International Women’s Day: The Power of Diversity to Build Stronger Cybersecurity Teams
Published 04/05/2023
Originally published by Microsoft Security.
Written by Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management, Microsoft.
Women’s History Month is a special time for me as I reflect on all the great innovations women have made over the years. Women have driven technology forward throughout history. Notable women in cybersecurity like cryptologists Agnes Meyer Driscoll and Genevieve Grotjan Feinstein worked behind the scenes of wartime intelligence and were just two of the 10,000 women who paved the way for trailblazers in cybersecurity.1 Fast forward to 2000, Renee Guttmann became the first-ever director of IT security for Time Inc. and paved the way for not only women in cybersecurity but for the role of chief information security officer in the industry.2 This was after she developed firewalls and encryption products before a commercial internet existed. On International Women’s Day, March 8, 2023, I join many friends and colleagues to celebrate the accomplishments of cybersecurity pioneers like Agnes, Genevieve, and Renee and most importantly celebrate the cyber defenders that tirelessly take down threat actors every day.
Women are vital to the industry and have played—and will continue to play—a key role in advancing technology and cybersecurity. I’ve been honored to meet and learn from incredible women doing amazing work in the areas of threat intelligence, policy and privacy, security and AI, and more. Yet, as we’ve shared before, women represent a mere 25 percent of the cybersecurity workforce. In an International Women’s Day Microsoft survey, we uncovered the reasons for this to be because of stereotyping of women and gender bias, not enough female mentors and role models in cybersecurity, insufficient training and education opportunities, and uncertainty about cybersecurity career pathways.3
This is concerning, considering that women provide strong skills perfect for cybersecurity such as diverse points of view, deep analytic and risk assessment skills, along with emotional intelligence. While the industry has made enormous strides, there is still work to be done. Together, academia, the tech industry, and government agencies are working on programs and new technologies to overcome these challenges, while encouraging more girls to envision cybersecurity careers.
“Security is not just processes and policies, but there’s also the care work that comes into talking to people and understanding their issues. It helped me bring other people in our organization up to a place where you make it easier for women, specifically in security, to exist.” —Abir Ghattas, Director of Information Security, Human Rights Watch
Internal career development, community, and sponsorship for women in cybersecurity
Each of us can do our part in supporting women in cybersecurity in our own way. Building a stronger future for women in cybersecurity begins with a strong foundation at your own organization. All women within deserve the resources necessary to feel connected, thriving, and empowered to achieve more. Building a strong community internally can make this a reality. Some ideas include:
- Creating an Employee Resource Group for women within your organization that aims to create supportive allyship and an inclusive culture for women at the company.
- Offering safe forums, mentorship programs, and learning opportunities to support personal and professional development.
- Encouraging the growth of women as leaders within your organization by ensuring they have advocates and leadership team sponsors.
Fanta Orr, Intelligence Analysis Director at Microsoft, says that curiosity is one of the factors that make someone successful in the industry. “People who take initiative to solve problems and drive investigations do well. Also, if you’ve been a woman in this field for any amount of time, it means you’ve got grit and wit. On top of that, women are generally great at systems thinking, which is vital both in the policy and technical defense aspects of cybersecurity,” she says.
Partnering with external organizations and initiatives to enable and empower diversity
We care about the entire industry and the promise of the next generation. The following are a few of the organizations we support:
- Women in Cybersecurity (WiCyS) program aims to increase the number of women in cybersecurity roles by providing mentorship, networking opportunities, and access to training and resources. Established in 2012, this global community with more than 7,000 members in more than 70 countries creates opportunities for women in cybersecurity through professional development programs, conferences, student chapters, and career fairs. WiCyS gives women the confidence and support they need to continue their path in cybersecurity as Aimee Reyes, Microsoft Last Mile Cybersecurity Scholarship recipient and former WiCyS Student Chapter president, has said “For anyone who thinks that cybersecurity is a male profession, I would say you’re going to see a lot of men. It doesn’t mean you can’t make your own table, make your own seat. It doesn’t mean that you don’t belong, because you do.”
- Girl Security Partnership provides training and resources to girls and young women to help them explore careers in cybersecurity and gain the skills they need to succeed in the field. Since its inception, Girl Security’s mentorship program has served almost 1,000 mentees and aims to drive change in national security through education, mentoring, and workforce training.
- DigiGirlz gives middle and high school girls opportunities to learn about careers in technology and connect with Microsoft employees. The DigiGirlz program gives high school girls the chance to participate in hands-on computer and technology workshops and learn about careers in technology. More than 65,000 students have attended the Microsoft DigiGirlz Technology Program since its inception in 2000.
- Executive Women’s Forum: Woman-founded in 2002, the Executive Women’s Forum (EWF) is fiercely devoted to engaging, developing, and advancing all women in the information security, IT risk management, and privacy industries, through education, leadership development and the creation of trusted relationships. A powerful community and caring sisterhood, the EWF focuses on building women leaders at every stage of their career.
- Cybersecurity education global expansion: It’s also important to partner with diverse worldwide organizations to equip educators, students, and professionals to empower women and minorities in cybersecurity. Programs developed with non-governmental organizations such as CyberShikshaa in India and WOMCY in Latin America have been providing mentorship, courses, certifications, and resources to women from all backgrounds to pursue careers in cybersecurity. This enables women early in their careers to explore the possibilities just like Eva Nassery, a mentee from the CyberSchool program in France, did. “I never imagined that I could take a path, a career in cybersecurity. But I decided to change my career and when I started to look for training, I discovered that cybersecurity gives huge work opportunities. That’s when I noticed I could do it myself, too,” Eva says.
Thriving together as we nurture the next generation of cyber defenders
If we want to thrive as an industry, we must become allies and advocate for each other every chance we get. I am grateful that we have this opportunity during Women’s History Month to lift each other up and that I get to share with you some of the stories from women with whom I have had the pleasure of working over the past years. However, it doesn’t just end after March, as learning about others’ perspectives and transferring your privileges to support each other whether at work, in an interview, or a public place is the essence of being an actionable ally. Allyship is truly a journey as we support and nurture women at every stage of their career. And this means not only mentoring or coaching other women, but also becoming strong advocates when they may not have a strong voice or be at the table to share their perspective. It means being inclusive and welcoming women into your meetings, decision making, events, and recognition. We know that when we do this we will thrive and grow as a community of cyber defenders.
If you’re interested in learning more about the many opportunities and next steps in cybersecurity, please join us on March 15, 2023, for a podcast called Secure the Job: Breaking into Cybersecurity, hosted by three young cybersecurity professionals at Microsoft. They will interview executives, leaders in cybersecurity, and frontline defenders to understand more about the cybersecurity landscape, roles, pathways, and skills needed to be successful.
Also, check out our website for volunteer opportunities with some of the incredible organizations we partner with. Whether you are a student or already a cybersecurity professional, you can find educational resources and career pathways on this web page along with mentoring opportunities. Together, we can inspire and support each other to build the next generation of women cyber defenders.
1Pioneering Women in Cryptology, Lou Leto and Jen Wilcox. March 29, 2018.
210 pioneering women in information security, Deb Radcliff. March 30, 2021.
3Results based on March 2022 IWD Survey commissioned by Microsoft in partnership with WE Communications.
Related Articles:
Modernization Strategies for Identity and Access Management
Published: 11/04/2024
Dispelling the ‘Straight Line’ Myth of Zero Trust Transformation
Published: 11/04/2024
Zero Standing Privileges: The Essentials
Published: 11/01/2024
How to Get your Cyber Essentials Certification: A Process Guide
Published: 10/31/2024