A Best-Practices Guide to Attract and Retain Women in Cybersecurity Teams
3rd Mar 2021
Cybersecurity needs to build a diverse workforce, able to respond to the challenges of a globalised and ever-changing world. Different ways of approaching problems, when coordinated, bring a competitive advantage to cybersecurity teams as they can strategically and satisfactorily meet such challenges. Today, women only account for 20% of the poorly diverse cybersecurity workforce worldwide. On top of that, Cybersecurity Ventures predicts that there will be 3.5 million unfilled jobs globally by 2021 , leading to a huge increase in cybercrime, which is predicted to cost the world $6 trillion annually by the same year. The female underrepresentation in cybersecurity is accounting for this reality.
The European Commission has been actively working on this issue and has set three main strategic actions to increase women’s participation in the digital sector:
1. Challenging digital gender stereotypes;
2. Promoting digital skills and education;
3. Advocating for more women entrepreneurs.
But why does the industry fail to attract and retain women in cybersecurity workplaces? Women point to the competitive, gamified, and male-dominated cybersecurity environment as one of the main reasons for not taking nor following the path of cybersecurity. We need to start breaking down these stereotypes and make your cybersecurity environment more welcoming and attractive to women. SPARTA gathered some of the best-practices you can adopt in a short guide: Best practices guide - Women in Cybersecurity!
Best-Practices
Targeting on integration strategies and equity at work will promote diversity, and generate synergies with great multidisciplinary and multicultural value.
“It doesn’t have to be expensive: companies can make the simple change of diversifying their security team. If implemented optimally as part of a firm’s recruitment strategy, this brings more views to the table and increases the range of skills available.”(O’Flaherty, 2019)
1. Understand the problem
You can only successfully help to close the cybersecurity gender-gap if you are aware of the bigger picture. You should know and understand the numbers, the challenges we face, and the current policy initiatives. Here are some links for enlightening readings, and interesting interviews with women working in Cybersecurity:
🔗ISC2 Women in Cybersecurity Report
🔗CREST - Closing the Gender Gap in Cyber Security
🔗Gender equality and digitalisation in the European Union
2. Learn to communicate cybersecurity
Cybersecurity is viewed as being incredibly technical, gamified, and competitive, leading to a lack of interest. Yet it’s very interdisciplinary and diverse and it needs to be communicated as such. Cybersecurity goes further beyond tech as it needs a holistic team, from different areas and backgrounds, like psychology, law, communication, education, and business. Re-think the messages that are being sent and don’t forget to train your Human Resources to be aware of what kind of cybersecurity profiles should be understood. To start, the images used should be more inclusive and not perpetuating stereotypes of a faceless man with black hoodies invading a computer, nor introducing only male figures performing tech activities.
3. Use gender-sensitive language
This toolkit on how to use more gender-sensitive language, by EIGE, helps you! Also, try not to use tech jargon while speaking. 🔗Toolkit on Gender-sensitive Communication
4.Ensure women visibility
The lack of role models in the industry, related to the lack of visibility of women working in cybersecurity leads to less involvement of pupils in the field. We urgently need to put female cybersecurity professionals in the spotlight through news, podcasts, interviews, meetings, speaking at conferences and so breakdown the stereotype that cybersecurity is a man’s job.
5. Ensure equal pay for equal work
Accordingly to an ISC2 study, women working in cybersecurity earn 12% less than men. “Some of this inequity may be explained by age and tenure,” they write “But this doesn’t erase the reality revealed in previous research that women in cybersecurity managerial positions earn about $5,000 less than men”. We must reach equity in salaries.
6. Empower women and promote network
The European Institution for Gender Equality (EIGE) reported that more than nine out of ten boys and girls aged between 16-24 have sufficient competences to use digital technologies in their daily life, but boys (73%) are more confident of their abilities than girls (63%). This reflects the need to empower women, through strategies to build self-awareness and self-confidence, especially of their capabilities. To empower also means to invest time networking and developing leadership skills, which is as important as developing technical skills. A mentorship program is an excellent way to start going down this road of women empowerment! SPARTA has gathered a few steps to guide your company through a successful mentorship program.