For quite some time, the number of women in the cybersecurity industry
has hovered around 11 percent of the overall workforce. However, recent
statistics show a modest uptick with the number now estimated to be about 24
percent − a bit of heartening progress.Some other interesting
trends are emerging, which we explore further in our annual “Women in IT
Security” coverage. For instance, (ISC)2’s Cybersecurity Workforce
Study found more women generally taking up leadership roles than men − among
them, CTO, VP, director and C-level positions in IT and IT security. Other
researchers are finding that the ranks of women filling CISO roles in large
enterprises will continue to grow.We’ve also seen
organizations of all stripes giving some heavy attention to ensuring that the
concept of diversity is palpably applied across their enterprises. Not only are
they looking to ensure their employee makeup is composed of pros with
appropriate experience and know-how, but they’re making strides to ensure the
ranks see a variety of nationalities and sexes. Of these, some are taking
concerted efforts to close gender pay gaps and releasing annual or bi-annual
reports to employees to showcase what they’re doing.
Beyond this, STEM
events for young girls and women are on the rise. IT/IT security and other
technology- and science-based programs across high schools and colleges
actively are recruiting women and minorities. Many industry conferences have
implemented diversity and inclusion programs.For all the steps forward, however, the trek ahead still is fraught with challenges. Just in the last several months, we saw in a 500-member-strong Facebook group some high-level, mostly male cybersecurity pros disparaging women, trans people and others often underrepresented in the field. And last year, some 4Chan users campaigned to hack the results of a nationwide high school NASA science competition, specifically targeting the only all-female, all-black team. NASA opted to shutter public voting.Despite the lingering
impediments, I can’t help but believe that the evolution of this and other
industries will continue to become evermore inclusive − maybe so much so that
such a term as “inclusive” won’t need to be uttered.Is my adherence to the
so-called Pollyanna Principle in overdrive? Sure, maybe. But in a vibrant,
ever-adaptable and still maturing infosec industry comprised of an army of
valuable, intelligent and diverse people I’m going to stick with Pollyanna for
awhile. The stories of the fictional orphan and her “Glad Game,” though
old-school, reveal a lot of wisdom. Even now, given all of her trials and the
perseverance she mined to overcome them, it seems Pollyanna was a pretty badass
chick. Who knows? With additional education and some dedicated training, in a
setting befitting our world today, she too could become an accomplished CISO.Illena Armstrong is VP, editorial of SC Magazine.
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news