Each year, Security magazine highlights the careers and impact of women within the physical and cybersecurity industry with our Women in Security program. These women represent the highest caliber of security leadership, dedication and skill within the industry. See this year’s honorees.
While combing through the multiple nominations for the awards and conducting interviews with the awardees, I’ve noticed that many women in the security profession face similar challenges as they attempt to break into or advance their careers in the industry. Recently, I had the opportunity to speak with Lynn Dohm, Executive Director of nonprofit organization Women in Cybersecurity (WiCyS), which has more than 9,800 members with representation in 99 countries.
“Our mission is to recruit, retain and advance women in cybersecurity,” Dohm says. “The impact of the WiCys organization is going strong, and it's important to note that we're not a woman's only organization. We're a community of women, men and non-binary individuals that are concerned about the critical workforce shortage that we're in.”
Recent studies have reported that about 4 million cybersecurity workers are needed to ensure assets are secured effectively.
During our conversation, Dohm discussed the 2023 State of Inclusion in Cybersecurity Report released earlier this year as well as themes of exclusion that women face in the cybersecurity industry. The report, completed in collaboration with DEI firm Aleria, collected data from just over 1,000 employees including approximately 35% men and 65% women, representing more than 20 different organizations.
“It's our corporate and social responsibility to create the inclusive spaces in order for us to solve the cybersecurity workforce challenges,” Dohm says. “We realized that inclusion isn't talked about as often as diversity, because inclusion is a feeling, and it's only felt when you're excluded. That's what led us on this journey of doing this State of Inclusion Report. In order for us to bring awareness to cybersecurity leaders about the state of inclusion, and really elevate the conversation of inclusivity and inclusive spaces, we also had to bring that awareness to cybersecurity leaders.”
Those participating in the survey shared experiences that caused them to feel excluded. The report revealed that women were excluded at a rate two times higher than men with top areas of exclusion including respect, career and growth, access and participation, and recognition. The report also highlighted that women were five times more likely to cite their direct managers and peers as sources of that exclusion.
“When you're getting passed up for promotion opportunities and you're seeing your peers get promoted, it gets a little discouraging,” Dohm says. “It tends to lead to like death by a thousand paper cuts, all those little reoccurring themes that women experience every step of the way, leads to them maybe potentially either leaving that position within an organization or switching careers altogether.”
Recounting a recent conversation with a CISO, Dohm says the most important thing organizations can do to improve inclusion in the workplace is just to “pay attention.” The CISO had mentioned he had 35% women on his cybersecurity team (while recent studies reveal women represent just 24% of the cybersecurity workforce), so Dohm asked about his approach and what he was doing differently.
“He just shared with me that he was paying attention, he said if something wasn't working within his organization, then it must be broken,” Dohm continues. “And he wanted to pay more attention to it to see what how he could mitigate some challenges and barriers across the way.”
This included going through and updating employment descriptions and requirements to be more inclusive and include gender-neutral language. They also made a conscious decision that they were going to train new employees on company tools and protocols.
“They were willing to invest into the industry and in the human capital of the individuals that they were hiring themselves, and it paid off,” Dohm says. “It really boils down to paying attention.”