The advanced cyber threats that breach networks and wreak havoc on organizations are increasing and, at the same time, the shortfall in cybersecurity professionals equipped to address those threats with today's technologies is expanding.
The Global Information Security Workforce Study recently reported that the global IT security shortage is projected to reach 1.8 unfilled roles by 2022. This gap is even larger for women. According to a recent ESG study of tech-savvy 16-24-year-olds, 0% of the females surveyed were currently working in cybersecurity and only 7% were interested in pursuing the field.
Many factors contribute to the widening talent deficit -- lack of access to cybersecurity education, stringent recruiting requirements for people with specialized training and technical certifications, etc. However, the ESG study uncovered a pool of young candidates that are ripe for recruitment, and with females particularly well placed: They expressed a greater affinity than their male cohorts for technology, and math and sciences, which could position them as the next generation of security talent.
When I explored entering the security industry, I had no direct security experience or security certifications. Fortunately, my employer was willing to take a chance on my technical background and product management skills. My skill set, combined with a thirst for learning, helped me quickly step into the fold of directing a team to build effective cybersecurity products.
Females have a unique advantage to bring diverse thinking to the marketplace. Our strong communication skills and ability to juggle high-priority items make us ideal candidates in high pressure scenarios. Smart companies are looking for talent to help them break away from "how things have always been done." The answer continues to point toward women who can bring these skills and fresh perspective to an organization.
Employers also need to consider training on the job with candidates who have "relatable" backgrounds from elsewhere in the technology field. My experience is a good example of that. I want to encourage women who are passionate about technology to highlight their translatable skills during an interview and encourage the prospective organization to make an investment. Here are a few tips to help other young women enter the industry with confidence.
- Don't shy away from internships and startups. If you lack direct experience, an internship or even an entry-level job with a startup may be your answer. With a closer-knit team, businesses in the earlier stages are more likely to produce homegrown talent and are willing to teach, train and produce the next generation of cybersecurity leaders. They recognize the most valuable employees are the ones who show passion and a willingness to learn new skills and do whatever it takes to help their team succeed.
- Go from zero to hero. Embark on your new adventure with the mentality that you may have little hands-on experience in the beginning, but having an open mind and an appetite for learning will get you where you need to go. Be a sponge in your new journey. To that end, make sure you find a company that is willing to teach, train and invest in you. But, remember, at the end of the day, you are responsible for your destiny. Therefore, go beyond your department to learn how each job function is key to building the future security software. Push your limits and don't hesitate to challenge yourself. This is the only way to propel forward.
- Follow the experts. Look for opportunities to learn from the best in the business. Follow notable security researchers on Twitter and LinkedIn. If your community has security-related meetups, attend one. Read news daily from technology and security trade publications. This will help you familiarize yourself with the latest security threats and trends, and the technologies being used to protect against and remediate future attacks.
- Build relationships with mentors who are willing to let their colleagues shine. When you find a mentor, make sure you highlight your technology acumen and make this a win-win type of mentorship. For example, if you don't have direct security experience, your mentor can provide you with this expertise and you can share your knowledge on product management, engineering, or whatever it is that's your sweet spot. This underscores your value and gives your colleagues more incentive to invest their time in you.
- Find like-minded colleagues. It's important to find the right culture fit while also surrounding yourself with people who will push and challenge you. Joining the right team with the mindset to help you advance is like playing up in soccer against a better team. You don't want to join a company where you are the smartest one in the room. Find a learning environment that makes you feel a little uncomfortable. This is by far the best way to grow and advance your career.
The security industry has an incredible opportunity to move forward and close the talent gap by thinking outside of the norm and taking a chance on technology-savvy women with translatable skills. We can turn the tide, but organizations need to wake up, embrace this untapped workforce and make the investments necessary to protect their businesses.
— Kacy Beitel, Director of Product Management, ProtectWise