.
The excitement and fulfillment derived from working in cybersecurity and the SOC are often powerful motivators to draw more women into this fun and rewarding field. When people ask me what I do, I tell them that I help to keep the “bad guys'” out, but I realized that I work in an industry where we also keep the “good girls” out. Being an engineer in cybersecurity for over 20 years, I look around the room too often to find that I’m the only woman. How do we change that narrative and open the door to encourage more women to find a career in cybersecurity?
(ISC)² recently reported that women comprise only 24% of the cybersecurity workforce. Here are six steps we can take to build and retain women in cybersecurity:
- Learn to walk in heels: We’ve heard the call for girls in STEM starting as early as elementary school, encouraging early exposure in the field. Many organizations focus on getting young women into computer science through camps, classes, and competitions. Organizations like Rosie Riveters, Girls Who Code, and Boolean Girl make learning computer science exhilarating at a young age. Throughout college, there are opportunities to recruit women from many different majors: business, marketing, math, data science, engineering, and computer science. By weaving cybersecurity into all of these majors and intentionally recruiting women from organizations like WiCys or WomenTech Network, there’s a chance.
- Recruit women from different sources: Moving into a leadership role, I looked to diversify my team. Since there weren’t many women engineers in security, I had to get creative and look to other roles to fill these gaps. We can teach people as long as they have a desire to learn. I’ve worked with a former bartender who leads a global security sales team. I work with a make-up artist who turned into a white-hat hacker. I’ve worked with several ex-NSA analysts, who make the best presenters with all the stories they tell – and some they don’t. There are also new recruiting options geared towards technical women. WomenHack organizes women-only networking events for some of the top companies throughout the world. Their events are available by invitation only and focus on technical women candidates.
- Ongoing training: Cybersecurity constantly changes, so it’s critical to stay current. There are many ways to help women keep up-to-date. SANS created the Women's Cyber Security Academy, while organizations such as the Ladies Hacking Society are more of a cybersecurity sharing group that frequently posts leading learning opportunities – often free.
- Have a mentor/be a mentor: So many people in cybersecurity have amazing skills, connections, and experience. Find a mentor who will help you grow and will invest the time in helping you. Like dating, the process may need to go through a few iterations to find the perfect mentor. In return, pay it forward. If it’s possible to share a skill that may help somebody else, share it with someone to help them grow.
- Have fun sharpening work-related skills: Participate in hackathons, capture the flag competitions, and attend DEFCON and other industry gaming conferences. There are many competitions like this to expand personal networks and enhance technology experiences, hacking skills, and programming languages.
- Join a social or professional geared to women: More and more companies are creating internal women’s groups to share ideas, learn new skills, and create a sense of camaraderie. At my company, external speakers come in to teach, talk about building a personal brand, or internal team members share a skill. We’ve done happy hours, book clubs, and streaming reviews: “what should I watch?” We all listened to a true crime podcast once to see if we could “find the killer.” These events have made us stronger and smarter and brought us together, allowing us to network more in the industry. Join an organization like #GirlsClub (more for leadership), Ladies Hacking Society, and Women in Tech (WIT) – all of which offer regular meet-ups to learn and network with local women in cybersecurity.
Engaging women in cybersecurity requires concerted efforts from advocacy to education, early exposure, mentoring, awareness, and recruitment to attract female representation in the industry. It’s time to get more heels in the SOC! There’s a dynamic world working in cybersecurity with opportunities to expand the pool and include more women. With the cybersecurity industry desperate to fill half a million open positions, let’s get more women in here. I need more “good girls” in the room with me.
Lara Meadows, vice president of sales engineering, ThreatConnect
