The International Information System Security Certification Consortium reported the U.S. alone lacks 359,000 qualified cybersecurity specialists, while the global shortage is estimated to be at 3.1 million.
The numbers are particularly alarming in the context of the current cyberthreat landscape. IBM’s Cost of a Data Breach report claims the cost of a breach is at an all-time high – on average, it costs companies $4.24 million to mitigate the damages if successfully breached.
At the same time, the number of internet crime complaints soared last year, as the FBI reports they received nearly 800,000 such complaints in 2020, a 70% increase from the year before.
“We are sitting on a powder keg,” said Juta Gurinaviciute, Chief Technology Officer at cybersecurity provider NordLayer. “Not only are the cyberthreats becoming increasingly sophisticated and devastating – there aren’t enough skilled professionals to counter them. Clearly, we need systematic changes within the industry to bridge the gap before we can get on the offensive against cybercrime.”
According to Ms. Gurinaviciute, who spent more than 20 years in various cybersecurity and systems engineering roles, cybersecurity is a male-dominated field. Still, it must transform itself and become more inclusive towards women to bridge the glaring workforce gap that currently exists.
Increasing representation of women in cybersecurity
There are several solutions that could mitigate the current situation and make the cybersecurity work environment more welcoming to women.
“As with most problems in business and society, it all starts with education,” added the NordLayer CTO. “More girls should be encouraged to pursue STEM education programs, both in school and in higher education. In the case of cybersecurity, companies need to up their collaboration with educational institutions of every level, in every country.”
Then, Gurinaviciute said, there are the promotion and pay gaps that are still highly prevalent within the technology sector.
“In most conferences and high-level meetings I attend, the overwhelming majority of participants are men,” continued Gurinaviciute. “Having spent more than twenty years in the field, I know for a fact that women are neither less skilled nor less talented engineers, but the promotion gap makes it seem so. Cybersecurity companies should rethink their policies, become aware of their biases, and give women equal pay and career opportunities.”
Even if the above-mentioned changes are applied industry-wide, there is still a long way to go, the cybersecurity expert acknowledged. Stereotypes regarding tech jobs are ingrained in our societies, and while more women are taking up IT engineering jobs in recent years, it will take a more active approach to defeat the existing stigmas.
“I hope we won’t have to talk about this issue in ten or twenty years,” Gurinaviciute concluded. “There are various non-profit organizations now that work on changing the societal perspectives on tech jobs, promote a gender-neutral approach to cybersecurity, and create much-needed mentorship programs for women. Both the cybersecurity industry and governments globally have to start prioritizing this issue because we can’t afford to not do so anymore.”