Are Women Better At Cyber Security?

At least every couple of months a new report comes out outlining the crippling skills shortage the cyber security industry is facing. It’s a recurring topic that comes up again and again. For instance, the recent Institute of Information Security Professionals report reveals the proportion of respondents reporting a dearth of skills as a challenge growing to 18%, up from just 8% in 2015.

This issue is worsened by the increasing number of cyber threats hitting businesses and the rate of advancement in new security technologies. However, the way businesses are currently going about it isn’t working. 

The problem is many organisations focus on young people still in schools or even colleges that have already chosen set of subjects and career path. But by this point, it’s too late to encourage young people towards a STEM (Science, Technology, Engineering and Maths)-related path.

Of course, a cyber security career doesn’t always have to consist of studying these subjects, but they do help in shaping an analytical and curious mindset. In order to encourage more students to go down this path, organisations should be reaching out to students at a much younger age.

The OWASP foundation, for example, has been involved in running events with schools, at all levels, where they learn from security professionals and can see the benefits gained from them. During these workshops, students witness security professionals walking through cool projects and techniques. They also go on to describe what excites them about their day-to-day jobs. This results in leaving students interested and wanting to expand their cyber security knowledge further. Interestingly, in a recent session run by OWASP, they found the students that performed the best were the girls. 

They held focus throughout the event, were able to think outside the box and solve complex problems with minimal effort: key skills needed for a role in cyber security. And key skills anyone could harness, whatever their gender.

Sadly, many women and young girls have been put off jobs in technology. Bar their raw talent in the sought-after skills in the area. In fact, ISC projected a shortage of 1.8 million cyber security workers by 2022.  And women make up only 11% of that workforce, based on Frost & Sullivan’s 2017 Global Information Security Workforce Study.

Luckily there are various initiatives, such as the training scheme by Protection Group International (PGI) and Hawker Chase aiming to bring more women in cyber-security. PGI outlined that candidates don’t need previous experience or qualifications, only aptitude. This programme will prepare women for an entry-level career in the space.

In addition, we must ensure that when students select a technical root in college, they are taught the skills required in today’s workforce. This might sound obvious, but many university courses are outdated and not practical enough for today’s workplace, whereby cyber-criminals find new and innovative ways to exploit application vulnerabilities on a daily basis.
And most graduate developers come straight into the industry from education, where they are taught poor habits, such as focusing on getting the software ready as fast as possible, often leading to insecure code.

This helps explains the climbing number of cyber-attacks at the application layer, hackers know this layer is often left unprotected. 

But it’s why organisations, are focused on creating freely available resources and syllabuses that are very relevant, working closely with universities, and providing organisations with best in class approach to security implementation, processes and procedures. 

Application security needs more analytical, curious and creative individuals in the industry. So, let’s continue to inspire the next and current generation to give it a go.

Information-Age:

You Might Also Read:

Why Are So Few Women In Cybersecurity?:

Female Role Models & The Early Days Of Computing:

 

 

« Fake Dating Apps Infiltrate Israeli Military
Fake News Is A Real Cybesecurity Risk »

Perimeter 81

Directory of Suppliers

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cybernetica

Cybernetica

Cybernetica is an ICT company with activities in e-government, marine comms, data analysis and research in information security technologies.

Arilou Technologies

Arilou Technologies

Arilou Cyber Security, part of NNG Group, is a pioneer in the field of automotive cyber security.

Keynetic Technologies

Keynetic Technologies

Keynetic focuses on developing cybersecurity solutions for Industry 4.0.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

Fiserv

Fiserv

Fiserv offers a wide array of Risk & Compliance solutions to help you prevent losses from fraud and ensure adherence to regulatory and compliance mandates.

National Cybersecurity Competence Centre (NC3)

National Cybersecurity Competence Centre (NC3)

NC3 has been established in response to growing demands for practically applicable products and solutions for ensuring cybersecurity of critical and non-critical information infrastructures.

Collins Aerospace

Collins Aerospace

Collins Aerospace provides cybersecurity services and systems to protect critical infrastructure facilities and railroad operations.

Borsetta

Borsetta

Borsetta creates end-to-end intelligent computing solutions for edge devices by combining the highest levels of hardware security, compute density, and neural network efficiency.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

Cirosec

Cirosec

Cirosec is a specialized company with a focus on information security. We carry out pentests & audits and advise our customers in the German-speaking countries on information and IT security issues.

Inetum

Inetum

Inetum (formerly Gfi Informatique) is an agile IT services providing digital services and solutions, and a global group that helps companies and institutions to get the most out of digital flow.