How Tech Executives Can Support Gender Diverse Cyber Talent

I believe that the best leaders are change makers and problem solvers. They’re innovative in their thinking and approach. I’m lucky enough to get to work with some of these folks. Having spent decades of my life in tech as an engineer, I’ve seen lots of positive change for women.

Through Cloud Girls, a non-profit organization that I helped to co-found 12 years ago, I’ve had the benefit of meeting women who are leading the way in cybersecurity by blazing a trail for other women in the space like Tina Gravel, former EVP of Channel for Appgate, a VPN replacement tool. Tina hired a team of channel sellers with little to no security experience and trained them, believing that all of their other expertise would provide a bridge to selling security. She took a chance and was correct. Or Shinesa Cambric, IAM product lead at Microsoft. Shinesa is a Cybersecurity practitioner and an African American female who leads by example for young women of color in the cybersecurity space.

Being around these women has allowed me to see some of the possibilities for bringing women into the security space. I’m continually impressed by these female leaders and women like them, and the lens through which they look at problems and the tools and creativity they use to solve those problems. 

A long-standing problem for tech leaders has been attracting female talent. The cybersecurity team is no exception. 

Cybersecurity Ventures reports that the number of unfilled jobs leveled off in 2022, and remains at 3.5 million in 2023, with more than 750,000 of those positions in the U.S. This number had been climbing. Industry efforts to source new talent and tackle burnout continues, but Cybersecurity Ventures predicts that the disparity between demand and supply will remain through at least 2025.

Here's this stat about women in cybersecurity — it seems like slow pacing, but forward-thinking leaders who want to move the needle sooner should consider this advice to diversify their cybersecurity talent even faster. According to CyberCrime Magazine, women held 25 percent of cybersecurity jobs globally in 2022, up from 20 percent in 2019 and around 10 percent in 2013. Cybersecurity Ventures predicts that women will represent 35 percent of the global cybersecurity workforce by 2031. These statistics represent a 15% growth in 10 years. The net of these statistics is that women’s place in the cybersecurity workforce is growing. 

Given these numbers, there’s a strong chance that today 75% of your organization’s cybersecurity team is male. The dovetail effect of open cyber positions and a limited number of female cybersecurity team members represents an opportunity for leaders to do more than just fill empty chairs. 

It represents an opportunity to improve business performance. Diversity pays dividends. According to a study from Boston Consulting Group, the more diverse a leadership team is, the higher innovation and financial performance. So how are savvy tech execs approaching the problem and changing the stats? They do three things really well. 

Create a Security-First Culture

A security-first culture treats cybersecurity not as a tech problem but as a business imperative. When executives see and treat security as an essential element of day-to-day business, employees see firsthand that security is an integral part of the business. This translates as part of the brand and culture and attracts candidates to the organization. Given the shortage of cyber talent, candidates have options when it comes to finding a new role. One of the important things I hear from women changing roles in cyber is that they want to land in an organization that values cyber. This usually translates to budget for the tools they need to do their jobs and something less tangible but maybe more important — executives at these organizations usually understand and value the vital role of cybersecurity to their organization and provide respect to the teams that keep the organization healthy. 

Encourage Cross-Skilling

There is a perception that cybersecurity is just focused on a person’s technical skills but in fact, the role requires creativity, problem-solving, and good communication skills. Cross-skilling is a trend that many organizations are jumping on. There are opportunities to bring highly skilled people from different IT teams into the security team. A 2020 World Economic Forum report found that women make up (26%) of data and AI positions in the workforce. AI is becoming a key component of cybersecurity tooling. Women with skills in AI and data can bring different skills to the table that cyber teams will find valuable. Titles that didn’t exist five years ago are mainstream today — network security or DevSecOps engineers, for example, require a team member who has knowledge and skill in two disciplines. The takeaway here is that there could be members of other IT teams who have an interest in security and could bring value to the team. Leadership needs to make it known that there is organizational room for growth and that the growth might be a horizontal move into security. 

Encouraging cross-skilling deepens relationships between groups and creates an environment that encourages innovation. Creating new positions empowers internal female candidates to grow their skill sets and perhaps attract external female talent as well. 

Enable a Formalized Approach To Mentoring

As a leader, providing a formal mentorship program only strengthens your talent pool. 

Even an informal approach matters. Informal mentoring happens in many ways.  One of my favorite quotes is “Be the change you want to see in the world.” This quote was one of the reasons I started Cloud Girls 12 years ago. I wanted to create a space where women in tech could form a community that brought together women at all levels of their careers. My hope was that those of us who had been in tech for a bit could shine a light on possibilities, chat about our journeys and talk through challenges that those women with less tenure in tech were having. One of the fortunate outcomes has been the informal mentoring between more seasoned vets in the field and rising stars in the tech space. My point is that everyone wants to be heard and everyone wants to be able to ask for occasional career advice. That  venue doesn’t have to be formal or even virtual (we meet via Teams 10-12 times a year with only one “in-person” event).  So I ask you as leaders, what could you build today that might look like this?

In the end, though, equity work is everyone’s responsibility. By empowering and retaining their female workers, executives can ensure a brighter, more balanced future for tech.

Jo Peterson is the Vice President of Cloud and Security Services for Clarify360. An engineer by trade, Jo has been helping clients architect cloud solutions since 2009. She is followed by an audience of over 65,000 on Twitter and has over 12,000 followers on LinkedIn for her practical insights cloud and security. Jo holds multiple AWS, Azure and Google certifications as well as CCNA and CCNP. She is currently in process on her CCSP and CISSP. She has a Master’s Degree in Information Technology as well as an MBA, is an Air Force vet and the founding Co-Chair of cloudgirls.org.