In recent years, more and more women have climbed the corporate ladder to occupy important positions in the business world serving as role models for young girls. However, according to Kaspersky Lab’s “Beyond 11 Percent: A Study into Why Women Are Not Entering Cybersecurity”, cybersecurity remains largely untapped by women, accounting for only 11% of the total workforce in the industry. The report outlines some interesting facts on why cybersecurity continues to be a difficult career for women to break into.
According to the report, women in cybersecurity face a harsh reality: often being the only female in a room full of men – which may be one of the main reasons most decide not to pursue a career in the field. It is important to emphasize that the lack of women in the industry can generate a snowball effect: the less women in IT security, the more likely women considering the field may lose interest in it. The 2017 Global Information Security Workforce Study, conducted by (ISC) ² and its Center for Cyber Safety and Education, shows that 42% of participants agree that it is important to have a role model of the same gender in their career of interest. In fact, half of the women surveyed prefer to work in an environment that has an equal male/female split.
The study also shows that in general, women are unaware of the skills employers are looking for and if they have the right attributes for the role. When asked why they haven’t decided to pursue a cybersecurity career, women were more likely than men to claim that they don’t have coding experience (57% vs. 43%), have no interest in computing (52% vs. 39%), are not aware of cybersecurity (45% vs. 38%) and that their math is not good enough (38% vs. 25%). Clearly the issue is one of awareness, as companies today aren’t just looking for coders. Skills such as critical thinking and problem solving are just as crucial to a career in cybersecurity, but the perception of the industry from the outside tends to focus primarily on the technical side.
“As a young girl, I was always fascinated by puzzles and board games, which developed into a love of programming and eventually, a career as a security researcher. Working with other experts on Kaspersky Lab’s Global Research and Analysis Team (GReAT), I investigate sophisticated cyberattacks and uncover APTs, cyber-espionage campaigns, major malware, ransomware and other threats. My job requires not only technical skills, but also persistency, creativity and collaboration to think differently and keep up with the malicious attackers,” said Noushin Shabab, Senior Security Analyst at Kaspersky Lab.
Stereotypes associated with cybersecurity are also a big deterrent for women, the study shows. More often than not, terminology that’s associated with the industry, such as ‘hacker’, is generally considered as having negative connotations. In addition, a third of women think cybersecurity professionals are ‘geeks’ and a quarter think they are ‘nerds’, perhaps contributing to the reason why one-in-six women think that a career in cybersecurity would be dull. On this, Shabab points out: “The image of the cybersecurity professional is changing, and with WannaCry, more than half of the young women (58%) came across the industry on TV, radio and online news – according to other studies we have done. It’s a matter of converting this interest into something else.”
In addition to working with various organizations to better understand the obstacles preventing more women from pursuing careers in cybersecurity, Kaspersky Lab has several initiatives, such as Kaspersky Lab Academy, the Kaspersky Cybersecurity Certification Program and Kaspersky Cyber Days to promote industry awareness and occupations as well as to enhance the education of professionals in the area.
For Shabab, as more women start to discover IT security, the quicker it will become a popular career choice among them. “I am one of the lucky ones who discovered this buzz on my own and now I want to encourage more women to follow my lead. An interesting component of being a security researcher is that while some people might send and receive 100 emails a day, I can save thousands of people from the latest online scam in an hour. What’s more, the very fact that cyber attackers don’t work normal office hours means that my role is inherently flexible. To that end, you might find me working in a lab, a data center, from an office, from home or even from my favorite café. My job shapes my lifestyle, and the always-on nature of cybersecurity means I’m constantly thinking of new ways to protect people or businesses from malicious malware – and I love it,” she says.
Besides working to close the gender gap in cybersecurity, Kaspersky Lab has been the proud sponsor of several expeditions spearheaded by inspiring female adventurers. Most recently, the company announced its sponsorship of the first ever all-female EuroArabian North Pole expedition departing in April from the Arabian Peninsula and arriving 10-days later at the geographic North Pole.
“As a company, full of bright female minds who have challenged the status quo to become coders, programmers and cybersecurity researchers, we want to encourage and empower more young women to be brave and do the unexpected – whether that’s reaching the North Pole, or learning to code and becoming a cyber-defender,” said Alex Moiseev, Chief Business Officer for Kaspersky Lab.