by Camellia Chan and May Chng
We talk about the skills gap and the lack of talent in the cybersecurity industry, but do we actually grasp just how dire the situation is?
According to Cybersecurity Ventures1, the number of unfulfilled cybersecurity roles stood at an estimated 3.5 million positions in 2022, and is expected to persist into 2025. That’s approximately the population size of Uruguay, and more than Lithuania – to put that into perspective.
What percentage of the cybersecurity workforce is female? The same report found that women held just 25 percent of cybersecurity jobs globally. A clear solution to filling the talent gap is to encourage more women to enter the cybersecurity field because their contributions will not only close the shortage of skilled talent but also add valuable perspectives and dynamics to the industry.
As female leaders of the industry, we have a front-row seat to the challenges women face in joining this industry. Since there are already many amazing female tech leaders sharing their strategies for advancing female involvement in the industry, we’re taking a slightly different route here.
In the hopes of inspiring more to step forward and play a part in this essential industry, we want to answer the ‘Why’. In this article, we share some important contributions that women can and are already making in the cybersecurity landscape.
We Are All in This Together, and a Woman’s Perspective Matters
Just as personalization is the baseline for service-based industries, tailored attacks are the norm for hackers in today’s digital landscape. They exploit our differentiated weaknesses, whether it’s through phishing emails crafted to appeal to specific demographics or targeted malware campaigns aimed at exploiting vulnerabilities unique to certain groups. In such a scenario, having diverse perspectives and understandings of how different attack and victim groups might act is paramount.
Consider the case of the “romcom” cyberattack in October last year. This campaign specifically targeted women, including political leaders, leveraging their interests and personal information to craft convincing phishing emails and social engineering tactics.
Such examples underscore the need for a more comprehensive and nuanced approach to cybersecurity, one that takes into account the diverse experiences and vulnerabilities of all potential targets.
Evolving with Hackers, No Longer the ‘Old Boy’s Club’
Do cybercriminals do it better than cyberdefenders? Given the anonymity of hacker forums, it may be accurate to say that skills matter more than gender in the criminal world.
In the ongoing debate over diversity and the inclusion of women in cybersecurity, it’s disheartening to realize that this conversation is still necessary in the 21st century. While we continue to make the case for diversity, hackers operate in the shadows, exploiting our weaknesses with impunity.
In the shrouded criminal world of cybercrime, it stands to reason that skills often matter more than gender. Cybercriminals are recruited or operate independently based on their abilities, not their gender.
Perhaps it’s time for the cybersecurity industry to evolve beyond the outdated notion of the “Old Boy’s Club” and embrace a more inclusive and meritocratic approach to recruiting and upskilling talent.
By prioritizing skills and diversity of thought over traditional gender norms, we can form a stronger, more cohesive, and more perceptive view of tackling cybersecurity challenges.
Bridging Communications Across the Organization
Within a corporate setting, women are the majority in areas such as human resources, communications, and public relations. In America, 70% is the proportion of female public relations practitioners, according to a 2020 study by Public Relations Society of America2.
So is it just an issue of being better suited for certain job scopes? In our opinion, this is a mindset that is slowly changing, and needs to change even quicker.
This status quo is largely due to the perceived skillsets required for the abovementioned job scopes, involving communication, empathy, and relationship-building.
Is this confined to women? No. These are attributes that many men possess and can demonstrate at work too. Both men and women often limit themselves, based on these preconceived notions of what roles suit their gender better.
But what happens if individuals from any gender, age, race or background are spread evenly across an organization? We are then able to break free of invisible “Us” and “Them” chains, and work far more seamlessly within an organization.
Without unconscious gender barriers between departments, communications and mutual understanding can be created more smoothly, resulting in more efficient output and performance.
This also means leaders must work hard to remove negative stereotypes and experiences that can damage an employee’s early experience in the industry – such as not being taken seriously, being asked to fetch coffees, or anything else that may diminish their abilities as an equal at the table.
A United Workforce Against Cybercrime, At All Times
The importance of gender diversity in cybersecurity cannot be overstated. It’s not just about closing the skills gap or filling vacant positions; it’s about harnessing the full potential of a diverse workforce to confront the ever-evolving threats posed by cybercriminals.
As we strive to build a safer and more secure digital future, let us recognize that a woman’s perspective matters—not just on International Women’s Day, but every day in the fight against cyber threats.
About the Authors:
Camellia Chan and May Chng are the co-founders of hardware cybersecurity and memory storage specialist, Flexxon. Since founding the company in 2007, Camellia and May have grown Flexxon into an international business with offices in Singapore, the US, Malaysia, Taiwan, and Hong Kong. The company holds over 40 patents for its innovative hardware-based cybersecurity solutions that utilize Artificial Intelligence and Machine Learning to proactively detect, respond to, and remediate cyber attacks.