Meet the Women In AppSec – an OWASP-led directive committed to nurturing female talent

It’s an industry that continues to grow and thrive, that is modern and progressive, and is quickly becoming essential to everyday life.

But why are there still so few women employed in security?

It is estimated that women currently make up between 8 and 10% of the cybersecurity workforce, and according to a recent study, are on average paid 8% less than their male counterparts.

University students are reportedly becoming disenfranchised from pursuing a career in infosec, and despite record numbers of women holding masters and doctorate degrees, females fill just 21% of high-level security jobs.

This is all while 300,000 industry job roles lie vacant – a number which is projected to reach two million by 2019.

But how can we tackle the problem?

Jessica Robinson, CEO of cybersecurity company Purepoint International, has one suggestion.

“It’s about creating a network, and creating a community. It’s having a strong network and also having the right people in in, it’s about being able to learn and grow your skill set, and it’s about developing relationships,” she told The Daily Swig.

Robinson is a coordinator of the Women In AppSec Committee (WIA), formed by OWASP members in 2016.

She said: “It’s really about helping to not only accelerate the women already in security, but also to help create a pipeline for young women who are in college now.”

WIA provides training opportunities, mentorships, and financial support through scholarships and grants.

Formed almost two years ago, the committee now boasts members across the world and has chapters in Asia, North America, and Europe.

Robinson and other officers, Vandana Verma, Katherine Canceldo, Geeta Handa, and Loredana Mancini, also promote the group at conferences such as this year’s AppSec EU, where a women’s networking lunch was held.

It’s these events, and monthly meetups, that the group hopes will encourage more women to become involved.

Challenges in the workplace

WIA committee chair Zoe Braiterman told The Daily Swig that she struggled in her earlier career due to a lack of female representation.

She said: “As an independent consultant, networking and presenting is an important part of building my career.

“[But] as woman and an introvert, struggling to both build my skills and to represent myself slowed me down at the start of my career due to systematically ingrained stigma and shyness.”

Robinson, who studied computer science at university, said became discouraged in the past by the lack of women and diversity within the industry.

“There was no one that looked like me – there were no women, there were no people of color, there was no one who represented me,” she said.

“For any woman who has been discouraged, I think it’s important to create these unique platforms for continued learning.”

It’s this continued learning which provides one of the pillars for the WIA’s mission.

Braiterman explained: “WIA combines OWASP’s renowned open-source application security tools and knowledge exchange with an extra layer of mentorship, based on the continued exchange of experiences among women and minorities.

“[We need to] introduce women to communities of diverse industry contributors – OWASP, of course, being a great representative example, [and we need] to direct them to samples of various opportunities within the broad category of information security.

“[We should] continue to engage them and learn from their valuable feedback.”

Helping the cause

But women’s voices alone are not enough to do the job.

As Robinson points out, in order for females to thrive in a male-dominated sector, gaining support from men is crucial.

She said: “The main question we receive from men is how can we help, and how can we get involved?

“They need to know there’s a place for them, we need to be inclusive about this.

“The vision in general is to engage more women in security, and also to engage our male allies.

“OWASP has a huge membership and there are men that are really passionate about security and are working with women, so having them engaged in this effort is really important.”

To find out more about WIA’s vision, click here.

RELATED: Women in cybersecurity – mind the gender gap