Skip to content ↓ | Skip to navigation ↓

Last year Infosec Buzz posted the Top 25 Female Infosec Leaders to Follow on Twitter. I was intrigued with the list, (not only because I was included), but because the previous Buzz Twitter infosec leader list did not include any females.

Though the all-male Infosec original Buzz list was not compiled intentionally to exclude females; Infosec is ultimately a male-dominated field. According to a 2013 (ISC)2 Global Information Security Workforce Study, women only represent 11 percent of the Information-Security workforce globally.

Is Infosec Less Appealing to Women?

I ask this question coming from the baby boomer generation. I grew up during a time when newborn babies were not gender-neutral. Hospital nurseries dispensed blue blankets for baby boys, and pink blankets for baby girls.

My brothers were not allowed to play with barbie dolls or wear any clothing that smacked of pink; and I was not allowed to play with my brothers train set (and consistently guided back to my playroom to play with girlie dress-up-dolls).

I grew up in a time when gender-norms was clearly defined in black and white – there was no gray.My childhood was segregated.

Infosec Was Not My First Choice

Wind the clock forward a few decades. As a divorced mother of three I went back to college – presumably to get a degree in English. But, within one year I soon learned that I absolutely loved UNIX and hacking. Back in the mid-90’s Internet security was for-the-most-part pretty lax.I hooked up with a team of four male hackers and my life has never been the same since.

While my hacking counterparts eventually moved on to cushy corporate jobs, I never landed that  to-die-for job offer. Though I interviewed with companies like Hewlett Packard; Microsoft; and Kraft – corporate environments never really appealed to me.I knew in my heart that I was not a cubicle-type gal.

Should We Ask Them Why?

Last year my friends daughter switched her CS major (with a concentration in security) to Journalism. I recently asked Amanda why she switched majors.She responded that one of the things she did was Google “sexism in Information Security” and she also Googled “sexism” in other fields that interested her. Though sexism was not her major criteria for switching majors – she was put off by many of the Infosec horror stories that she read online.

She also mentioned that she was not too keen on working for the government (or contracting for them) after the Snowden revelations last June. She felt that journalism would be a more viable option and give her more voice, feedback, and freedom-of-movement in the long run. She is of Generation Y (an Echo Boomer), and has never known life without the Internet.

Differences In Generations

Though baby boomers derived strong work ethics from their families – Generation X is focused on technology and their marketability (making money) in the workplace. Generation Y changes workplace dynamics considerably because they are far more interested in achievement and receiving feedback on their performance, than they are in acquiring strong work ethics or increasing their marketability.

Andrew Avanessian, vice president of Global Professional Services at Avecto, writing for USA Today’s CyberTruth, called Millennials, also labeled Generation Y, “a new attack vector that is emanating from the inside.”

Avanessian cited a Cisco’s 2013 Annual Security Report that said while Gen Y workers bring enormous IT expertise and technical understanding to their jobs, they also tend to ignore IT policies, demand freedom of access, shrug off a lack of privacy and are used to mixing their personal and professional lives, all of which can lead to cyber intrusions. -Taylor Amerding | CSO

Education in Information Security

A one-size-fits-all approach to learning Information security is potentially unattractive to Generation Y. They do not want to sit through boring PowerPoint presentations, classroom lectures, or read an extensively long textbook.

They learn best through social media, videos, mobile, and emerging technologies. In the long haul; they tend to avoid traditional career paths and have a strong preference to work in stimulating environments

Empowering More Females to Embrace Information Security

Career Builder states that “while previous generations were linear in their thought processes, separating and organizing their lives according to hierarchies, this generation is always adding and blending connections – or to use the network term, nodes – in their personal, work, and social lives.

First and foremost, educators should begin looking at generational divides, and formulate curricula that are more appealing to a generation that grew up in an always-on, always-connected digital world.

I believe that female role models are also integral to this process. If powerful women in the Infosec community share and demonstrate the fun and creative aspects of their careers – this would definitely draw more interest from young women.

Let us know in the comment section if you have more ideas on how to get young women interested in a career in Information security.

About the Author: Bev Robb (@teksquisite) has a B.S. in Sociology from Southern Oregon University and is a self-employed IT consultant. She runs Teksquisite Consulting, a blog about technology, infosec and social media.

 

Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.

 

Related Articles:

 

picAnd be sure to join us at Tripwire’s Booth (3501) to get your free customized t-shirt printed on the spot, and listen to an array of in-booth guest speakers we have lined up. For the speaking schedule and information on how to obtain a free RSA Expo pass, see more details here.

 

Resources:

picThe Executive’s Guide to the Top 20 Critical Security Controls

Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].

 

picDefinitive Guide to Attack Surface Analytics

Also: Pre-register today for a complimentary hardcopy or e-copy of the forthcoming Definitive Guide™ to Attack Surface Analytics. You will also gain access to exclusive, unpublished content as it becomes available.

 

Title image courtesy of ShutterStock

Hacking Point of Sale
  • Great article. Realistic about what attracts women to and could retain women in this field. I've been in the biz for 8 years via a traditional male route of IT support, desktop engineer, network admin and network security. It beggars belief the blockages that still face women when the industry is gasping for more balanced of people, creative and technical skills to break down communication barriers between old school geeks and the rest of the world.

    As soon as I started to focus on risk management, I got totally overlooked when roles needing a technical background came up. I'd like to think I was imagining it, but I suspect I wasn't. I'm now branching out into writing about infosec to keep the broad base of experiences I've gained alive.

    If you want to see the lighter side of infosec then have a look at http://www.theanalogiesproject.org. Something for the generation Y ers and anyone who enjoys seeing the infosec message twisted into a human, imaginative and humourous shape.

    May the shocking inequality get resolved and I will gladly play my part to make sure it does.

    • Thanks Sarah! Sorry for delay in moderating – was at RSAC on a tight sched. Cheers!

  • Charles John

    Information security is the need of today’s high technological business environment as it is one of the most important part to become active with complete safety and securely in the society