A new study by Kaspersky Lab reveals that before the age of 16, most young women in the U.S., Europe and Israel have already decided against a career in cybersecurity. This trend is a major factor contributing to the industry’s continued struggle to attract female recruits, as it attempts to both narrow the gender gap in IT security and address the growing skills shortage. 

The Global Information Security Workforce Study, conducted by (ISC)² and its Centre for Cyber Safety and Education, found that women comprise only 11 percent of the current cybersecurity workforce. If the industry is going to start encouraging more women into its ranks, Kaspersky Lab claims that cybersecurity’s image among young people needs a revamp. The study found the terminology generally associated with cybersecurity roles – such as ‘hacker’ – is considered to have negative connotations and is unlikely to appeal to young women, two in three of whom say they want to pursue a career they are passionate about instead. 

Furthermore, a third of young women think that cybersecurity professionals are ‘geeks’ and a quarter think they are ‘nerds,’ perhaps also contributing to the fact that 78 percent of young female have never considered a career in cybersecurity. 

Working with industry experts, Kaspersky Lab’s study found that there is a perception problem around cybersecurity careers, and that this, combined with the fact that young women are making their career choices at such a young age, is making it difficult for the industry to encourage women into the sector.

“Based on our research, at the moment, young women do not perceive cybersecurity to be a viable or attractive career option for them, and they are therefore ruling out a career in the IT industry at a young age, making it hard to persuade them otherwise,” said Todd Helmbrecht, senior vice president of marketing, Kaspersky Lab North America. “Early education plays a critical role in overcoming entry barriers, but there’s also a need to change the industry’s image as a whole and promote the careers within. An important part of that process is making the roles more visible and enticing, and debunking the stereotype of IT security geeks sitting in a dark room hacking computers.” 

With 42 percent of all respondents agreeing it is important to have a gender role model in their careers and half of women preferring to work in an environment that has an equal male/female split, Kaspersky Lab is calling for more female role models from within the industry to step up to the task of promoting cybersecurity careers. 

“As shown in the Kaspersky Lab report, young women are often not aware, do not feel prepared and do not see relatable role models that motivate them to consider cybersecurity roles. In particular, many individuals have the mistaken belief that cybersecurity is strictly a technical job requiring strong coding skills,” said Stuart Madnick, professor of Information Technologies and founder of the MIT Interdisciplinary Consortium for Improving Critical Infrastructure Cybersecurity. “Although that is true for some jobs, cybersecurity threats often come from deficiencies in an organization’s culture and procedures – having ‘soft skills’ can be as, and sometimes even more, important as technical skills in making a difference in an organization.” 

“We have found that workers often seek a job that is meaningful, has an impact on something important, and is fun as well as engaging. Cybersecurity jobs fit these criteria. We just need to rethink and improve how we communicate this,” Madnick concluded.