“We ourselves feel that what we are doing is just a drop in the ocean. But the ocean would be less because of that missing drop.” – Mother Teresa.
I live by this quote. It’s powerful. It inspires me and it’s one of the reasons why I do what I do.
Let me explain.
It all began with a blog. I was in a state of shock after having read an (ISC)² report, entitled Women in Security: Wisely Positioned for the Future of InfoSec. The report surveyed nearly 14,000 professionals worldwide and revealed that currently we have a mere 10% of women in cyber security. To make matters worse, the figure was the same as the year before, and had reduced from the year before that, despite the growing demand for more cyber security professionals.
Knowing many women in cyber security, I was stunned at the report findings. I genuinely thought the numbers were increasing and that there were more women in the industry. I also believed that women were just doing what they normally do – getting on with the job and keeping a low profile.
So, one weekend in November 2015, I began writing.
As a woman who’s built a successful business and career in cyber security that’s spanned two decades I wanted to provide my view on what I’d seen and propose pragmatic solutions to closing the gender gap. I started with the problem: we’ve a shortage of females in cyber security. I then went on to explain the reasons why we needed to reverse this trend. Ironically, I had no agenda, other than to be a voice, but fate would intervene.
As soon as I pressed, “publish” on LinkedIn, the blog – The Future of Women in Cyber Security: How do we Increase the Numbers – went viral. Many had a lot to say and the comments and private messages were and still are insightful.
Over the Christmas period, I then returned to the blog, as something was bothering me. It was this: when there was so much “noise” being made on the Internet about gender diversity and so much good work that was being done to reverse the gender gap, why was so little impact being felt?
I began to investigate. I performed more research, interviewed more people and ended up writing a 15,000-word report on the state of gender diversity in cyber security. I set out five challenges that I believed we – as a cyber security community and industry – had to solve. I also elaborated on the reasons why action needed to be taken right now, which I’ll go through.
Firstly, more cyber security entrepreneurs need to survive and thrive. Whilst entrepreneurship is trending and cyber security is hotter than ever, the harsh truth is that most cyber security companies are either failing or not reaching their potential. Few last and of those that do, the top 1% earn 30% of the income, leaving the top 10% to earn 70% and the bottom 89% the remaining 30%.
However, by reversing the gender gap, we may be able to change this outcome. Studies show that gender-diverse teams are more productive, innovative and able to stay on schedule and within budget, compared to homogenous teams. Furthermore, when women are in leadership roles, businesses become more profitable.
Secondly, cyber security expertise is waning as cybercrime increases and awareness grows. Reports depict that we’ve a skills deficit, and that by 2020, we’ll need an extra 1.5 million cyber security professionals in order to plug the shortfall. As women make up roughly half of the workforce it would make sense to harness this untapped pool of talent.
Thirdly, cybercrime is increasing. It’s become a crime wave and an epidemic. It’s also now more profitable than the drugs trade and some, like IBM Corp.’s Chairman, CEO and President, Ginni Rometty, believe it’s the greatest threat to every company in the world.
She may be right and what’s worrying is the reality that right now we’re loosing the war against the cyber criminals. Just over a month ago, at RSA Conference 2016, Alex Dewdney, the Director of Cyber Security at CESG, admitted that this was the case despite throwing money (over £1 billion) at it. His exact words were:
“We can point to lots of achievements around understanding the threats much better, about taking steps to mitigate those threats, addressing the national skills base and so on but, nationally, we are not winning the fight on cyber security,”
Whilst this was a very honest statement, it begs the question: what should we do?
I believe we need better thinking and greater diversity of knowledge and perspective in cyber security. We need to outsmart those attacking us and women can help. Women think differently to men. Importantly too, they see risk in a different way. When women work with men in more equal numbers together we become better at analysis, strategy and tactics and more able to secure the environments we’re protecting.
My report went into more detail. However, it remains unpublished as it’s now being turned into a book, which is being backed on Kickstarter. My reason for doing this is simple. I want to add more value by conducting further interviews, telling new stories and finding solutions. A book will also enable me to reach more people and affect greater change – faster.
If you have ideas or thoughts on how to bridge the gender diversity gap, please leave a comment below.
About the Author: Jane Frankland is a successful cyber security entrepreneur, business consultant and speaker. She has built and sold her own seven-figure penetration testing consultancy and is frequently invited to speak about entrepreneurship, women in business and cyber security at events around the world. Jane is currently writing a book around women in cyber security and it is due out later this year. It’s being funded via a 30-day Kickstarter project and books can be pre-ordered until April 29th 2016. If you want to find out more, all you have to do is go to http://kck.st/1PGce6Y
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
Title image courtesy of ShutterStock