Last Updated: 12th September, 2019
Gender Gap Diversity: The contemporary cybersecurity team is about their individuals as much as it is about their technology. Teams need to be robust, flexible, intensely skilled, and perhaps most importantly diversified to remain ahead of increasingly advanced and complex threats. However, the latter component has traditionally been a challenge within the cybersecurity space – particularly when it comes to gender diversity. While change is coming – women are now reported to make up 24% of the security workforce – there is still much more work to be done.
As we can see when we look at other industries going through similar transitions, it is a change that’s worth making, for many reasons. Putting aside the moral case for greater diversity in the workforce, there is a significant business case here too. Numerous studies show that companies with greater gender gap diversity tend to outperform their peers.
An in-depth analysis of Fortune 1000 companies between 2002 and 2014 found that those with female CEOs saw returns 226% higher than their male-led counterparts. A separate study, this time carried out by Credit Suisse, found that “Stronger market revenues and superior gains continue to be achieved by companies with more women officers in roles of decision-making.”
This is a running theme, spanning multiple studies across multiple industries – with the Petersen Institute and McKinsey, among others, concluding that more women in leadership positions translates to better performance and higher profits.
Filling The ‘Gender Gap Diversity‘ Skill Gap
More women in decision-making positions within cybersecurity is clearly much needed, not to mention long overdue. When we talk of the need for a more diverse workforce, we need to look much further than gender.
For the cybersecurity industry to keep pace with the evolving threat landscape, it needs greater diversity of all types and at all levels – backgrounds, culture, ethnicity, age, experience, qualifications and beyond.
Not only is this the right thing to do from an ethical perspective – it is fast becoming a necessity. Cybersecurity faces a potentially catastrophic skill gap with an estimated 2.9 million unfilled positions globally.
Such is the gravity of the situation that 63% of organizations say they have a shortage of cybersecurity staff. This skill gap is only going to widen as the need for cybersecurity services increases. We are only ever going to fill that gap by widening our search.
This means looking to those from all backgrounds and cultures. Those without university degrees, those under the age of 21 or over the age of 60 – even those without the technical skills we might usually associate with cybersecurity positions.
The modern cybersecurity team needs a varied array of skills in its arsenal. The more technically minded must work alongside skilled communicators, collaborators, problem solvers, business leaders and project managers.
With such a pressing need for a broader range of expertise – and an ever-widening skill gap – what sense does it make to keep searching for talent in the same limited pool?
Doing so not only decreases the catchment area and potentially excludes a host of talented cybersecurity professionals, but it could also cause serious issues when it comes to defending against increasingly sophisticated cyber threats.
How Gender Diversity Can Help All Of Us?
Setting aside the fact that diverse teams tend to outperform more homogeneous ones, and the obvious logic behind searching for much-needed skills in a wider talent pool, there’s another, arguably even more important reason to continue the push for greater diversity in our industry. Without it, we run the very real risk of being left behind.
By continuing to look in the same place for cybersecurity professionals, we will inevitably continue to find the same things. The same types of people, from the same backgrounds, with the same skills, offering the same perspectives. While cybersecurity teams stay the same, we can be sure that the threats we face do not.
In other words, by following this traditional approach, we will continue to put the same set of eyes on a rapidly evolving set of problems.
Diversity challenges traditional assumptions and thought processes, bringing a fresh perspective to old problems as well as to new challenges. The more we include new and varied viewpoints, evolved from different life experiences and backgrounds, the better-informed our industry becomes: and the more equipped we are to respond to an increasingly diverse threat landscape.
Ultimately, the cyber threats we face are instigated by those from all walks of life. Deployed by those with varying skill levels, from different cultural, class and economic backgrounds. To ensure our industry can continue to stand up to these threats, we need to make sure the teams we put in place to fight them are just as diverse.