Are Women Better At Cyber Security?

At least every couple of months a new report comes out outlining the crippling skills shortage the cyber security industry is facing. It’s a recurring topic that comes up again and again. For instance, the recent Institute of Information Security Professionals report reveals the proportion of respondents reporting a dearth of skills as a challenge growing to 18%, up from just 8% in 2015.

This issue is worsened by the increasing number of cyber threats hitting businesses and the rate of advancement in new security technologies. However, the way businesses are currently going about it isn’t working. 

The problem is many organisations focus on young people still in schools or even colleges that have already chosen set of subjects and career path. But by this point, it’s too late to encourage young people towards a STEM (Science, Technology, Engineering and Maths)-related path.

Of course, a cyber security career doesn’t always have to consist of studying these subjects, but they do help in shaping an analytical and curious mindset. In order to encourage more students to go down this path, organisations should be reaching out to students at a much younger age.

The OWASP foundation, for example, has been involved in running events with schools, at all levels, where they learn from security professionals and can see the benefits gained from them. During these workshops, students witness security professionals walking through cool projects and techniques. They also go on to describe what excites them about their day-to-day jobs. This results in leaving students interested and wanting to expand their cyber security knowledge further. Interestingly, in a recent session run by OWASP, they found the students that performed the best were the girls. 

They held focus throughout the event, were able to think outside the box and solve complex problems with minimal effort: key skills needed for a role in cyber security. And key skills anyone could harness, whatever their gender.

Sadly, many women and young girls have been put off jobs in technology. Bar their raw talent in the sought-after skills in the area. In fact, ISC projected a shortage of 1.8 million cyber security workers by 2022.  And women make up only 11% of that workforce, based on Frost & Sullivan’s 2017 Global Information Security Workforce Study.

Luckily there are various initiatives, such as the training scheme by Protection Group International (PGI) and Hawker Chase aiming to bring more women in cyber-security. PGI outlined that candidates don’t need previous experience or qualifications, only aptitude. This programme will prepare women for an entry-level career in the space.

In addition, we must ensure that when students select a technical root in college, they are taught the skills required in today’s workforce. This might sound obvious, but many university courses are outdated and not practical enough for today’s workplace, whereby cyber-criminals find new and innovative ways to exploit application vulnerabilities on a daily basis.
And most graduate developers come straight into the industry from education, where they are taught poor habits, such as focusing on getting the software ready as fast as possible, often leading to insecure code.

This helps explains the climbing number of cyber-attacks at the application layer, hackers know this layer is often left unprotected. 

But it’s why organisations, are focused on creating freely available resources and syllabuses that are very relevant, working closely with universities, and providing organisations with best in class approach to security implementation, processes and procedures. 

Application security needs more analytical, curious and creative individuals in the industry. So, let’s continue to inspire the next and current generation to give it a go.

Information-Age:

You Might Also Read:

Why Are So Few Women In Cybersecurity?:

Female Role Models & The Early Days Of Computing:

 

 

« Fake Dating Apps Infiltrate Israeli Military
Fake News Is A Real Cybesecurity Risk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

Libraesva

Libraesva

Libraesva specialize in Email Security. From Email Security, Phishing Awareness and Email Archiver. We can assist you with any email issues you may have.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

File Centre

File Centre

File Centre is a leading specialist when it comes to data backup, we offer our clients a premium backup retrieval and delivery solution.

Protiviti

Protiviti

Protiviti consulting solutions span critical business problems in technology, business process, analytics, risk, compliance, transactions and internal audit.

Telelogos

Telelogos

Telelogos is a European provider of Enterprise Mobility Management software, Digital Signage software and Data Transfer and Synchronization software.

Aergo

Aergo

Aergo offers an easier and more proven way to adopt blockchain and transform your business while building on your existing IT and cloud assets.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

OnDefend

OnDefend

OnDefend delivers information security solutions that improve overall security posture, reduce risks and defend against continually evolving and persistent cyber adversaries.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

ThreatLocker

ThreatLocker

The ThreatLocker Platform provides a Zero Trust security solution that offers a unified approach to protecting users, devices, and networks against the exploitation of zero day vulnerabilities.

Paubox

Paubox

Paubox offers secure, HIPAA compliant email and marketing solutions to fit the needs of modern healthcare organizations of every size.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

CatchProbe Intelligence Technologies

CatchProbe Intelligence Technologies

CatchProbe provides actionable web intelligence, OSINT, deception systems, threat intelligence, and digital crime analytics solutions and products through an AI-Driven intelligence platform.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

WBM Technologies

WBM Technologies

WBM Technologies is a Western Canadian leader in the provision of outcomes-driven information technology solutions.