My name is Katherine Doman, and I am a student at Boston College, studying finance and marketing. This summer, I interned in Dublin for the cybersecurity startup 4Securitas where I learned about the importance and relevance of data security in the IT industry.
I am really happy that my internship was in the cybersecurity sector because I never thought I would be interested or have the skills to work in this type of industry. It seems like a lot of people think that to work in cybersecurity, you need to be some sort of tech genius who can program different softwares and hack into servers. While the industry definitely needs tech wizards who can do the programming part of the job.
One thing that became clear to me was that cybersecurity is not just about technology but about people – who need to collaborate with technologists to make organizations more secure.
The sector also needs business men and women, HR representatives, and accountants. It is important that people do not get scared off from working in this industry simply because the technology is complex.
It is vital that people become more comfortable with cybersecurity and information technology in general because it is a rapidly growing industry and is the future of how businesses and industries will be operated. In an ideal world everyone should be aware of basics of cybersecurity which frankly doesn’t require technical skills. In the same way non-tech people (including elderly people) can handle easily a smartphone, non techies should be able to deal with cybersecurity.
I am grateful to get early exposure to this type of industry to begin to understand how the industry operates.
One issue I have come across in my research and brief experience in the industry is that many companies in the field are worried about the lack of diversity within cybersecurity. Not only is it important that people with different job skills enter the sector, but it is also important that a diverse group of people are employed. I have come across many articles and reports discussing the implications of the gender disproportion of men to women in the tech industry and, specifically, the cybersecurity sector. According to Cybersecurity Ventures, this fast growing sector will have 3.5 million job openings by 2021. Since there are so many empty jobs within the cybersecurity field, it could negatively impact the sector if gender further narrowed the pool of people entering the field.
Women in Cybersecurity
Women make up approximately 20% of the cybersecurity industry, an increase from the 2013 report of 11% (Cybersecurity Ventures). While the number of women entering cybersecurity is increasing, the field needs many hardworking and knowledgeable women to continue entering the field in order to grow and expand the industry.
My boss, the COO and cofounder of 4Securitas, Donal Kerr, has described how the field is often dominated by men. He noted how the technology industry in general is mostly men, and that the more specialized fields of IT and cybersecurity have even less women than the overall tech industry. I saw what he described when I attended a Grant Thornton Tech Talk Event on “Talking Security,” which presented on different trends within the cybersecurity industry. The presentation talked about the lack of gender diversity. I ironically saw that those in attendance were almost all men except for a few women.
The industry does not need women solely because it needs to fill the many jobs required to grow the industry. In order to expand, the cybersecurity sector needs to employ people who have a range of experiences and backgrounds. As the Director of Strategic Threat Development at Recorded Future, Priscilla Moriuchi, described, it’s not about men vs women, but rather having more women benefits businesses because “diversity in perspectives, leadership, and experience is good for business” (Forbes). She explains that diverse backgrounds are especially important in the cybersecurity sector because the threat actors or hackers also have a wide variety of backgrounds and experiences, allowing businesses to better defend against their attackers.
Fortunately, different companies and organizations have been taking the lack of women in cybersecurity seriously. The EU Commission held a spotlight on Women in Cyber on March 8, 2019, or International Women’s Day, as part of their initiative to attract more women into cyber related fields. The initiative has three parts: combat gender stereotypes and promote role models, increase the number of girls who study and graduate in ICT studies, and promote entrepreneurship for women. Through this, it hopes to attract women, not only with an ICT background, but also a legal, political, and communication background to help advance the cybersecurity agenda. The EU has also published a concrete action plan, laying out the steps to accomplish this initiative. As part of the action plan, the EU Commission drew a common declaration, signed by CEOs in the ICT and media sectors in June 2018. They plan to monitor and track progress in every European country, receiving reports tracking the number of women in the various ICT sectors (European Commission).
While many companies want to try to improve their female representation, many do not have structured programs to help increase diversity and inclusion. Gartner published a report this past spring that outlines best practices that companies can adopt to recruit and retain women in IT. It suggests that using a programmatic approach and metrics, CIOs can make a difference in the retention and representation of women in IT (Gartner).
As the industry continues to expand even further, it will need people of many different skill sets, leaving companies with the task of attracting and retaining more diverse talent.
i Steve Morgan, “2019 Cybersecurity Almanac: 100 Facts, Figures, Predictions And Statistics” 6 Feb. 2019 https://cybersecurityventures.com/cybersecurity-almanac-2019/
ii Steve Morgan, “Women Represent 20 Percent Of The Global Cybersecurity Workforce In 2019” https://cybersecurityventures.com/women-in-cybersecurity/
iii Grant Thornton Tech Talk Presentation “Talking Security, 27 June 2019
iv Laurence Bradford, “Cybersecurity Needs Women: Here’s Why, 18 Oct. 2018 https://www.forbes.com/sites/laurencebradford/2018/10/18/cybersecurity-needs-women-heres-why/#1414d59047e8
v European Commission, 8 Mar. 2019 https://webcast.ec.europa.eu/women-in-cyber-event-march-8th-2019-afternoon-session#
vi Gartner Database: “Recruit, Retain and Report to Improve Representation of Women in IT” 31 May 2019
Article by Katherine Doman, who interned at 4Securitas in 2019