By Emily Stapf and Suzanne Hall. Cybersecurity faces a well-known talent gap. The demand for skills is great while the supply is not. One important contributor to this problem is the failure to recruit, train, and retain women. If we’re to close the talent gap, we must close the gender gap. That means executives engaging on this issue now and taking concrete steps.
There’s no question that women are an underused resource in the cybersecurity workforce. (ISC)² Foundation recently found that women represent only 10% of global cybersecurity workers, a number that hasn’t budged since its previous survey two years ago. There are several reasons for this, including the drop in the number of women pursing computer science degrees, the lack of girls pursing STEM studies, concerns over work-life balance, male-dominated decision-making that tends to favor promoting men over women, and the lack of female role models.
There’s also no question that gender diversity would greatly benefit our nation’s cybersecurity. According to the National Center for Women & Information Technology, businesses with a more gender-diverse workforce tend to excel in financial performance, productivity, and innovation—particularly when more women serve in top management positions. Gender diversity can also help improve consensus building, problem solving, and employee performance. Another upside: women are often more likely than men to proactively take on new tasks—a tendency that can increase their value as employees and innovators.
One need only look to our military and law enforcement agencies as well as computer science programs to see qualified, motivated women ready to bring their skills to the private sector. However, companies should not limit cybersecurity recruiting efforts to these cohorts. Companies should be hiring and training qualified women from diverse backgrounds and demographics. This approach will help introduce new ways of thinking and solving problems that can ultimately pay off in a stronger cybersecurity program.
So what should businesses do? They should make gender diversity a priority for their cybersecurity efforts. They should implement specific management guidelines to recruit, develop, and retain women and to foster a culture of gender diversity. They should reexamine how they recruit and include women in the interview process. And they should pair new hires with strong female role models and mentors within their organizations to build relationships and provide personal and professional support.
More broadly, to get the message out, organizations should communicate their commitments to gender diversity through public-awareness campaigns. They should get involved in community IT programs and educational initiatives to promote the hiring of women. And, it’s particularly important to work with local universities, colleges, and technical schools to communicate a company’s interest in gender diversity. Doing so will help recruit new hires and develop a pipeline of educated women professionals for the future.
Participating in an external diversity initiative is another good way to promote public awareness and the hiring of women. At PwC, we drive diversity efforts through HeForShe, a United Nations initiative that aims to get men more involved in promoting global gender diversity in the workplace. As part of HeForShe, PwC is developing an awareness program to educate men on gender diversity and is assessing the roles of women across our global organization.
PwC also has launched several internal initiatives that support women in cybersecurity. For example, we’ve created “lean-in circles” that feature regular meetings and guest speakers, and have established an employee forum for women cybersecurity directors and managers.
More generally, individual women in the cybersecurity workforce can help improve gender diversity and personal development by participating in digital communities like Women in Cybersecurity and the Anita Borg Institute. These organizations aim to advance women in technology by bringing together professionals, researchers, and academia to share knowledge and support, as well as to generate interest among female students to choose technology and cybersecurity as a dynamic career option.
March 8th is International Women’s Day, a campaign that calls to advance women in the workplace and society. Think about using this annual event to start (or jumpstart) a proactive campaign to hire and promote more women in your cybersecurity practice—and to show your support for gender diversity across the world. As demand for cybersecurity and privacy workers continues to mount, businesses that reach out to women stand to benefit from this untapped potential.