Women break through cybersecurity’s glass firewall

Deb Gilbert

It will come as no surprise that women face a gender gap when it comes to high-paying IT and cybersecurity jobs.

But women are aiming high to surmount barriers in tech fields, and their achievements are setting examples for girls and young women who might not otherwise consider an IT or cybersecurity career.

Women make up 57 percent of adults employed in professional occupations in the United States but hold only 26 percent of tech jobs, according to The National Center for Women & Information Technology’s 2020 Scorecard: The Status of Women in Computing. The center is a nonprofit organization that aims to increase meaningful participation of women and girls in computing; the scorecard can be viewed at ncwit.org.

More girls are taking computer science in high school, but access remains unequal, the scorecard states. More women are earning post-secondary degrees in computing — the numbers have been increasing since 2010 — but at all levels, a persistent gender gap remains. There are fewer women faculty in computing as well.

In the cybersecurity field, men outnumber women 3 to 1, but more women are joining the field, according to the 2018 Cybersecurity Workforce Study from (ISC)², a cybersecurity professional organization.

Globally, the study found that women comprise about 24 percent of the cybersecurity workforce. That figure includes IT professionals who spend at least 25 percent of their time working on cybersecurity responsibilities.

Not surprisingly, there is also a pay gap in the cybersecurity field. Women in cybersecurity management positions earn on average about $5,000 less than men annually.

Part of the difference might be explained by the fact that women cybersecurity professionals are younger than their male counterparts. But women are aiming to close the gap by earning more degrees and certifications than men do.

“Our research shows encouraging signs that women are succeeding in forging a path to career success by seeking higher education and qualifying for leadership roles despite traditional obstacles like discrepancy in pay,” the study concludes. “As women succeed in the profession, they serve as role models for other women wanting to join the cybersecurity workforce.” View the full report at isc2.org.

The Business Journal asked three local women who are leading IT professionals to talk about what needs to be done to close the gaps and encourage more women to enter these fields.

HIGH DEMAND

“Cyber is booming here in Colorado Springs, and it’s a job that can often be done virtually,” said Sara Kinney, founder and CEO of Rim Technologies, a provider of tech solutions to government and business clients. “With so many struggling with job loss during the pandemic, now might be a perfect time to reassess career goals and think about cyber as an option.”

Cybersecurity Ventures, which researches and reports on the cybersecurity market and cybercrime, predicted that there will be 3.5 million cybersecurity job openings globally by 2021, and Kinney said she doesn’t see any decrease in the demand for information security professionals on the horizon. Small businesses may be especially at risk and thus especially in need of cyber professionals.

“With so many businesses focusing on online sales during the pandemic, the IT crunch is real,” Kinney said. “With all those transactions happening online, with such a rush to get virtual marketplaces established, there is bound to be vulnerabilities. Businesses need to seriously think about investing resources to protect their virtual stores and critical business information, just like they invest to protect their physical locations.”

The growing number of cybersecurity jobs is beckoning to women, who might be even more interested if they knew how many types of cyber jobs are available, she said. Many women professionals have problem-solving and analytical skills that could translate to the cyber domain.

“They just don’t realize they can make the jump to cyber using their existing skills and make more money supporting a cyber project,” Kinney said.

While educators are doing more these days to try and steer girls into STEM courses that are the foundation for cyber jobs, “we see women trailing in those fields also, which leads to even lower participation in cyber careers,” she said. “The reality is we need more people without any real technical background to take action towards a future in tech to help bridge the massive labor market gap in cyber. We need more people to get cyber curious.”

There are many local pathways for cyber-curious women to take, Kinney said.

Several courses at Pikes Peak Community College can serve as on-ramps to a cyber career.

For high school graduates and working professionals, UCCS offers courses certified by the National Security Agency Information Assurance Courseware Evaluation program that employers readily accept.

Formal certification programs from LeaderQuest, CompTiA and SecureSet are available online.

“There are even free video courses and programs on YouTube such as Professor Messor and resources like CodeAcademy and Kahn Academy online for those looking to learn software and mathematics skills and not yet ready to commit to a formal IT certification test,” Kinney said.

A CULTURAL SHIFT

Miriam Piper, IT manager at the Cheyenne Mountain Zoo, didn’t start out in IT, although she’s always been good at technology, science and problem solving.

“I was actually in the hospitality field,” she said. While Piper was working at the Colorado Springs Convention & Visitors Bureau (now Visit COS), “I started taking on the IT troubleshooting and worked my way up from there.”

Piper found a mentor in the IT field at a third-party contractor, who offered her a chance to work there as a second job. She joined the Cheyenne Mountain Zoo as IT manager in 2012.

Piper, a Mitchell High School graduate, said a technology career wasn’t something that was presented to her as an option when she was growing up. 

She said she’s seeing an increase in girls’ interest in tech fields and in STEM education but thinks more encouragement is needed.

And even when women get into STEM fields, “women are 45 percent more likely to quit within a year than their male counterparts … because of the adversity they face,” she said, quoting a Harvard Business Review statistic. “So I think we’re talking about a broader cultural shift in general, and that’s going to start with the leaders of all organizations.”

Piper said it’s crucial for IT teams to educate users of their systems as much as possible on cyber threats and what they can do to protect themselves before an incident happens.

“I believe the IT team should really be able to communicate, work with the employees, and answer questions and educate staff,” she said. “What I have not seen in a lot of other organizations is a lot of interaction between the tech team and the employees.”

Although the zoo’s employees mostly work at hands-on or physical jobs, a few employees are working remotely.

Education on cyber risks and prevention is just as important for work-at-home employees, she said; “they’re still remoting into your network, so anything they’re doing on their machines still poses a risk to your organization.”

SECURING PATIENT DATA

Peak Vista Community Health Centers faces particular challenges in protecting data such as the health records of patients.

Since the pandemic gripped the nation, “working from home, telehealth and the constant changes is what’s keeping us on our toes for cyber,” said Deb Gilbert, vice president of information technology.

“We don’t want employees using their personal devices, for security reasons,” she said. “We have to find hardware that we feel comfortable adding to the network, but because of the pandemic, a lot of manufacturers are shutting down and it is taking two weeks to get anything on shore.”

Peak Vista can’t control the devices patients have, so they outsourced a secure, web-based platform for use during telehealth consultations.

“That definitely takes the weight off us from having to worry about the equipment, and it is secure on both ends,” Gilbert said.

Gilbert has worked in IT for more than 20 years and has become increasingly concerned with cybersecurity in her job.

“Cyber is where everything’s going, and so you definitely have to stay up with it,” she said.

She agreed with Piper that user education is key for every business.

“Half your battle for cyber is just teaching them what they can do and what they shouldn’t do,” Gilbert said.

The biggest mistake businesses make is considering security a one-off effort.

“There’s no way that you can just relax and say, ‘OK, we’re secure.’ It’s always a work in progress,” she said. “And everybody should be following best practices. Some people don’t; we do.”

Gilbert thinks women bring a unique perspective to the industry.

“I definitely have a different mind frame from most of my male co-workers,” she said. “We’re definitely more people-oriented, but a lot of times, you just see the problem differently.”

That diversity of thinking is what women can bring to IT teams, she said. To increase women’s participation, she thinks educators need to stimulate girls’ interest in science in middle school.

“We need to show them what the field can be and what they can do, and the impact that they can have,” she said. “I think that if we close the gap and have that diversity in the field, it will really help the industry.” 

Reporter

Jeanne Davant is a graduate of the University of North Carolina. She worked for daily newspapers in D.C., North Carolina and Colorado, and has taught journalism and creative writing. She joined the Business Journal in 2017.