Attracting More Women to InfoSec CareersISACA Director Says Mentoring, Compensation Are Key
While more women today hold executive roles in information security, Jo Stewart-Rattray, international director of ISACA, says there are still far too few women in the field.
As leader of ISACA, a not-for-profit association that supports infosec professionals, Stewart-Rattray proves that women can reach new heights in cybersecurity. But they have to be encouraged, she stresses.
"Today there is still a great disparity in the number of women and the number of men in the field," Stewart-Rattray says in this interview with Information Security Media Group. "There are no doubt more opportunities. Currently, there are about 900,000 unfilled cyber jobs, and we believe that by 2017, we're going to be looking at probably closer to 2 million jobs that are unfilled. With so many unfilled jobs, you need someone to fill those jobs, and surely gender should have nothing to do with it."
But attracting more women to the field requires mentoring and inspiring an interest in technology at a young age, Stewart-Rattray argues.
"We're not capturing the hearts and minds of young women early enough," she explains. "We're seeing a year-on-year decline of enrollments in stem courses at universities or colleges, such as science, technology, engineering and mathematics; and, of course, cyber falls into that bucket as well.
"We need to be talking to young women who are still in high school, perhaps even still in grade school, telling them that it's OK to go into these kinds of careers. There is this perception that you're going to turn out to be a geek or a nerd, and that you're going to end up wearing horn-rimmed glasses and flat shoes. But the reality of it is, you don't have to be like that. You can wear heels and lipstick and still work in this field. Young women need to be shown that it's all right, and there need to be good role models for them at various stages of their professional life."
Women who have already established careers in infosec and cybersecurity have an obligation to mentor and support young women who are entering the field, Stewart-Rattray stresses.
But building a surge of career interest among women will require improvements in pay equity, she adds. Men who hold executive-level, CISO positions in infosec and cybersecurity are paid more than women, she notes. And that discrepancy has discouraged many young women from entering the cybersecurity field.
"Young women entering the technology workforce are in-step with their male counterparts until the time that they take on or aspire for that first management role," Stewart-Rattray says. "The issue then is not just about gender diversity, but also salary discrepancy."
In this interview (see audio link below photo), Stewart-Rattray also discusses:
- Work she's doing to lead ISACA's new Women in Technology Council; and
- How information security jobs have evolved over the last 25 years.
In addition to serving as international director of ISACA, Stewart-Rattray is director of information security and IT assurance at security firm BRM Holdich, which is based in Adelaide, Australia. She has more than 25 years of experience in IT, including serving as a CIO in the utilities sector and 15 years in the information security arena.