IT’S NO SECRET that IT continues to be a man’s world. The same is even more true for cybersecurity, where women make up just 24% of the industry, according to (ISC)², the association best known for the CISSP (Certified Information Systems Security Professional) certification. Increasing that number to 50%, the goal of (ISC)², will require greater access to education and training, mentorship, and a more inclusive workplace.
“Universally, what we found is that education and experience get in the way of people moving into the profession,” says Clar Rosso, CEO of Alexandria, Va.-based (ISC)². Job postings, for example, often list three to five years of experience for entry-level positions. This is a surefire way to deter anyone who has just graduated from school from applying.
While technical skills are important, she suggests that employers should also consider a candidate’s “soft” skills such as critical thinking, analytical abilities, communication, creativity, and collaboration. “We have to demystify cybersecurity careers from being these highly technical, backroom jobs to very dynamic jobs that are focused on problem-solving,” she says.
Be Willing to Upskill
Another tactic is to weigh what qualifications you need right away versus what skills you can train for later. For instance, (ISC)² is piloting its Entry-Level Cybersecurity Certification, designed to enable individuals to gain basic cybersecurity knowledge. With this certification, Rosso says, the organization aims to help job candidates land entry-level cybersecurity positions, in hopes that employers will then upskill them according to their requirements.
Angela Hogaboom, sales director at SugarShot, an IT services firm headquartered in Los Angeles, urges employers to upskill existing employees, particularly women, with an interest in pursuing cybersecurity careers and provide them a path for growth. “That will work out much better in the long run, rather than trying to go after the seasoned professional who may get a bigger offer someplace else, shortly after they come on board,” says Hogaboom, who is also president of the Colorado chapter of Women in CyberSecurity (WiCyS), a global organization focused on advancing women in cybersecurity, headquartered in Cookeville, Tenn.