Cyber has a gender problem, if our industry continues to regurgitate numbers from a 6-year-old report that states an alarmingly low percentage of women hold security positions.
Research firm Frost and Sullivan authored a report in 2013, which states that women make up 11 percent of the global cybersecurity workforce. The report is co-branded with (ISC)2 foundation, now a part of The Center for Cyber Safety and Education, and widely circulated in the media.
In the absence of any new research data published by another source, the 11 percent figure continues to show up in the media — despite a substantial rise in the number of women in the cybersecurity field — perpetuating the stigma of too few women in cybersecurity.
Research from Cybersecurity Ventures, which first appeared in the media early last year, predicts that women will represent more than 20 percent of the global cybersecurity workforce by the end of 2019. This is based on in-depth discussions with numerous industry experts in cybersecurity and human talent, vetting, analyzing and synthesizing third-party reports, surveys, and media sources, and conducting our own list compilation.
The 20 percent figure is still way too low, and our industry needs to continue pushing for more women in cyber. But, heightened awareness on the topic — led by numerous women in cyber associations and initiatives — has helped move the needle in a positive direction.
We are recalculating the number of women in cyber based on a broader definition of positions covered. We’ve evolved the roll call from traditional “IT security (a.k.a. Information security)” titles found mainly in mid-sized to large organizations, to the “cybersecurity” roles in a much larger and fast-growing industry.
IT security is in fact a subset of cybersecurity. Cybersecurity Ventures looks beyond securing corporate networks (which has seen a rise in the number of women), and includes IoT security, IIoT and ICS security, medical device security, automotive cybersecurity, aviation cybersecurity, military cyber defense technology, and others. Further, we cover the cybersecurity service provider ecosystem, which also includes women-owned small businesses, and broadens to include digital forensics and other jobs.
We include Israel, the world’s second-largest exporter of cyber technology (behind the U.S.), which bolsters an impressive and growing headcount of female cybersecurity founders and professionals. In 2018, TechCrunch reported that for the most recent year tracked, 15 percent of newly established Israeli cybersecurity startups had a female founder, an increase from 5 percent the previous year.
Women are participating in Australia’s cybersecurity workforce at much higher rates than the purported 11 percent global figure. The 2018 McAfee Cybersecurity Talent Study states that Australia’s cybersecurity workforce is 25 percent female.
According to industry body National Association of Software and Services Companies, the strength of the women workforce in the information technology and services industry in India currently stands at 34 percent. “There is certainly a rising trend among women to take up the cybersecurity domain for their profession,” stated Jamuna Swamy, an award-winning CISO based in India. Last year, Microsoft India and Data Security Council of India (DSCI) launched CyberShikshaa, a three-year program to create a pool of skilled cybersecurity women professionals in the country.