer to work in an environment that has an equal male/female split.
The study also shows that in general, women are unaware of the skills employers are looking for and if they have the right attributes for the role. When asked why they haven’t decided to pursue a cybersecurity career, women were more likely than men to claim that they don’t have coding experience (57% vs. 43%), have no interest in computing (52% vs. 39%), are not aware of cybersecurity (45% vs. 38%) and that their math is not good enough (38% vs. 25%). Clearly the issue is one of awareness, as companies today aren’t just looking for coders. Skills such as critical thinking and problem solving are just as crucial to a career in cybersecurity, but the perception of the industry from the outside tends to focus primarily on the technical side.
“As a young girl I was always fascinated by puzzles and board games, which developed into a love of programming and eventually, a career as a security researcher. Working with other experts on Kaspersky Lab’s Global Research and Analysis Team (GReAT), I investigate sophisticated cyberattacks and uncover APTs, cyber-espionage campaigns, major malware, ransomware and other threats. My job requires not only technical skills, but also persistency, creativity and collaboration to think differently and keep up with the malicious attackers,” said Noushin Shabab, senior security analyst at Kaspersky Lab.
Stereotypes associated with cybersecurity are also a big deterrent for women, the study shows. More often than not, terminology that’s associated with the industry, such as ‘hacker’, is generally considered as having negative connotations. In addition, a third of women think cybersecurity professionals are ‘geeks’ and a quarter think they are ‘nerds’, perhaps contributing to the reason why one-in-six women think that a career in cybersecurity would be dull. On this, Shabab points out: “The image of the cybersecurity professional is changing, and with WannaCry, more than half of the young women (58%) came across the industry on TV, radio and online news – according to other studies we have done. It’s a matter of converting this interest into something else.”
In addition to working with various organizations to better understand the obstacles preventing more women from pursuing careers in cybersecurity, Kaspersky Lab has several initiatives, such as Kaspersky Lab Academy, the Kaspersky Cybersecurity Certification Program and Kaspersky Cyber Days to promote industry awareness and occupations as well as to enhance the education of professionals in the area.