Women may only represent about 20 percent of the cybersecurity workforce as of 2019[1], but when it comes to leveling the playing field, this number is up from 11 percent since 2013. It’s progress. In fact, there are many indicators that women are joining the cybersecurity forces and advancing more than ever before. For instance, Forrester predicted that the number of female CISOs at Fortune 500 companies would hit 20 percent in 2019 — up from 13 percent in 2017.[2] Women also made up 32 percent of the speakers at the RSA Conference in 2019.[3]
So how are women entering the cybersecurity field? And what are they learning about breaking down the barriers to advance their careers and become leaders? In its 2020 Women in Security Survey, SANS targeted successful women working in various roles in the cybersecurity community. SANS asked their respondents about how they broke into the field of cybersecurity, gained career momentum, chose a specialty, and found ways to remain relevant.
Following are three key takeaways from their research.
You may have heard the shocking statistic that while men will apply to a job if they meet 60 percent of the qualifications, women will only apply if they meet 100% of them.[2] But when asked why women rose to a leadership role in cybersecurity — over other qualifications that included “experience,” “certifications,” and “education” — 41 percent of respondents cited “being in the right place at the right time” for why they were promoted.[1] What does that mean, exactly? They were willing to throw their hat into the ring when an opportunity presented itself. While experience, certification, and education are certainly important, they aren’t the only things.
Takeaway: Be willing to go outside of your comfort zone and put yourself out there when an opportunity presents itself.
SANS reported that 16 percent of their respondents were hired immediately after completing their undergraduate degree. If you already know the field you are interested in pursuing, gaining a bachelor’s or master’s degree can help — nearly half of the survey respondents reported having either a bachelor’s or master’s degree — but a degree isn’t everything. Nineteen percent of the respondents credited ongoing training as the reason they achieved their leadership position, while another 34 percent attributed their success to gaining certifications.
In fact, when the questions turned to training, a whopping 86 percent said they got the bulk of their training on the job, while another 75 percent cited certification programs.
Takeaway: While a degree can help you be hired straight into the field, it’s not a deal-breaker for a successful career. On-the-job training and certifications can play a huge role in helping you become a leader in the cybersecurity field.
The cybersecurity community is a strong one. We are lucky to be in a field where information and support are shared freely. SANS reported that having a strong mentor or champion was the most helpful element in securing a move up the career chain. Another 34 percent reported that having a strong mentor helps them stay current in their field. But because women are still underrepresented in the cybersecurity field, only seven percent said they had been mentored by a female. Many women have been mentored by men and are also mentoring men. In this field, mentorship seems to be gender-neutral. In fact, many of the respondents credited men for their growth in the field.
Takeaway: Actively seek out a mentor and cultivate those relationships, regardless of gender. And don’t forget to pay it forward!
While men still make up the lion’s share of our community, most women feel supported and that they have potential to grow. So how do you help impact this continued shift and grow your own career?
To learn more about this research, download the full SANS 2020 Women in Security Survey here.
[1] 2020 SANS Women in Security Survey
[2] https://hbr.org/2014/08/why-women-dont-apply-for-jobs-unless-theyre-100-qualified
[1] https://cybersecurityventures.com/women-in-cybersecurity/
[2] https://go.forrester.com/blogs/predictions-2019-cybersecurity/
[3] https://www.rsaconference.com/blogs/international-womens-day-a-time-to-reflect-back-and-peer-forward
Security strategies are evolving; driven by regulatory requirements, customer expectations around data privacy and AI-driven…
In our April 2024 quarterly release, LogRhythm Axon showcases new enhancements from its two week…
In our April 2024 quarterly release, LogRhythm SIEM introduces new enhancements to bring you faster…