Are Women Better At Cyber Security?

At least every couple of months a new report comes out outlining the crippling skills shortage the cyber security industry is facing. It’s a recurring topic that comes up again and again. For instance, the recent Institute of Information Security Professionals report reveals the proportion of respondents reporting a dearth of skills as a challenge growing to 18%, up from just 8% in 2015.

This issue is worsened by the increasing number of cyber threats hitting businesses and the rate of advancement in new security technologies. However, the way businesses are currently going about it isn’t working. 

The problem is many organisations focus on young people still in schools or even colleges that have already chosen set of subjects and career path. But by this point, it’s too late to encourage young people towards a STEM (Science, Technology, Engineering and Maths)-related path.

Of course, a cyber security career doesn’t always have to consist of studying these subjects, but they do help in shaping an analytical and curious mindset. In order to encourage more students to go down this path, organisations should be reaching out to students at a much younger age.

The OWASP foundation, for example, has been involved in running events with schools, at all levels, where they learn from security professionals and can see the benefits gained from them. During these workshops, students witness security professionals walking through cool projects and techniques. They also go on to describe what excites them about their day-to-day jobs. This results in leaving students interested and wanting to expand their cyber security knowledge further. Interestingly, in a recent session run by OWASP, they found the students that performed the best were the girls. 

They held focus throughout the event, were able to think outside the box and solve complex problems with minimal effort: key skills needed for a role in cyber security. And key skills anyone could harness, whatever their gender.

Sadly, many women and young girls have been put off jobs in technology. Bar their raw talent in the sought-after skills in the area. In fact, ISC projected a shortage of 1.8 million cyber security workers by 2022.  And women make up only 11% of that workforce, based on Frost & Sullivan’s 2017 Global Information Security Workforce Study.

Luckily there are various initiatives, such as the training scheme by Protection Group International (PGI) and Hawker Chase aiming to bring more women in cyber-security. PGI outlined that candidates don’t need previous experience or qualifications, only aptitude. This programme will prepare women for an entry-level career in the space.

In addition, we must ensure that when students select a technical root in college, they are taught the skills required in today’s workforce. This might sound obvious, but many university courses are outdated and not practical enough for today’s workplace, whereby cyber-criminals find new and innovative ways to exploit application vulnerabilities on a daily basis.
And most graduate developers come straight into the industry from education, where they are taught poor habits, such as focusing on getting the software ready as fast as possible, often leading to insecure code.

This helps explains the climbing number of cyber-attacks at the application layer, hackers know this layer is often left unprotected. 

But it’s why organisations, are focused on creating freely available resources and syllabuses that are very relevant, working closely with universities, and providing organisations with best in class approach to security implementation, processes and procedures. 

Application security needs more analytical, curious and creative individuals in the industry. So, let’s continue to inspire the next and current generation to give it a go.

Information-Age:

You Might Also Read:

Why Are So Few Women In Cybersecurity?:

Female Role Models & The Early Days Of Computing:

 

 

« Fake Dating Apps Infiltrate Israeli Military
Fake News Is A Real Cybesecurity Risk »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSIRT.CZ

CSIRT.CZ

CSIRT.CZ is the National Computer Security Incident Response Team of the Czech Republic.

Bayshore Networks

Bayshore Networks

Bayshore Networks was founded to safely and securely protect Industrial IoT (IIoT) networks, applications, machines and workers from cyber threats.

Maverick Technologies

Maverick Technologies

Maverick is an industrial automation, enterprise integration and operational consulting company. Services include industrial cyber security.

Coro Cybersecurity

Coro Cybersecurity

Coro (formerly Coronet) empowers organizations to protect against malware, ransomware, phishing, and botnets - across devices, users, and cloud applications.

DefCamp

DefCamp

DefCamp is the most important annual conference on Hacking & Information Security in Central Eastern Europe.

LUCY Security

LUCY Security

LUCY is the answer when you want to increase your IT security, maintain your cyber security awareness, or test your IT defenses.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

BlackhawkNest

BlackhawkNest

Blackhawk is the only cyber security solution on the market that combines network monitoring and incident response into a cohesive appliance.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

Softwerx

Softwerx

Softwerx is the UK’s leading Microsoft cloud security practice. We’ve been helping forward-thinking companies better secure their businesses for nearly twenty years.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

PolySwarm

PolySwarm

PolySwarm is a crowdsourced threat intelligence marketplace that provides a more effective way to detect, analyze and respond to the latest threats.

LaScala

LaScala

LaScala is an IT Managed Services provider delivering technical, security, and compliance solutions with dedication, compassion, and agility.

BSS

BSS

BSS is a solutions and services business based in the UK with a focus on Cyber Security, Data, Financial Crime, Internal Audit, Change, Risk and Resilience.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.