Microsoft and New America recently partnered to host an event on women and the cybersecurity field. The event, “Women in Cybersecurity: Opportunities and Experiences,” was held at the Microsoft Innovation and Policy Center in Washington, D.C., and began with remarks by Fred Humphries, Microsoft’s vice president of U.S. government affairs. Humphries emphasized the importance of women to the cybersecurity workforce and the need to help more women become passionate about careers in cyber, noting that events like this one – which provide opportunities to hear from successful women already working in the field – are great ways to introduce women to the industry.
Following the opening remarks, Angela McKay – Microsoft’s director of cybersecurity policy, global security strategy and diplomacy – led an exercise in which attendees were presented with a fictional scenario and given time to discuss it in groups and come up with recommendations. In the scenario, a major security flaw was discovered in a health management software program, which stored personal patient data and was downloaded by customers around the world. A top security engineer had identified a patch to fix the bug, but the company leadership needed to decide how to handle the situation and whether and/or how to report the incident and next steps to customers in a way that protected the company’s reputation and kept public outcry to a minimum. Attendees offered many recommendations, including requiring customers to download the patched version of the software in order to continue using it, having customer service and public relations staff available to answer questions and assist customers, and providing ongoing cybersecurity training and education to all employees in order to create a culture of cybersecurity and prevent and/or prepare for any incidents in the future.
The event concluded with a panel discussion and question-and-answer session moderated by McKay and featuring four other women in cybersecurity – Brooke Hunter, chief of staff and director of strategic initiatives at New America’s Open Technology Institute; Dena Graziano, director of federal government affairs at Symantec Corporation; Emily Schneider, cybersecurity consultant at Deloitte & Touche LLP and Valecia Maclin, director of cybersecurity and special missions at Raytheon Company. The panelists discussed a number of topics ranging from how they got into the cybersecurity field (Macklin and McKay started as engineers and transitioned into the cybersecurity space, whereas Graziano’s work on Capitol Hill led her to work on civil liberty, privacy and security policy issues and Schneider studied literature before going to law school and now supports federal clients in the identity management space) to their day-to-day job responsibilities and challenges.
The panelists agreed on the importance of being able to work on a team, work across boundaries and groups and think outside the box when pursuing a career in cybersecurity. Additionally, they discussed barriers women face when choosing cyber careers, including imposter syndrome (chronic feelings of inadequacy and self-doubt that persist even when unjustified), which Hunter pointed out is experienced more by women than men. Hunter and Maclin urged women interested in cybersecurity positions but intimidated by long lists of qualifications to go ahead and try for the jobs, and Schneider recommended working with existing networks and contacts to identify opportunities when looking to switch career fields. Maclin also emphasized the importance of a willingness to “step outside of the box, roll up your sleeves and contribute to the mission of the group.” McKay pointed out that cybersecurity is constantly changing, so everyone – even people with educational backgrounds in cyber – will need to learn new skills on the job as technology advances.
The panelists discussed some of the main challenges they face in their careers and how to overcome them. Graziano emphasized the importance of learning to speak with authority when dealing with complex cybersecurity issues, and Schneider highlighted how being comfortable asking questions and working together as a team can help those with less technical backgrounds to thrive in cybersecurity roles. Maclin, Hunter and McKay all discussed the importance of balance and prioritizing different career and personal goals.
One of the greatest challenges our nation’s cybersecurity faces is that we do not have enough professionals working to promote a safer, more secure and more trusted Internet. A 2015 Raytheon/NCSA survey of young adults ages 18 to 26 revealed that education about cybersecurity careers falls short, with 67 percent of men and 77 percent of women in the United States saying they had never received information about careers in cyber and 61 percent of respondents reporting lack of knowledge about the typical responsibilities of a cyber career. Additionally, the gap between men and women considering cyber careers increased fivefold between 2014 and 2015, with 25 percent of women globally saying they were uninterested in this type of work compared with 17 percent of men. For more information about the types of careers you can have in cybersecurity, check out our Cyber Career Paths Infographic, and to learn more about the survey, see the Securing Our Future: Closing the Cyber Talent Gap Infographic.
Promoting a safer Internet is a shared responsibility, and better education about cybersecurity careers is one way that parents, teachers and schools – along with public- and private-sector organizations – can help encourage women to learn about and grow interest in this field. For ways you can teach others online safety in schools, at home and in the community, visit our Teach Online Safety pages.