Women in Cybersecurity/IT: A Matter of Strategy


If an organization has a culture of diversity and inclusiveness, there is typically a strategy in place to hire more women in cybersecurity/IT. This is especially true in consulting, where there is a concerted effort to hire more women. From a recruiting perspective, there is a small talent pool of women in cyber/IT to hire from. But I am starting to see more effort/focus on pipeline development coming from schools and organizations.

A female CISO I recently spoke to said, “I am not seeing a lot of women enter the field, but I am seeing STEM (science, technology, engineering, and math) efforts, encouraging students in college to enter the technical fields where they may see an avenue toward cybersecurity.”

Bringing More Women into Cybersecurity/IT Careers
As I said, building that talent pipeline is key. More effort and investment need to be made at the high school level to encourage girls to take the cybersecurity/IT career path. We need to show that it is cool, that it is in demand, that Fortune 500 companies are looking for women in cybersecurity/IT, and that it is a rewarding career. This effort should underline the fact that the pay disparity between women and men in cyber/IT is significantly less than in other fields.

Unfortunately, studies show that girls are actually discouraged from STEM careers by their school counselors, who often lack the information needed to steer them toward nontraditional female roles. Girls also do not study for cybersecurity/IT careers, because they do not know anyone in these fields or what they do. Getting into the schools is critical to developing that pipeline.

I recently attended a career night at my daughter’s school. There were a lot of dads in IT and the students that stopped by were primarily boys. We need to change this. Girls need to know that this is a field for them too, and that it is a great way to make an impact on an organization and earn a great salary.

Engagements with cyber professionals allow students to have more knowledge and envision pathways for themselves to pursue cyber careers. It is critical that we give girls cyber experience so they can make their own discoveries and impacts. They are more likely to pursue cyber careers if they have had hands-on experience, so experiential learning is vital to generating interest.

Scholarships and Mentoring
Mentoring and coaching girls and women toward cybersecurity/IT careers is a must. When employees and employers make a commitment to positively impact the community by volunteering, everyone benefits. We need more scholarships for women studying cybersecurity/IT. There should also be a focus on under-represented students, such as those from low-income families or minority populations. We need male leaders to visibly support all of these efforts.

Another critical focus is retention. Even if women are in cyber/IT, most leave the profession after an average of 10 years, because there are so few female role models in senior leadership. A lack of sponsorship also contributes to this problem. Sponsorship differs from coaching/mentoring. Sponsors have authority and influence. They put their personal capital at stake to “talk up” women when they are not there at leadership meetings. Sponsors can put them in front of the right people and recommend them for leadership opportunities, experiences or promotions.

Fostering a Culture of Diversity
We need to have more women in cyber speak at conferences. I’m always amazed when I speak at a conference and women come up to me to say, “It’s nice to see a female speaker at these events.” It should not be so rare to see a woman cyber leader in a keynote speaker role.

Having a culture where diversity and inclusiveness are valued is crucial. A significant part of that is the recognition that diverse teams and perspectives enable organizations to be successful. Organizations need to set performance metrics related to hiring women in cyber/IT to affect executive bonuses and put succession plans in place that purposely provide for future female cyber leaders.

Editor’s note:  As part of ISACA’s celebration of Women in Technology Month this month, we have launched a pilot of theConnecting Women Leaders in Technology program, an effort to engage female professionals in the areas of education, awareness and advocacy. ISACA is seeking women in tech to guest blog on the subject of their choice. If you are interested in learning more, please contact [email protected].

Debbie Lew, Executive Director, Ernst & Young LLP

[ISACA Now Blog]

You may also like

Leave a Reply

%d bloggers like this: