The twentieth century saw huge progress in gender equality as increasing numbers of women embarked upon professional career paths. Certainly, in some sectors such as education, medicine and law, women are increasingly prominent in the general workforce and leadership roles, but other industries appear to be a long way off from achieving full equity. Unfortunately, cybersecurity is one such industry with much progress to be made in terms of diversity and gender parity. While cybersecurity is one of the most fast-paced, rapidly evolving modern industries, this evolution does not appear to apply to the number of women involved in the field.
As institutions of higher education reel from recent cyberattacks in the United Kingdom, IT departments work tirelessly to secure sensitive student data. Student records offer a wealth of personally identifiable information (PII) from birth dates and social security numbers to bank account numbers and home addresses. In parallel, a study released by EDUCAUSE in July 2020 notes that the CIO’s Commitment on Diversity, Equity, and Inclusion (DEI) reports that 83.1% of respondents strongly agree that “diverse, equitable, and inclusive workplace environments foster more effective and creative teams of technology professionals.” Although at first glance, these two issues appear unrelated, bringing diverse voices to the cybersecurity table may provide a way through, rather than around, the current security struggles facing remote learning models in higher education.
ASIS International and the Security Industry Association (SIA), announced a free virtual event, titled “Global DE&I Strategy: Policy and Practices that Produce Positive Business Outcomes," to help security leaders around the world develop and implement diversity, equity and inclusion (DE&I) strategies.
As CSO of Auth0, Joan Pepin is responsible for the holistic security and compliance of the company's platform, products, and corporate environment. Here, we talk to Pepin, who has focused her time on mentoring and advocating for women in cybersecurity and technology, working to reconstruct the notion that women should only work within their bounds, and encouraging women to reach higher and challenge the status quo. She actively supports, advises, and works alongside women in the cybersecurity industry including participating in organizations, like Women Who Code and Women in InfoSec.
YEG Disaster Dash aims to raise money to support Black and Indigenous students in their first year of Northern Alberta Institute of Technology's disaster and emergency management program. The 5K is scheduled to be a virtual event on October 15, 2020.
The National Cyber Security Centre (NCSC) and KPMG UK have jointly published the first annual Decrypting Diversity: Diversity and Inclusion in Cyber Security report, which aims to set a benchmark for improving the experiences and opportunities for existing and future staff working in the industry.
Women face unique entry barriers in the security industry, discouraging many from pursuing careers in the industry in the first place. This trickledown effect, combined with a lack of recruiting and mentorship opportunities, means the security workforce is drastically lacking in gender diversity. When companies prioritize female leadership development and break the stigma, they create diversity of thought in the process, driving their own success.
Today’s center of gravity in cybersecurity is shifting, pulling the skills and experience of cyber defenders in new directions. In most companies, this situation has led to a convergence of responsibilities between physical security, information security and cybersecurity teams, and an increased commitment to “staffing-up” of dedicated “cyber defenders.”