When you think of leaders in cyber and tech, are men at the top of your list? Do you know any women in cybersecurity? You can’t be what you can’t see, and CybHER has created a new initiative to highlight leading women in our field and allies who aim to close the gender gap. CybHER Conversations aims to lift up women in cybersecurity and help girls understand what types of careers are in the field while introducing them to leading professionals. Our professionals come from industry, government, research, and academia, and will help girls understand what opportunities are available to them.
CybHER Conversations is open to any K-12 student, teacher, or parent.
Our first professional is the remarkable Diane Janosek. Diane is the Commandant of the National Cryptologic School at the National Security Agency. You can read more about Diane and her work here. You can register for the session here.
Recently, she delivered a keynote titled “Seize the Moment: Now is the time for women in cyber” at the 2020 WiCyS Virtual Conference. You can read the full keynote here.
The Women in Cybersecurity (WiCyS) annual conference was to take place in March 2020 in Denver, Colorado. It’s a celebrated event that many women in the cyber industry and academics look forward to – a chance to collaborate, to learn, to network, to invigorate themselves as a sort of small-but-mighty force in the cyber realm. After all, women only make up about 20-25 percent of the cyber jobs.
As with thousands of other events, COVID-19 shut down the WiCyS 2020 conference to protect its attendees from the spread of the deadly virus. As a member of WiCyS and the president of the Mid-Atlantic Affiliate, I was disappointed that we missed out on this exciting annual event. I attended in 2018 and 2019, bringing my teenage daughter with me, and we thoroughly enjoyed the invigorating experience. But in a “pull-ourselves-up-by-the-bootstraps” move, WiCyS quickly rallied and organized a virtual conference in April 2020. I had the honor of presenting my keynote entitled “Seize the Moment.”
2020 presents unique opportunities. In my keynote, I celebrated the power of women and offered that now is the time to rally and solidify our future in becoming leaders in the cybersecurity industry. Let’s seize the moment! What I did not know at that time – but probably could’ve guessed – is that cybercriminals have also been seizing the moment and taking advantage of the lowered defenses of the United States during the pandemic. As the country and the world struggled with COVID-19 and moved to more work-at-home for which networks generally do not have commercial grade cyber protections, the cybercriminals exploited vulnerabilities and scams and hacking skyrocketed.
A recent report released by the cybersecurity company Mimecast revealed that cybercrime has increased significantly in the midst of the global pandemic. The 48-page report “100 Days of Corona Virus (COVID-19),” released in May, said Mimecast has seen an overall increase in cyber-attacks of 33 percent. Breaking it down even further, the cybersecurity company said it saw the monthly volume of all detection categories increase by at least 26 percent, with:
- spam/opportunistic detections increasing by 26.3 percent
- impersonation detections increasing by 30.3 percent
- malware detections increasing by 35.16 percent
- blocking of URL clicks increased by 55.8 percent
It appears cybercriminals have seized the moment – taking advantage of a dire situation and wreaking havoc on people and organizations in a time of uncertainty, fear, and economic pressure. And therefore it’s more important than ever for us, as women in cybersecurity, to seize our moment! We can change the trajectory to not just moving the needle (increasing the number of women in cybersecurity from about 20 percent in the field globally), but to owning the needle and dominating the cyber industry. We have the power to solidify our future by creating business partners and networks with women-owned businesses so that women not only work in the field but are leaders in the field with strong innovative, diverse teams, reflective of women’s core strengths of collaboration, innovation, and intelligence.
“THOSE WHO DO NOT LEARN HISTORY ARE DOOMED TO REPEAT IT.”
– George Santayana, philosopher
This year will most certainly go down in history for the global pandemic of COVID-19, but 2020 also marks the 100th anniversary of the ratification of the United States’ 19th Constitutional amendment, granting women the right to vote. It took decades of hard work before that, though, to get signed into law the concept of women having a voice in their national story. Women had to organize, advocate, picket – some were even jailed. This history tells us that is takes tenacity and time for real change – a real long time.
Moving forward to World War II, women again rolled up their sleeves, becoming part of the workforce in ways in which they never previously engaged. We have all heard of Rosie the Riveter, which refers to when the government heavily solicited and drafted single women aged 20-30 as auxiliaries to the Armed Forces, Civil Defense, and war industries. Women served in the Army, Navy, Coast Guard, and the Marine Corps Women’s Reserves. In 1943, the Air Force got on board and created Women Air Forces Service Pilots.
