Monkey Business - Fotolia

Cyber security image putting women and girls off, says panel

There is still a lot of work to be done to change the perception of cyber security and corporate culture to attract more women to the profession, according to a panel of security professionals

The image of cyber security and the people who work in the profession is putting women and girls off from considering it as a career, according to a panel of women working at Intel Security.

“We need to change the way the profession is perceived and emphasise that it is about helping and protecting people,” said Lynda Grindstaff, speaking at Intel Focus 2016 in Las Vegas.

“Few people understand that cyber security provides opportunities to work for the common good both now and for future generations,” she said.

Appealing to women’s “help gene” could be very helpful in attracting them to cyber security, said Celeste Fralick, adding that it is important to engage girls as young as possible on the opportunities that exist.

“Schools have an important role to play in ensuring that girls feel comfortable taking subjects traditionally regarded as being mainly for boys, such as maths and science,” said Lisa Depew.

“When there are only one or two girls in a maths class, schools need to ensure that they do not feel isolated and alone, and it can be challenging to get girls through that at a time in their lives when they are going through so many changes. But if we lose them at that point, it is difficult to get them back,” she said.

Educating girls and women is only part of the solution, said Depew. “We also have to change security culture in organisations to ensure that there are incentives for women to join and that it is easier for women to see and take up the opportunities,” she said.

“Generally there is no obvious incentive, and the perception again is that cyber security is purely technical, but we have to show that it is also about working creatively and working collaboratively in teams to solve problems, said Depew.

Grindstaff advised recruiters to use their professional networks to raise the awareness of the profession and to identify potential candidates in other professions or other parts of the business.

Inclusive environments

Even when women are able to overcome the barriers to working in cyber security, the panel said another common problem is ensuring that they remain in the profession. Retention is almost as great a challenge as attracting them in the first place, they said.

Once again, it is a cultural challenge inside organisations, said Depew. “Many organisations are failing to understand what motivates the people in their cyber security teams and consequently failing to keep them because they are not made to feel as if they are valuable members of the team,” she said.

Organisations need to pay more attention to creating a more inclusive environment, said Grindstaff. “It is not only important to manage external perceptions of the profession, but also to work internally to change people’s ideas of what kinds of people can do well in cyber security,” she said.

For example, Fralick said she had been recruited into cyber security by Grindstaff who saw her potential because of her skills in analytics.

“I have a PhD in biomedical engineering, but Lynda [Grindstaff] helped me to realise that my skills were portable and that I could learn everything I needed to know about cyber security,” she said.

Read more about women and information security

  • Women remain under-represented in the information security workforce, yet represent a talent resource that the industry should tap into, a report has revealed.
  • At RSA Conference 2015, Cloudmark’s Angela Knox discussed how she started a career in InfoSec and how the security industry can appeal to women like her.
  • Female information security professionals say the industry needs to do more to not only encourage women to pursue infosec careers, but also help mentor them along the way.
  • Facebook’s director of security operations says women can have successful careers in information security, and more diversity can help shift the playing field toward security defenders rather than attackers.

On the question of skills retention, Fralick said it is important – particularly with younger recruits – to ensure that they have the freedom they need so that they do not become bored or frustrated.

“There is so much to learn and to explore, but we need to think about giving young recruits the freedom they need to keep them interested,” she said.

Fralick said although the gender bias is beginning to fade, she said it is still mainly up to women to take the first step to becoming accepted by their male colleagues.

“I still read the sports page simply so that I can keep a dialogue going with my male colleagues. I still need to be mindful of being inclusive of them and not to expect them to be inclusive of me,” she said.

Read more on Hackers and cybercrime prevention