Women in IT Security, Security Staff Acquisition & Development, Leadership, RSAC

RSAC Insights: Women look to break the stereotype of a male hacker in a hoodie

Women in Cyber

SAN FRANCISCO – RSAC has been on for a few days now and Deloitte and The Female Quotient have teamed up for the second year for Women in Cyber –  a program that showcases the stories of 30 diverse female cyber leaders. As we all know, there are not enough women and diverse talent in security and certainly not enough in leadership. Our program aims to change that.

Type in “women in cybersecurity” online and web searchers will likely see these questions appear on the first page of results: 

  • Is cybersecurity a good career for women?
  • Can women work in cybersecurity?
  • Why are women underrepresented in cybersecurity?

Even with noble efforts from forward-thinking leaders and organizations, the percentage of females in cybersecurity still stands at a small fraction of the potential pool of workers. The representation issue in cybersecurity runs deep. From the beginning, the archetype of a cyber professional has been tied to a particular type of person. So the ominous image of a young male in a hoodie with a laptop was born. Even today, outsiders often believe that the world of cybersecurity consists only of the cultural stereotype of “hackers.”

For those of us on the inside, we know that's simply not the case. There are many powerhouse women working in cybersecurity. In fact, some of the biggest, most influential companies in the world are placing women at the helm of their cybersecurity programs. However, there’s still significant work ahead, which leads to another important question:

How do we crack the code on attracting and retaining women in cybersecurity?

We need to make the space more inviting for women. We need to better highlight the variety of roles in cybersecurity and the types of people who can fill them. We need to collaboratively shift and shape the narrative, so it accurately reflects the current faces, minds, and talent in cyber.

We need to make the invisible visible.

Cyber has become a boardroom topic

In 2023, cyber has become a board-level issue. According to Deloitte’s 2023 Global Future of Cyber Study, 70% of respondents reported that cyber was on their board’s agenda on a regular basis, either monthly or quarterly. It’s embedded across an enterprise and there’s really no business function within an organization that doesn’t have some level of interface with cybersecurity. This comes with challenges. We are retrospectively layering cyber on top of many legacy systems, and we are tasked with changing and updating those systems that were built around technology that was primarily focused on connectivity, sharing information, and driving efficiency.

Just as cyber has traditionally been an afterthought, we are belatedly inviting women to vital cyber conversations when they could – and should – have been there from the beginning.

It’s not necessarily about retrofitting the past: it’s about being intentional and genuine in our design for a more inclusive and inviting future. A future that has multiple perspectives and experts involved when considering the security implications of new digital products and solutions. This creates a whole host of opportunities for women who may want careers in cybersecurity, but have backgrounds in different industries. As technology continues to transform nearly every industry, we need women involved in these conversations to ensure we are moving forward equitably.

Women excel at making lasting, strong connections. Women like to draw people together and understand how concepts and events relate to one another. The connections across a business – from IT to marketing to customer care – have historically taken too long to connect.

For years, we’ve waited for the situation to change and it’s clear this strategy hasn't worked. We must come together to write a new narrative that we take control of and drive forward to success.

How to create change

It’s important to recognize that certain organizations are already paving the way by appointing female CISOs. From startups to major household names, we are seeing more representation, but there's still a long way to go.  

How can we connect the current generation of female cybersecurity professionals with the next generation? What can they learn from each other and how can they work together today?

These are some of the questions we hoped to answer with the launch of our new program that shines a much-deserved spotlight on these dynamic women in cybersecurity. We are celebrating a distinguished group of women and demystifying the assumption of what people in this role looks like. This program – at its core – aims to inspire the dreamers, the disrupters, and those who dare to challenge the status quo.

On the day that we sat down to write this column, the Deloitte Cyber team welcomed a group of 20 high school students into its Washington, D.C., office. The students were part of the school’s cybersecurity club and led by a female president. They asked questions like the ones we asked ourselves. It was no surprise that the hacker in a hoodie image came up, but so did questions around the opportunities in cyber.

This younger generation – this upcoming generation of potential cyber experts – believe that it’s critical to change the perception of what makes up cyber.

If we want to attract talent like these high school students and retain talent like the 30 women in our campaign, we need to create cultures of respect and belonging across all levels. We need to work on a whole new concept of sponsorship, where the younger talent choose who they want as sponsors or mentors, and not the other way around. It starts with training our managers and leaders to respect people, to respect women, and to respect the power and potential that we bring to the table. Let’s make room for both generations to change the world.

Emily Mossburg, global cyber leader, Deloitte; Shelley Zalis, chief executive officer, The Female Quotient   

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.