In factories, women proved they could do “men’s” work and do it well. With men away to serve in the military and demands for war materials increasing, manufacturing jobs opened to women and increased their earning power. Also, with the onset of war, more opportunities opened up for women as chemists, researchers, engineers, and technical assistants. Women participated in laboratory testing and research that led to scientific advances and inventions that saved lives, as the United States needed to develop new war technologies and weapons. Women even played a role in the research that began the nuclear age with over 200 women working on the Manhattan project to create an atomic bomb.
When the war ended in 1945, so did the extraordinary job opportunities for women. A year after World War II ended, three and a half million women voluntarily or involuntarily left the labor force. Although women made a lot of progress during the war, their roles changed again. As men returned to their jobs, women were expected to return to their jobs from before the war – serving in the home. Women stopped working and had babies – thus the baby boom. So women took care of the home, but many still desired to also be employed.
With this desire for financial freedom and independence, a new industry emerged, which offered women work they could do while remaining in the home: in-home sales. Although the plastic, food-saving containers we all know and love as Tupperware was invented by Earl Tupper in 1938, it was not until after the war that Tupperware really took hold. Selling Tupperware allowed women to do income-producing work they didn’t call “work” – instead, they had parties. When they joined “the Tupperware family,” they didn’t need to leave their own families behind, so it was an accepted job. Women settled in some cases, but it was better than having no outside livelihood or employment. Tupperware opened doors for women at a time when many had been firmly closed.
Slowly during and after the 1960s, women returned to the labor force, either because of economic convenience, economic necessity, or the desire to buy more consumer products. Other women returned to work simply because they wanted the satisfaction of working. Women began to take new positions that had not been in existence before. These jobs mostly came about from the new technological advances and these positions came without prescribed work requirements or history. This is similar to the field of cybersecurity – new technologies, new fields, and new positions.
“THE FUTURE STARTS TODAY, NOT TOMORROW.”
– Pope John Paul II
Today women make up about 20 percent of the global cybersecurity workforce, while the overall American workforce is made up of roughly a 50-50 split between men and women. So, there’s a clear deficit in the cyber industry. As for leadership positions, there is an even greater disparity. Only 25 out of 500 CEOS of this year’s Fortune 500 companies are women- yes that is only five percent.
Consistently in technology, women are not the front leaders, even if they arrived on the scene early. We cannot let that happen in cybersecurity. We need to use our resources to empower each other. Women have been in the workforce for 50+ years, we can no longer only say that more time is needed. We need a change in mindset. Do not expect that change to come from others – we, women, must modify our expectations and behaviors so we can be the change needed in the world for female representation.
So today, we now have the right the vote and have had it for 100 years, and we are no longer expected to stay home when we get married or have children. We have choices and options, but more can still be done as practices, policies, or biases – either known or unknown – continue in some way to have an impact on women today.
“WE NEED TO RESHAPE OUR OWN PERCEPTION OF HOW WE VIEW OURSELVES. WE HAVE TO STEP UP AS WOMEN AND TAKE THE LEAD.”
– Beyoncé, musical entertainer
Here are my Top 5 Tips for Women in Cyber. I firmly believe that by heeding these tips, we can increase women’s representation in key cybersecurity positions.
#5 ADVOCATE. We should be suggesting and recommending each other for positions. We must be advocates for each other as jobs open up.
#4 MENTOR. We must mentor the next level behind us so they can catch up. Let’s suggest educational paths and opportunities for mentees that will enhance their opportunities. There is tremendous power in mentoring. Always give back.
#3 NETWORK. Build a strong network. Build your personal brand – know your strengths (communication, connector, problem solver, code writer, etc).
#2 PROMOTE. Promote and nominate colleagues to receive rewards and recognitions and do so consistently and frequently.
#1 SPEAK UP. Never stop self-advocating. Speak up for yourself. You are your own best advocate. Believe in yourself. Tell your supervisors about your goals and your desires. They will not know if you do not tell them and you do not take risks.
I believe wholeheartedly that by advocating for and mentoring each other, building our networks, promoting each other, and speaking up for ourselves, we can go nowhere but up. These tips will help to move the needle in the right direction. But a question remains- will it be enough?
“WOMEN HAVE BEEN TRAINED TO SPEAK SOFTLY AND CARRY A LIPSTICK. THOSE DAYS ARE OVER.”
– Bella Abzug, former Congresswoman
Let’s think about high school entrance exams, something that seems straight forward. Which high school you attend can make a difference in where you go to college, what SAT score you may get, what scholarship opportunities become open to you. Your high school can be a game-changer. So the long time, tried and true, way to get admitted to high school has been based on a test.
