Women codingCarolyn Crandall, Chief Deception Officer at Attivo Networks

At first glance, cybersecurity can seem like a lonely profession for women, with female practitioners almost always greatly outnumbered by their male colleagues.

Research from IBM found that women make up just 11 percent of the security industry; even fewer (as little as one percent) are in a leadership role. Yet, cybersecurity is also an exciting, fast-paced career that can be hugely rewarding for anyone with a passion for technology, regardless of gender.

One myth I can dispel right away is that to get into cybersecurity you first have to be some sort of coding expert. This is not always the case. In cybersecurity, there are many different and important roles to occupy, which rely on a wide range of skills. From product management, risk management, testing, problem solving, sales & marketing to budgeting and more. This industry thrives on its diversity of experience, education, and background.

Learning and experience

A good way to get started is by taking a course, applying for an internship, or an entry-level position to obtain foundational qualifications and certifications. Not only does this allow you to develop your knowledge-base and skill set, it also shows your willingness to learn new things. Even with baseline experience, it’s still important to always continue to learn and stay current on new technology and ways to address modern challenges. I recommend seeking out managers who present opportunities for long-term career progression and understand the importance of providing continuous learning for their employees. For example, with my recent college graduate hires, I have created a learning environment that encourages them to ask questions and try out new things. I also urge them to sign up for training classes and engage with the many training resources that are made available online.

Something else that helps within this space is to stay on top of the latest trends, technologies, and news. Educate yourself about what is going on in the cybersecurity community, so as you continue to develop in your career and in your day-to-day skills on the job, you also maintain a high level understanding of the market and allow it to inform your professional decision-making .Personally, I strive to read any significant security stories in the news. An awareness of what’s going on is essential if you want to stay relevant and ahead of the competition.

Another piece of advice is to try new and different workplaces to experience what it’s like to work for both large and small organizations. A larger company will have well-defined roles that you can learn within and the budget and infrastructure to expose you to a wide range of interesting projects and life lessons. Working for a small business, by contrast, will have less definition to how a role needs to be done, teaches you to take on more responsibility and to make tighter budgets stretch as far as they can go.

Getting the job

In my experience, women are every bit as suited to cybersecurity as men. However, over the years, I’ve also noticed a distinct difference in their approach, especially when it comes to landing a job or career advancement. Men tend to be good at exuding confidence about a role even if they are not entirely qualified. By comparison, women can tend to be more conservative and prefer to successfully master every detail before committing to take on a new responsibility. I would strongly encourage women not to let the lack of a “checked box” hold you back. Hardly is there ever a perfect candidate that can do it all. It’s much more important to present yourself as someone who is very capable and is willing to learn what they don’t know. I will often bet on the “athlete” with a hunger for success over someone who has simply done the job before.

In this industry, you may find yourself going head to head against exceptional individuals with exhaustive security experience or military backgrounds. And, admittedly, it can be very intimidating to compete with or to participate in projects with these seasoned professionals. I encourage you to take a deep breath and believe in your abilities. If you know your stuff, walk the walk, talk the talk, and do it with the swagger that you have earned. Although you may encounter some jerks, you will find most people to be welcoming to women in the field and will appreciate what you bring to the table, both today, as you learn more, and as you grow stronger in your capabilities.

Regardless of where you are in your career, take the time to build a reputation for yourself, internally and externally, as an expert and a recognized authority in your field. This means demonstrating knowledge and experience to your colleagues and sharing insights with industry peers. Blogging, contributing to articles, and commenting on posts can all be excellent ways for establishing a name for yourself. Speaking at conferences can also be a great way to share your insights and for networking purposes.

Encouraging more women into tech

Women entering into cybersecurity with their fresh perspectives have so many things they can offer the industry. A different point of view or approach can be extremely beneficial when it comes to driving innovation, reducing risk, and delivering on a new product or service.

Both men and women need to make sure that women joining cybersecurity don’t end up feeling isolated, unsupported, or alone. We collectively need to create strong support networks and help each other out more. This can be as simple as socializing so that you get to know your female colleagues, mentoring other women, or even joining online groups of like-minded people to learn how they cope with similar circumstances to your own.

The tech industry has a lot to offer women, and women have a lot to offer the tech industry.  By being welcoming and supportive, we can attract incredible talent and be a better workforce to show for it. That’s why I would not hesitate to encourage any women thinking about a career in cybersecurity to go for it.

Carolyn Crandall About the author

Carolyn is a technology executive with over 25 years of experience in building emerging technology markets in security, networking, and storage industries. She has a demonstrated track record of successfully taking companies from pre-IPO through to multi-billion-dollar sales and has held leadership positions at Cisco, Juniper Networks, Nimble Storage, Riverbed, and Seagate. Carolyn is recognized as a global thought leader on technology trends and for building strategies that connect technology with customers to solve difficult information technology challenges. Her current focus is on breach risk mitigation by teaching organizations how to shift from a prevention-based security infrastructure to one of an active security defense based on the adoption of deception-based cyberwarfare.