This morning, Synack gathered a distinguished panel of women in cybersecurity to share their perspectives on the cybersecurity talent gap and offer lessons for supporting the next generation of women leaders.
Men still outnumber women by three to one in the cybersecurity industry, according to a recent (ISC)² report, despite evidence that a more diverse workforce drives better business and security outcomes. While executives at many organizations have acknowledged the problem, they’ve often struggled to find actionable solutions to address this talent gap.
At Fogo de Chão, steps away from the RSA Conference in San Francisco, Synack hosted Kiersten Todt, Chief of Staff at the U.S. Cybersecurity and Infrastructure Security Agency; Betsy Wille, Chief Information Security Officer, Abbott; Tiffany Gates, Senior Managing Director for the National Security Portfolio at Accenture Federal Services; and Edna Conway, VP, Security and Risk Officer, Azure Hardware Systems and Infrastructure at Microsoft, for an intimate conversation moderated by Jill Aitoro, SVP of Content Strategy at the CyberRisk Alliance.
Among the insights from the panel: It’s one thing to hire top talent, it’s another to make women feel like they belong at an organization. And security leaders will need to shake things up to meet aggressive goals like CISA’s plan to have women represent 50% of the agency’s work force by 2030, up from about 36% now.
“We have to be ambitious. We have to be disruptive, because the only way we’re going to get there is by undoing some of the things we’ve done today,” Todt said.
Other key takeaways from Synack’s Celebrating Women in Cyber Breakfast:
“We need to be bringing this terminology, this language, to kids in elementary school,” Todt said. “We have to surround them with this field so that they’re able to pull these factors in and grow up with it, so when they’re in high school, they can see the interest they have in these areas.”
Educational institutions will have to move fast to meet the talent needs of a rapidly evolving sector like cybersecurity.
“I do think there’s a huge opportunity to grow this field much more substantively than we have, because it actually encompasses everything that we do,” Todt said. “There is no greater field that should truly represent the planet.”
Gates of Accenture, who described herself as “terrible” with numbers, reached out to mentors in a range of fields while forging her own career path.
“Don’t flop toward someone who is just like you,” she said. “I want to be mentored by someone who was in the finance shop, just to better understand the kinds of obstacles and challenges they were dealing with.”
Conway, who said she’s currently a mentor to 14 people, pointed out that advocates like her “need to listen more than we speak, because each of our colleagues comes to the table with something different.”
Build a different kind of pipeline
Heavy turnover in the cybersecurity field has opened important conversations on alternative hiring pipelines, said Wille of Abbott. “We’re in better company than maybe we were a couple years ago in pushing the idea that the traditional means of education are not going to be the only places we can look. We’ve seen that improve,” she said.
Wille pointed out that a few months after starting work at Abbott, she was able to onboard someone who showed initiative but had no college degree on file because the company had enabled that level of hire. The employee has since been promoted, and Wille said she would “hire 10” just like her if she could.
Still, challenges persist in areas like security clearances, which can be integral to a federal cybersecurity career but trip up many candidates.
“When we talk about how hard it is to find women that we can bring in, now take 20% of that available pool,” Gates said. “That is what I have to work with, because the number of cleared resources in this community just decimates the number of women that I have available to choose from.”
Commit to learning
“Talent doesn’t come in one container, it doesn’t come with one linear trajectory,” Todt said. “We have to do a better job opening up the aperture.”
Poorly written or overly demanding job descriptions can turn away prospective candidates at the front door. Instilling the courage to apply in the first place is key, but that’s not the end of the story.
“It’s not just to have confidence, but quite frankly to step up and be willing to do the work to figure out what you need to learn and go learn it,” said Conway, who pointed out that she has a degree in medieval renaissance literature but built her career in tech by continuously asking questions. “The burden falls on each and every one of us… Reach out, pull up, help, kick in the derriere when needed and do it with care, do it with humility, and you’ll be amazed what happens. We are a powerful force together: Never forget that.”
For more information about how Synack is tackling the cybersecurity talent gap, check out our white paper “Solving the Cyber Talent Gap with Diverse Expertise.”