Last year, a 2019 study on high school entrance tests was released by “The Hechinger Report” a nonprofit independent news service. The report confirmed that the test favored males. It studied 34,000 students’ test results, all vying to be admitted to NYC’s eight elite public high schools, including the Bronx High School of Science. For these elite schools, they only used the score of the High School Admissions Test for selection. So you have one shot – this test.
The girls were scoring 6.6 points below the boys, even though the boys and the girls had the same GPA in geometry, algebra, biology and physics. Almost each time, consistently, the girls had higher overall GPAs, but the boys had higher test scores. The theory is that girls prefer not to guess when they aren’t confident of an answer. Boys’ greater willingness to guess might be just enough to increase their test scores whether it be a high school entrance exam, the SAT or a college physics test. Women and girls do better with open ended questions that give credit for work shown. There is a validated gender difference, but it has not translated to changed policies
We see this gender difference today in the workplace. Men tend to apply for jobs when they have only 60 percent of the qualifications – women wait until it’s more like 90 to 100 percent. Another gender difference is something I often hear professional leadership say – something like, “Do you know someone who is hungry?” (meaning wanting to be promoted). People often throw out men’s names – why?
Studies have also revealed that women tend to do their job and expect to be valued for doing a good job. We don’t always do a great job of self-advocating – saying what we want. Remember this tip: It is not disloyal to self-advocate and to be vocal about ambitions.
Cyber sisters: it is not enough to be smart and hard working. Let’s just assume that unknown biases and long-time tried-and-true ways of advancement may just not work for women. We must acknowledge decades-old processes – recognize them and grapple with them head on – and envision a new way of doing things. We cannot rest on the notion that hard work and intellect will get us there. We must compensate for it and modify our behaviors to succeed and in turn OWN cybersecurity. Action now can and will help preserve and enhance women’s roles in cybersecurity and prevent biases, in some cases unknown biases, from excluding women in senior leadership roles.
Women need to really see themselves as the leaders in cybersecurity – be the one hiring, the one getting the promotion, the one who is CEO. Cyber is a relatively new technology field and opens doors for women – we must band together. Women cannot be the workers that are laid off in economic downturn because they are in the support role; we can’t be the ones that don’t get the promotion or lead position; we can’t always be the gender not being selected or hired.
According to Cybercrime Magazine, Israel, the world’s second-largest exporter of cyber technology behind the US, has a growing headcount of female cybersecurity founders and professionals with 15 percent of newly established Israeli cybersecurity startups are being founded by a female. Let’s follow their lead! With a predicted market size of around USD $395 billion by 2025 (Adroit Market Research Report, March 2020) and Microsoft’s estimate that the US will have a shortfall of 3.5 million cybersecurity professionals by 2021, we are in a position to lead this expansion in cybersecurity.
With Microsoft predicting an estimated shortfall of 3.5 million security professionals by 2021, the current tech talent pipeline needs to expand. Women can and should be in a position not to just be hired, but to be the ones doing the hiring. Until we start taking ownership of true empowerment, twenty years from now women will still be in support or secondary roles.
“SHE STOOD IN THE STORM, AND WHEN THE WIND DID NOT BLOW HER WAY, SHE ADJUSTED HER SAILS.”
– Elizabeth Edwards, author
We are living in dynamic times right now, but this, too, shall pass. As COVID-19 has endangered our lives and our livelihood, there is potential for some real positive long-term change. In the April 2020 working paper “The Impact of COVID-19 on Gender Equality” from the National Bureau of Economic Research, its authors theorize that this crisis could end up having a positive impact on gender equality in the workforce. “First, businesses are rapidly adopting flexible work arrangements, which are likely to persist. Second, there are also many fathers who now have to take primary responsibility for childcare, which may erode social norms that currently lead to a lopsided distribution of the division of labor in housework and childcare.”
We are now in a perfect storm. While we want women to progress in all fields, no other field is growing exponentially like cybersecurity. So cyber is as close as we are going to get to a blank slate. So, let us write our own book. Let us reimagine and recreate our future, our trajectory. We must own our own future individually and collectively; be our own advocates and believe in and invest in our fellow cyber sisters. If we change our mindset, we can achieve it.
Together we can not only increase female representation in the cybersecurity field, also known as moving the needle, we can and must own the needle. This is our moment! We have the ability now! Let’s seize it!