We look forward to presenting Transform 2022 in person again on July 19th and virtually from July 20th to 28th. Join us for insightful conversations and exciting networking opportunities. Register today!
The story of the young cybersecurity tycoon who spent his youth dismantling computers has been told so many times it’s almost a cliché. He started programming in the family garage. He graduated at the top of his class in computer science. He started his own startup (also from the garage), and the rest is history.
Luckily, it’s not the only way to launch a successful cybersecurity career. Unfortunately, the tenacity of this narrative tends to alienate those who feel it doesn’t fit the “traditional” mold. All too often this is true of women – and while some women achieve titles such as CTO, CIO, or CISO, the cybersecurity industry remains heavily male-dominated. The cybersecurity field still struggles to attract women, in large part because they find it difficult to picture themselves in it.
Women who thrive in cybersecurity shouldn’t be outliers—especially today, at a time when the field is experiencing explosive growth and talent is in high demand. Today’s cybersecurity companies also often cite diversity as a priority, with the stated goal of bringing new perspectives to the table. To do that, it’s time to dispel the myths that support cybersecurity’s intimidating reputation and break down the false barriers to entry that keep women from doing it.
Myth #1: You must have a computer science degree to work in cybersecurity
Despite what many people may believe, cybersecurity is something you can potentially achieve just fall in. Many cybersecurity professionals have bachelor’s degrees in fields ranging from English to sociology. Some may start out as sales representatives or pharmacy technicians. It’s true that success in cybersecurity requires a great deal of passion for the field, but that doesn’t necessarily mean spending your formative years preparing for and following a conventional path.
A computer science degree can be helpful, but is far from required. That’s not to say degrees and certifications aren’t important—but skills can be taught. Ultimately, what defines a good security professional is how they approach problem solving. For example, a degree in math or philosophy can provide a foundation of practiced logic and problem solving that translates incredibly well to cybersecurity.
Dedicated self-directed learning can also help fill knowledge gaps that impede a cybersecurity career. One thing that successful leaders tend to have in common is a willingness to constantly learn. If you are interested in topics such as programming languages, malware analysis, ethical hacking or other relevant topics, there are ways to acquire this knowledge outside of a traditional course of study. Take the initiative – Self-training and certification can set candidates apart as motivated high performers. A growing number of job applicants are coming with self-taught skills, a history of IT volunteer work, and boot camp certifications. Knowledge doesn’t just come from a university.
Myth #2: Cybersecurity is a male-only field
Despite having the qualifications, skills and dedication to succeed in cybersecurity, women can be held back by the idea that this is a male field. And while the field continues to be dominated by men, it’s far from exclusive to them. Women currently make up nearly 20% of the cybersecurity workforce. That may sound small, but in 2013 women made up just 11% of the cybersecurity workforce, so the trend is quickly moving in the right direction. If ever there was a time to take to the field, it’s now.
This is underscored by the fact that women are now more likely than men to graduate from college, marking a significant turning point in gender parity and a key indicator of the future of the workforce. But even with higher education, many women still face impostor syndrome — especially in a male-dominated field like cybersecurity. They often feel inadequate, even with a proven track record. Tech leaders are traditionally touted as male figures, and it’s easy to see why women often struggle internally with measuring themselves. Finding the right fit — and the right company culture — can make a world of difference.
Companies with a strong, values-based culture that value professional development, support, and constructive feedback are critical to success. It’s also important that women help each other and serve as mentors and cheerleaders as they advance into the field. There are allies everywhere in this industry, and they’re here to stay – after all, two-thirds of women in cybersecurity say they plan to stay there for the rest of their careers.
Myth #3: Cybersecurity requires me to code or hack
It is true that there are cybersecurity roles that require programming or hacking skills. But they are vastly outnumbered by positions that don’t. Unfortunately, many cybersecurity job postings contain requirements that seem designed for some mythical unicorn that can code, hack, and understand any job in the industry. This can be especially intimidating for women who, according to studies, tend to underestimate their own qualifications.
Companies need to be more flexible with their job descriptions, otherwise many women will not even apply. On the other hand, potential applicants should understand that while cybersecurity job openings may give the impression that only a select few individuals are qualified to apply , but this is not the case. The technology industry faces an acute talent gap and this is the most flexible time ever for candidates looking to break into this space.
Today, there are almost 600,000 cybersecurity vacancies in the US alone. Jobs are open at all levels and many companies invest in training programs to bring their employees up to speed. This is an era marked by investment in employee skills, particularly in the technical field. Gone are the days of traditional educational backgrounds; Cybersecurity recruiters look for candidates that closely match the technical skills for the job and most importantly, the right attitude.
In the world of cybersecurity, every experience is a good experience. An entry-level cyberthreat analyst job might focus primarily on reporting, but can be used for more hands-on technical support work. The industry needs talent and there will always be opportunities to expand your role and take on new responsibilities if you so desire. When these opportunities arise, you simply have to be the one to raise your hand. Sometimes all it takes is the drive to volunteer.
step into the field
The field of cybersecurity is changing rapidly. With the right dedication, skills, and support systems, today’s women thrive in every aspect of the industry. Old barriers to entry such as requiring certain degrees, the notion that it is “male-dominated,” or recruiters with unrealistic expectations should no longer keep women up at night.
Women are behind some of the most significant cybersecurity operations and innovations today. They are said to be behind even greater advances in the industry over the next five, 10 and 20 years. From entry level to C-suite, they are already doing work. There is a significant chance for more women to play a role in that future.
For anyone who isn’t sure whether to make an effort in cybersecurity, it’s time to raise your hands. If you wanted to raise your hand yesterday but didn’t, raise your hand today. Whether you’re looking to volunteer for a project, change roles, or apply for a job, the best way to start your cybersecurity career is to jump head first. Who’s in?
Heather Gantt-Evans is SailPoint’s CISO.
data decision maker
Welcome to the VentureBeat community!
DataDecisionMakers is the place where experts, including technical staff, working with data can share data-related insights and innovations.
If you want to read about innovative ideas and up-to-date information, best practices and the future of data and data technology, visit us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read more from DataDecisionMakers