• United States




Attracting female talent: How to tackle the cybersecurity gender gap head on

Oct 03, 20166 mins

Practical solutions to make cybersecurity careers more appealing to women

gender equality scale
Credit: Thinkstock

For generations, there has always been a gender gap in multiple fields, but this gender gap is growing wider in technology. For example, Melinda Gates noted during this year’s Code Conference, “When I graduated 34% of undergraduates in computer science were women… we’re now down to 17%.”

If this problem sets off alarm bells for the technology industry as a whole, it should be a code-red alert for the cyber security industry where there are currently 1 million jobs unfilled. This problem is expected to get a lot worse before it starts to get any better; in 2019 there is predicted to be 1.5 million cyber security jobs unfilled. If we don’t tackle the cybersecurity gender gap then attracting and retaining cyber security talent is going to go from bad to worse and then stay there for a long, long time.

Brad Grossman at The Wall Street Journal ran a great article on the barriers that limit job opportunities for professional women in technology titled What the Gender Gap in Technology Gap Could Cost Us and I’d like to focus in on one specific point he made:

“Most firms fail to identify the ‘job acceptance criteria’ that professional women need to be met before they will accept an offer. If you don’t meet each of professional women’s needs in an offer, they will simply stay where they are. This becomes a problem because the standard offer is undoubtedly sculpted to the needs of average professional men. Not personalizing the offers will result in a higher percentage of rejections of the offers made to women.”

How do we attract female talent to the technology industry, and cyber security specifically? The answer lies with one word: Flexibility. The reality is that most companies fail to customize job offers to fit the unique concerns of women.

Companies that provide paid maternity leave and offer the option to take an extended period of time off to all their employees often find greater success attracting female talent. In fact, according to the 2012 DOL survey, companies that provide paid maternity leave have a positive impact on the lives of workers.

Long hours are definitely a contributing factor to why men dominate the workforce. Many experts assert that work-life balance is more important to women than it is to men. In fact, a 15-year study in the U.S revealed after having children, men often work longer hours, whereas women tend to switch to a job with more flexibility and shorter days.

[ ALSO: Top 10 ways to retain IT security talent ]

Flexible work schedules during the school year is helpful as well, especially when both parents work, and are even more crucial if one or both parents travel for work. Today, most companies have an IT system setup so that if workers’ children are sick, they have the option to work from home, and this type of arrangement goes a long way in maintaining a healthy work-life balance. Often times, implementing a telecommuting policy not only retains top talent, but also effectively attracts new talent.

Here are some other tried-and-true strategies to attract and retain female talent in the technology industry that can make a difference for cybersecurity:

  1. Post open positions on women-focused career boards to boost female applicants.

    Posting open positions to female and technology specific job boards will put your company in front of qualified female talent.

    BONUS TIP: Highlight flexibility and other work life balance areas to showcase how your company stands out from the competition.

  2. Provide a family first approach your company.

    It is often difficult for working mothers (and fathers) to advance their careers while remaining present at home. According to a 2015 Pew Research Survey, three-in-10 parents and four-in-10 mothers, full and part-time, said that being a working parent has made career advancement harder. By offering flexible schedules, daycare options, etc., you will attract and retain talent, male or female.

  3. Provide equal pay.

    According to a 2015 report from the U.S. Census Bureau, on average, women make $0.80 for every dollar their male counterpart earns. Make sure you are paying men and women equally for the same jobs. If salaries are driven by merit, determine raises fairly. To avoid discrimination issues, organizations need to ensure that their market data is current and that they are paying employees appropriately.

  4. If you have leadership programs, develop programs specifically for women.

    Companies with leadership programs geared toward women encourage growth and career development and nurture female talent. It is important that these programs teach women leadership skills, while also instilling the value and importance of leading by example and motivating employees to excel.

  5. Establish a mentorship program.

    To foster growth and development, it is crucial to create a mentorship program where current female leaders mentor junior staff. As I mentioned in a previous post there is no single solution to stimulate growth, but as female leaders, it is our responsibility to build others up, rather than tearing each other down.

  6. Diversify your work environment.

    Welcome diverse interns into your organization and cultivate talent. Interns are hungry for skill development and are often eager to take on new opportunities. By educating our youth, we can stimulate interest in the technology field and prepare the next generation to fill the one million open positions in cybersecurity.

If there is one thing I’ve learned over the years it’s that your employees and peers will forget exactly what you said or what you did, but they will never forget how you made them feel while working with or for you. Collectively, we need to shift how women feel about their ability to be successful in a cyber security career and we need to treat their unique concerns with the respect they deserve.

[ RELATED: 10 tips to attract women to infosec jobs ]

This is definitely a complex problem with multiple dimensions and I realize that solving it isn’t easy. Over the last 30 years, I also know that I have solved a lot of complex problems. Sometimes the solution worked really well right from the start and sometimes the solution I tried initially worked poorly. Therefore, it is without a doubt a necessity, that technology decision makers as a whole need to accept that we won’t always make the right decisions on gender issues. In fact, let’s acknowledge that we will totally mess stuff up! We also need to continue to try to deliver better solutions because failure is part of success.

And when it comes to the gender gap in cyber security getting it wrong permanently is bad for everyone.




As CIO and chief information security officer at Venafi, Tammy Moskites helps CIOs and CISOs fortify their strategies to defend against increasingly complex and damaging cyberattacks on the trust established by cryptographic keys and digital certificates. Tammy draws on her professional experience, leadership capabilities and domain expertise as a CISO at Global 250 companies to help fellow CISOs defend their organizations. There is often a gap that cybersecurity teams miss in securing keys and certificates that leaves the door open for cybercriminals. Tammy’s leadership and experience will help other CISOs close those doors.

Prior to joining Venafi, Tammy served as CISO at Time Warner Cable, where one of her many responsibilities was to re-engineer and centralize the information security and IT compliance organizations to support global operations. Tammy also held the CISO position at The Home Depot, where she provided strategic executive and collaborative business direction for several teams, including identity and access management, IT compliance and regulatory, e-discovery and forensics, encryption and more. Tammy's other relevant security experience includes stints at Huntington National Bank, Complete Information Technologies LLC, BankOne, Nationwide and Aetna.

Tammy is also a leader in several important IT security organizations, including ISSA, ISACA, InfraGard and the Information Risk Security Board. In 2013, she was recognized as one of the Top Women in Technology by CableFax magazine and as one of the 25 finalists for the Evanta Top 10 Breakaway Leader Awards. In 2010, she was the winner of the Information Security Executive North America People’s Choice award. Tammy is a member of the advisory boards of Box and Qualys, and she provides strategic guidance to other industry-leading security vendors.

The opinions expressed in this blog are those of Tammy Moskites and do not necessarily represent those of IDG Communications Inc., or its parent, subsidiary or affiliated companies.