3 Reasons Women Should Reskill to Work in Cybersecurity
As women, from a young age, being technically savvy or being interested in math, science, or business wasn’t celebrated. You were "cool" and "popular" if you had great hair or nice jeans, not if you wanted to code software. If the tech industry could go back in time, would it celebrate more complex subjects like we are now with the "STEM" movement? Yes, of course — but that’s not going to fill industry gaps and bolster security posture in the fight against cybercrime.
Women in Cybersecurity
According to an (ISC)² study, women make up roughly a quarter of the overall cybersecurity workforce. We’ve come a long way over the last decade (women made up about 10% of cybersecurity jobs in 2013), but we know the industry needs to work toward even greater diversity.
Addressing the gender gap starts with sparking interest at a young age. We can also get creative with our most passionate and loyal current employees and realize not every cybersecurity role is a "special snowflake." There are many open roles that call for in-depth skills that have been honed and developed over time. What about all the roles that don’t?
Here’s the secret: Not everyone who works in cybersecurity needs to be a cybersecurity expert. At least not right away. Cybersecurity expertise can be taught or learned. So, one way to get closer to bridging the talent gap is to reskill talent from other professions.
Reskilling to Work in Cybersecurity
Here are three reasons why women should consider reskilling to work in cybersecurity:
1. Cybersecurity Professionals are in High Demand
There are millions of unfilled cybersecurity positions around the world and simply not enough cybersecurity experts on the global market to effectively do the work that needs to be done to manage growing cybersecurity risks. An (ISC)² study said there’s a global cybersecurity workforce of 4.7 million, but the gap is almost 3.4 million; according to research by Gartner, a growing number of enterprises feel the availability of talent is the biggest challenge to emerging technology adoption.
Cybercriminals are relentless and putting every organization at risk. It’s not a matter of if you’ll be attacked, but when. Attackers are more sophisticated in their attacks and breaches are happening with more frequency and severity. Nation-state actors will become more brazen by attacking critical infrastructure – such as our pipelines, food supply chain, IT infrastructure, health care systems, water, and energy grids. Nation-state actors and hostile corporations are collaborating and outsourcing their espionage tactics to “hack-for-hire” companies.
No industry is more secure than others when it comes to cyberattacks. Cybercriminals are going after organizations in every sector–no matter how big or small–and many of these companies are unprepared and short-handed. It’s no surprise that data-focused and security-related positions are among the most in-demand jobs, and knowing your role is critical to a company’s success can come with a great sense of pride.
2. You Don’t Have to go Back to School
I got a degree in information technology and business management and ended up being exposed to cybersecurity by accident while working in a different role in IT. I fell in love with cybersecurity and have never looked back. Now I can’t imagine doing anything else.
People with a similar background in IT, engineering, math, or physics may have the aptitude and skills to excel as cybersecurity professionals, even if they don’t have formal education or experience in this space. Some jobs suitable for reskilling for cybersecurity include IT pros, such as network engineers or systems administrators, as they may have the skills and foundational knowledge needed to transition. Software developers with experience in programming languages can reskill for cybersecurity roles such as security software developer or incident response analyst. Others in auditing or law enforcement can reskill for roles such as information security manager, incident response analyst or as a cybercrime investigator.
Typically, cybersecurity applicants should be familiar with security best practices and industry compliance regulations–but you can learn all of this. While in some parts of the business, you should be knowledgeable and experienced with security technologies such as firewalls and encryption and have experience with programming languages, other parts of the business, like supporting functions, are more easily trained. For example, take technical writers or customer service representatives. Women can be trained in many of these roles if they have good experience outside of cybersecurity.
Soft skills also shouldn’t be overlooked. A candidate can have plenty of credentials that look good on paper, but strong critical thinking, analytical and problem-solving skills are the superpowers that make the best cybersecurity pros stand out. This instinct helps security leaders identify and mitigate security risks. Thinking outside of the box is also key.
Creativity, curiosity, and the ability to come up with new solutions are critical in a constantly evolving field. Strong communication skills are also important because cybersecurity roles involve collaboration with other departments.
Employers also have a role to play by rethinking the job requirements list and where they look for candidates. Go beyond the online job boards and consider someone with a different educational background that can be reskilled or trained where skillsets overlap with cybersecurity.
3. There are Opportunities for Growth and Making a Difference
As a woman who’s worked in tech and security for nearly 20 years, I believe in actively supporting other women in this industry. I’ve mentored many team members and students over the years across many functions. Women want to succeed professionally. We also want to make a social impact and inspire others.
I created The Leadership Bench Program within my organization to support aspiring leaders by challenging them with stretch goals that develop their leadership abilities. The majority (90%) of candidates in this program have been women or visible minorities. Through programs like this, we can encourage women by giving them opportunities to be exposed to the many areas of security that align with their passions.
Executive levels are still sparsely populated by women, but we’ve achieved so much over the past few years. Let’s keep going. Cybersecurity needs women. The more we encourage women to get into this space, the more talent we’ll attract. We need schools to push these career options, we need organizations to commit to training, and we need to rethink how we market jobs. By supporting women and showcasing their success stories, we’re empowering more women to know their value, break through glass ceilings, secure board seats, get to the C-Suite – and never look back.
Read the full article in Security Boulevard.