Why is gender diversity important in cybersecurity?


by Camellia Chan and May Chng

We talk about the skills gap and talent shortage in the cybersecurity sector, but do we really understand how dire the situation is?

According to Cybersecurity Ventures1the number of unfilled cybersecurity positions stood at approximately 3.5 million positions in 2022 and is expected to persist until 2025. This is roughly the size of Uruguay’s population, and more than that of Lithuania – to put that in perspective.

What percentage of the cybersecurity workforce is made up of women? The same report reveals that women hold only 25% of cybersecurity jobs worldwide. A clear solution to closing the talent gap is to encourage more women to enter the cybersecurity field, as their contributions will not only bridge the shortage of qualified talent, but will also add valuable perspectives and momentum to the sector.

As female leaders in the industry, we have a front-row seat to the challenges women face when joining this industry. Since there are already many female leaders in tech sharing their strategies for advancing women’s participation in the industry, we’re taking a slightly different route here.

In hopes of inspiring more people to step forward and play a role in this essential industry, we want to answer the “Why”. In this article, we share some important contributions that women can and are already making in the cybersecurity landscape.

We’re all in this together and a woman’s perspective matters

Just as personalization is the basis of service industries, tailored attacks are the norm for the Pirates in today’s digital landscape. They exploit our differentiated weaknesses, whether through phishing emails designed to attract specific demographics or targeted malware campaigns aimed at exploiting vulnerabilities specific to certain groups. In such a scenario, it is paramount to have diverse perspectives and understandings of how different attack and victim groups might act.

Take the case of the “romantic comedy” cyber attack in October last year. This campaign specifically targeted women, including female political leaders, by leveraging their interests and personal information to create convincing phishing emails and social engineering tactics.

Such examples highlight the need for a more holistic and nuanced approach to cybersecurity, one that takes into account the diverse experiences and vulnerabilities of all potential targets.

Growing with hackers is no longer the “Old Boy’s Club”

Are cybercriminals doing this better than cyber defenders? Given the anonymity of hacker forums, it may be accurate to say that skill matters more than gender in the criminal world.

In the ongoing debate about diversity and inclusion of women in cybersecurity, it is disheartening to realize that this conversation is still necessary in the 21st century. While we continue to champion diversity, hackers operate in the shadows, exploiting our weaknesses with impunity.

In the criminal world of cybercrime, it goes without saying that skills often matter more than gender. Cybercriminals are recruited or operate independently based on their abilities, not their gender.

Perhaps it is time for the cybersecurity industry to evolve beyond the outdated notion of the “Old Boy’s Club” and embrace a more inclusive and meritocratic approach to recruiting and developing talent.

By prioritizing skills and diversity of thought over traditional gender norms, we can build a stronger, more coherent and insightful vision of how to address cybersecurity challenges.

Connecting communications across the organization

Within a company, women are the majority in areas such as human resources, communications and public relations. In the United States, 70% is the proportion of female public relations practitioners, according to a 2020 study by the Public Relations Society of America.2.

So, is it simply a matter of being better suited to certain job fields? In our opinion, this is a mindset that evolves slowly and needs to evolve even faster.

This status quo is largely due to the skills perceived to be required for the job areas mentioned above, involving communication, empathy and relationship building.

Is it reserved for women? No. These are qualities that many men possess and can also demonstrate at work. Men and women often limit themselves, based on these preconceived ideas about what roles are best suited to their gender.

But what happens if individuals of all genders, ages, races or backgrounds are distributed equally within an organization? We are then able to free ourselves from the invisible chains of “us” and “them” and work much more transparently within an organization.

Without unconscious gender barriers between departments, communications and mutual understanding can be created more easily, resulting in more effective results and performance.

This also means that leaders must work hard to eliminate stereotypes and negative experiences that can harm an employee’s early experience in the industry – such as not being taken seriously, being asked to coffee or anything else that might diminish one’s abilities as an equal at work. painting.

A united workforce against cybercrime, every time

The importance of gender diversity in cybersecurity cannot be overstated. It’s not just about closing the skills gap or filling vacancies; it’s about harnessing the full potential of a diverse workforce to confront the ever-evolving threats posed by cybercriminals.

As we strive to build a safer and more secure digital future, let’s recognize that a woman’s perspective matters, not only on International Women’s Day, but every day in the fight against cyber threats.

About the authors:

Camellia Chan And Can change are the co-founders of hardware cybersecurity and memory storage specialist, Flexxon. Since founding the company in 2007, Camellia and May have grown Flexxon into a global company with offices in Singapore, the United States, Malaysia, Taiwan and Hong Kong. The company holds more than 40 patents for its innovative cybersecurity hardware solutions that use artificial intelligence and machine learning to proactively detect, respond to, and remediate cyberattacks.

Leave a comment