This week I will be following up on my last blog post: Empowering More Women in Infosec. According to a 2013 (ISC)2 Global Information Security Workforce Study, women only represent 11 percent of the Information-Security workforce globally. The report also indicated that the role of security analyst is in high demand amongst infosec employers.
We all know that men and women bring different things to the table, and when you put infosec minds together (irrespective of gender), our combined skills can accomplish security tasks much faster.
With increased awareness in the security industry that there exists a disproportionate amount of men to women in this field, both men and women should be encouraging more young women to pursue infosec careers.
Regardless of Gender
Anyone who pursues a career in Information security should be passionate about the field and should overall love the geek life. Most infosec people do not hold cut-and-dried hours of 9-5 — they also tinker with coding projects, contribute to open source development, and blog about security after business hours.
While women in senior information cyber security roles earn an average median salary of $105,000 (and paid the same as their male counterparts), women at junior levels in Information cyber security, are paid less.
At junior levels, women are more educated and less well-paid than men in the industry…We can’t just ask ourselves why women aren’t choosing information security; we also have to ask why they aren’t staying in the field. And I think if you look at those kinds of salary levels, that’s enough to tell you right there. —Julie Peeler, (ISC)2 Foundation Director | NextGov
Though there appears to be income disparity at junior levels — this does not reflect on a candidate’s potential to seek out a company that does not participate in the realm of gender pay gaps. It is up to the individual to address any wage disparity and take matters up with whoever is in charge of doling out the dollars.
There are plenty of resources available for any woman that would like to pursue a career in information security.
Graduate school; graduate research & internship opportunities
Online learning resources such as:
- Cyber Security Awareness Free Training and Webcasts
- NIH Information and Privacy Awareness Training
- Securitytube training videos
- Sectools.org: Top network security tools
- Coursera: partners with top universities to offer free education courses online
The Women in Security (WiS) group ((ISC)2 (administrators of the CISSP and CSSLP) mentoring scheme aimed at helping women interested in information security. The WiS objective – to raise the profile of women in the security industry and encourage more to join. The WiS group consists of female and male practitioners in the field, who now have the opportunity to act as mentors or mentees to further the cause of the group and the industry. —Professional Security Magazine
Daniel Humphries, IT Security Managing Editor for Software Advice wrote:
A 2013 study by InformationWeek reports that the median salary for IT security professionals in the U.S. is $95,000. And according to a February 2014 study by security research center The Ponemon Institute, up to 40 percent of IT security positions will be vacant in 2014.
He advises women who are interested in pursuing a career in Information security should pay close attention to how candidates are evaluated for IT security scholarships. The criteria for evaluating candidates before awarding a scholarship includes:
- A passion for the IT security industry
- Involvement in cyber security extra-curricular activities
- What specific GPA requirements each scholarship has, how much each offers, and their respective deadlines
Daniel also recommends that interested women also apply for the following scholarships:
“The Scholarship for Women Studying Information Security (SWSIS) program awards between $5,000 to $10,000 each year to applicants studying any field within IT security, maxing out at $20,000 over a two year period. Candidates are selected based not only on their academic performance, but also on their memberships of clubs, what internships they’ve done-that sort of thing. One past winner told me she’d joined a cyber defense team that participated in hacking competitions and she was pretty sure that had helped her application enormously! If students are interested they should start their preparations now- SWSIS begins accepting applications on March 30th 2014, and May 1st 2014 is the cut off point.”
“Programs like the The Scholarship for Women Studying Information Security SWSIS and (ISC)² not only provide the winners with welcome cash to help offset the costs of their studies, but they can also help with networking and employment opportunities. IBM, which backs the SWSIS has an internship program and the firm is very interested in the talent it’s funding. Meanwhile the (ISC)² has a global membership and in the past their scholars have really benefited from having access to that network, both when it comes to their studies and for work opportunities. One recipient went on to work for NASA, for example.”
Let us know in the comment section if you have more ideas on how to get young women interested in a career in Information security. Also please don’t forget to leave some resource suggestions.
About the Author: Bev Robb (@teksquisite) has a B.S. in Sociology from Southern Oregon University and is a self-employed IT consultant. She runs Teksquisite Consulting, a blog about technology, infosec and social media.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
- Infosec’s Rising Stars and Hidden Gems: The Hackers
- Infosec’s Rising Stars and Hidden Gems: The Educators
- Infosec’s Rising Stars and Hidden Gems: The Defenders
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock