The cyber skills gap means closing the gender one

gender skills gap

Shelley O’Leary, EMEA Channel Manager at Digital Guardian, comments on the skills and gender gap cybersecurity companies are presently facing.

The cybersecurity industry has a skills gap. It also has a gender one. It doesn’t take a computer scientist to work out that the latter reinforces the former. Recruiting more women and non-binary people into the industry and closing the gender gap is crucial to gaining much-needed talent for the sector. So how can this be done?

The cybersecurity industry is facing a war on two fronts. Externally, it’s battling an increased global threat with cyberattacks growing in frequency and sophistication. Internally, it’s wrestling with a skills shortage: according to the (ISC)² Cybersecurity Global Workforce Study 2021, there are 2.7 million unfilled cybersecurity positions around the world. This short-staffing means organizations cannot keep on top of threats, struggle with patching delays, and risk more significant errors and oversights due to overstretched staff. And the shortage has a direct impact on cybersecurity teams, too, as existing teams are burdened with an increased workload, leading to burnout.

This isn’t the only gap the industry has. The (ISC)² also estimates that three-quarters of cybersecurity professionals are still male. This gender imbalance isn’t just an ethical issue; it also has commercial implications. Gender diversity – and diversity in all aspects and identities – brings new viewpoints, experiences, and approaches that are incredibly valuable to a business and boost creativity. A gender-diverse workforce also helps an organization interact more honestly and authentically across different demographics and lessen the chances of making harmful mistakes. This commercial advantage isn’t theoretical: companies in the top quartile for gender diversity on executive teams are 25 percent more likely to have above-average profitability than companies in the fourth quartile.

When viewing these statistics side by side, it’s clear there’s one solution to both problems: drawing more women and non-binary people into the sector. Bringing them into the industry will help meet the skills shortfall while simultaneously creating a more gender-diverse workforce. It’s a win-win situation. But how can it practically be done?

Working towards gender diversity

Perceptions are powerful things. One of the barriers to women and non-binary people entering the cybersecurity industry is the belief that it’s the preserve of men. It’s a belief that draws on fact: historic male overrepresentation in the sphere and the gender pay gap send a message that cybersecurity is a space for men, where the work of women and non-binary people is of less value.

It’s vital we change this; closing the gender pay gap is, of course, crucial, but there are other, smaller ways organizations can break down the idea that cybersecurity is only a place for men. Making sure job descriptions are gender-neutral in language, using marketing materials that highlight the work of women in the sector, and creating female and non-binary role models (by amplifying their voices at industry events, for example) are some of the steps we can take to demonstrate that cybersecurity is a world for all genders.

But the conditioning starts young, so our work to correct the gender imbalance must go further back. When asked by the (ISC)² in 2020 about the best way to increase women’s representation in the field, cybersecurity professionals identified encouraging women to pursue STEM degrees in university as the most effective action. To do this, the idea must be planted early. Out of school clubs and talks and presentations at schools geared towards encouraging girls and non-binary young people to consider technology subjects are important ways to encourage underrepresented genders into the sector.

We also need to break away from the idea that there’s one path into cybersecurity. Those within the industry know it’s a very varied sector, and you don’t need to have a background in programming to thrive. In fact, cybersecurity professionals say that traits such as strong problem-solving abilities, curiosity and eagerness, strong communication skills, and strategic thinking are equally or more important than certifications and relevant cybersecurity experiences for new entrants to succeed in the field. Amplifying the importance of these in job descriptions is a way to draw in women and non-binary people who may not have a STEM degree and may not have considered a cybersecurity career.

And it’s not simply about the assumptions people have looking in. Creating a gender-diverse workforce involves interrogating and overriding the subconscious gender bias in hiring processes and unlearning the gendered assumptions we’ve all been taught. Ways to do this include bias training and de-biasing hiring software, so all the work done to get underrepresented groups to apply isn’t then undone at the hiring stage.

Gender inclusion

Closing the gender gap isn’t just about bringing women and non-binary people into cybersecurity. It’s about keeping them here. This is where inclusion comes in: making certain underrepresented groups aren’t just statistics on a company payroll but are given equal opportunity to be heard and progress. Not only will failure to do this result in talent loss, but it will also mean companies aren’t gaining from the diversity of experience they have on paper. You won’t benefit from underrepresented talent if they’re only found in your junior roles.

Ways to ensure your organization is gender-inclusive include mentorship at all job levels, eliminating the promotion gap, increasing female leadership presence, and continually asking if you’re doing all you can to make the workplace supportive for all genders. There’s always more that can be done.

Finally, it’s essential to note that when it comes to any discussion of gender, intersectionality is critical. Organizations need to recognize the role other aspects of identity – such as race, class, disability, and sexuality – play in people’s lives and actively address the additional barriers they face. Closing the gender gap is crucial, but cybersecurity won’t be a fully diverse, inclusive industry unless it takes steps to draw in people from all backgrounds and give them the opportunities and space to thrive.

Read More:

The cybersecurity industry may be struggling with its skills gap, but the solution is right in front of it. There’s a wealth of untapped, underrepresented talent out there who can make up the skills shortfall while correcting the sector’s diversity problem in the process. But this won’t happen by accident. If the industry wants to see this become a reality, it needs to take active steps to change its image, encourage and support underrepresented groups and deconstruct its bias. Closing the skills gap means opening up new opportunities.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...