Are Women Better At Cyber Security?

At least every couple of months a new report comes out outlining the crippling skills shortage the cyber security industry is facing. It’s a recurring topic that comes up again and again. For instance, the recent Institute of Information Security Professionals report reveals the proportion of respondents reporting a dearth of skills as a challenge growing to 18%, up from just 8% in 2015.

This issue is worsened by the increasing number of cyber threats hitting businesses and the rate of advancement in new security technologies. However, the way businesses are currently going about it isn’t working. 

The problem is many organisations focus on young people still in schools or even colleges that have already chosen set of subjects and career path. But by this point, it’s too late to encourage young people towards a STEM (Science, Technology, Engineering and Maths)-related path.

Of course, a cyber security career doesn’t always have to consist of studying these subjects, but they do help in shaping an analytical and curious mindset. In order to encourage more students to go down this path, organisations should be reaching out to students at a much younger age.

The OWASP foundation, for example, has been involved in running events with schools, at all levels, where they learn from security professionals and can see the benefits gained from them. During these workshops, students witness security professionals walking through cool projects and techniques. They also go on to describe what excites them about their day-to-day jobs. This results in leaving students interested and wanting to expand their cyber security knowledge further. Interestingly, in a recent session run by OWASP, they found the students that performed the best were the girls. 

They held focus throughout the event, were able to think outside the box and solve complex problems with minimal effort: key skills needed for a role in cyber security. And key skills anyone could harness, whatever their gender.

Sadly, many women and young girls have been put off jobs in technology. Bar their raw talent in the sought-after skills in the area. In fact, ISC projected a shortage of 1.8 million cyber security workers by 2022.  And women make up only 11% of that workforce, based on Frost & Sullivan’s 2017 Global Information Security Workforce Study.

Luckily there are various initiatives, such as the training scheme by Protection Group International (PGI) and Hawker Chase aiming to bring more women in cyber-security. PGI outlined that candidates don’t need previous experience or qualifications, only aptitude. This programme will prepare women for an entry-level career in the space.

In addition, we must ensure that when students select a technical root in college, they are taught the skills required in today’s workforce. This might sound obvious, but many university courses are outdated and not practical enough for today’s workplace, whereby cyber-criminals find new and innovative ways to exploit application vulnerabilities on a daily basis.
And most graduate developers come straight into the industry from education, where they are taught poor habits, such as focusing on getting the software ready as fast as possible, often leading to insecure code.

This helps explains the climbing number of cyber-attacks at the application layer, hackers know this layer is often left unprotected. 

But it’s why organisations, are focused on creating freely available resources and syllabuses that are very relevant, working closely with universities, and providing organisations with best in class approach to security implementation, processes and procedures. 

Application security needs more analytical, curious and creative individuals in the industry. So, let’s continue to inspire the next and current generation to give it a go.

Information-Age:

You Might Also Read:

Why Are So Few Women In Cybersecurity?:

Female Role Models & The Early Days Of Computing:

 

 

« Fake Dating Apps Infiltrate Israeli Military
Fake News Is A Real Cybesecurity Risk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

CANVAS Consortium

CANVAS Consortium

The CANVAS Consortium aims to unify technology developers with legal and ethical scholar and social scientists to approach the challenges of cybersecurity.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Red Sift

Red Sift

Red Sift is the only integrated cloud email and brand protection platform, supporting organizations to secure their communications.

Sylint

Sylint

Sylint is an internationally recognized cyber security and digital data forensics firm with extensive experience discretely addressing some of today’s biggest cyber breaches.

Havoc Shield

Havoc Shield

Havoc Shield is an all-in-one information security platform that includes everything a growing team needs to secure their remote workforce.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Perygee

Perygee

Perygee is a fully integrated platform for operational security. Companies depend on Perygee to identify and streamline the most important security practices for their operations.

BDO Global

BDO Global

BDO is an international network of public accounting, tax and advisory firms which perform professional services under the name of BDO.

Altospam

Altospam

Altospam is a full service corporate email protection, integrating multiple security levels for your emails.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Cysurance

Cysurance

Cysurance is a next-generation risk mitigation company that insures, warranties and certifies security solutions.

Frontier Technology Inc. (FTI)

Frontier Technology Inc. (FTI)

Frontier Technology Inc provides the technology and deep data expertise to drive the best defense and intelligence solutions.

AuditBoard

AuditBoard

AuditBoard is the leading cloud-based platform transforming audit, risk, ESG, and InfoSec management.

Invisily

Invisily

Invisily makes enterprise and cloud computing resources invisible to attackers with zero trust solutions, making them visible only when needed to only those who need them.

DATS Project

DATS Project

DATS Project enables the utilization of high computing power across a number of cybersecurity services, all on a pay-as-you-go basis, eliminating the need for upfront investment costs.