Women make up less than a quarter of the cybersecurity workforce and while efforts are underway to boost that number, success has been limited. New America, a non-partisan think tank, released a report on Thursday detailing the current status of women in the cyber workforce, efforts to increase the number of women in the field, and steps that can be taken to improve hiring and retention across the industry.
The report, authored by Laura Bate, policy analyst with the Cybersecurity Initiative at New America, and Elizabeth Weingarten, senior associate at ideas42, explained that the dearth of women in the cybersecurity field leads to “less innovation, inferior design, seriously underutilized human potential, and needlessly unfilled jobs in a growing field.”
Essentially, the think tank explained, “this lack of gender diversity means poorer security.”
The report did acknowledge ongoing efforts to create networks among women in the field, as well as initiatives to “create systemic change in order to help women permeate cybersecurity fields at all levels.” However, New America concluded that those efforts have had “limited success.”
As part of its report, New America spoke with cybersecurity experts from the corporate, academic, nonprofit, and government sectors to “consider new ideas and implementable strategies to bring women into and up through cybersecurity careers.” These experts came up with three primary opportunities to create “scalable change”:
- “Empower coordinators to build connectivity among existing efforts and cultivate additional resources,
- Engage and collaborate with businesses to develop new programs and systems to improve recruitment and retention of women, and
- Use marketing, entertainment, and media platforms to change the narrative and raise awareness of women in cybersecurity careers.”
New America said that in order to capitalize on these opportunities, stakeholders must find a way to “incubate new solutions and implement new ways to utilize existing resources.” Furthermore, the report explained that “[m]aking this vision a reality will require resources and a coalition of supporters from both within the cybersecurity and with a broad array of external partners.”
As part of its report, New America developed what it calls a “Community Scan,” an extensive and user-friendly tool designed to “share information on existing efforts supporting women in cybersecurity.” The tool lists a multitude of ongoing programs, as well as what areas or demographics the program supports. Users can look for programs that specifically work with their area of interest, such as K-12 educators, K-12 students, job seekers, women returning to the workforce, or researchers. Additionally, New America is asking the public to contribute to the tool by emailing firstname.lastname@example.org. with any resources now currently included in the tool.
In addition to the tool it developed, New America offers additional suggestions on how to improve gender diversity and representation in the cybersecurity field. First off, the report stresses the importance of both increasing resources, as well as collaboration and coordination among groups working on gender diversity.
“There are a number of organizations working on different pieces of cybersecurity’s gender diversity puzzle,” the report said. “However, very few of these organizations see their mandate as one of coordination across organizations, and virtually none appear to be resourced to serve such a function. Some could be adapted to such a role, if adequately funded.”
The report also offers two different ways to fulfill the need for coordination.
“Alternatively, the establishment of a coalition among these groups specifically designed not to govern its constituent organizations, but to serve as a platform or coordinating body for other efforts could be a means for filling this role,” the report said. “It is also possible that some wholly separate organization could step in or be created to fill such a role.”
In order for there to be scalable, lasting success, the report emphasized the need for long-term funding.
“While short-term funding may suffice at the very outset, in very short order it should be sustainable on a multi-year basis,” New America said. “Further, funding would need to come from a broad coalition of supporters to preserve the impartiality and independence of the effort.”
The report concludes by imagining a world where society has already succeeded in bringing more women into the cybersecurity field.
“As employers move from thinking of gender diversity as a ‘nice to have’ to a ‘need to have’ feature of their workforce, they partner with nonprofits, the media, and the leaders coordinating efforts among the women in cybersecurity community to design an advertising campaign encouraging mothers returning to the workforce to consider a career in cybersecurity,” the authors imagine. “At first slowly, and then much more quickly, more women begin to enter the field and stay for the duration of their careers.”