Another panelist urged young security pros to consider starting out as generalists before specializing

Aspiring women in infosec need role models and collective strength, industry panel hears

Dismantling the barriers to women entering and thriving in the historically male-dominated cybersecurity field requires a multi-faceted approach, attendees at an infosec roundtable have heard.

There is no “one single fix” to the problem, said Jesse Kinser, CISO of cloud communications platform Cinch, at a virtual ‘Women in Cybersecurity’ event hosted by ethical hacking platform HackerOne.

“There may be a lot of women out there that don’t even know that security is a thing, right?” she continued.

‘Collective strength’

“There are many different barriers for women in cybersecurity,” said Lyn Dohm, executive director at industry organization Women in CyberSecurity (WiCyS), who cited a “lack of mentors, inadequate professional development opportunities, stereotypical notions of the cybersecurity workforce, and so much more” as persistent issues.

DON’T FORGET TO READ Generation cyber: How diversity and ageism can impact the IT workforce

Dohm said visible role models and the “collective strength” of the community are powerful ways to overcome these hurdles.

“It’s hard to be what you cannot see,” she said. “When you have that power of community and you have those women in front of you that you aspire to be, it builds up your confidence”.

‘No clear path’

Kinser said “there’s no clear path [into cybersecurity], and as a community I think we need to do a better job of embracing that. There are so many avenues into this field.

She added: “The best way to do it is just to start, right? Go out and find an entry-level cybersecurity job, apply for it, and use that as a stepping stone.”

ddddInfosec community urged to tackle ‘longevity’ problem by instilling a ’lifelong passion for security’

Then the community should “inspire them to take that next step” – but this, Kinser said, shouldn’t involve specializing prematurely.

“I’ve had managers trying to steer me narrowly into focusing on one area,” she explained. “Luckily, I ignored that advice and explored security as a whole and found the areas I was really passionate about.”

Building expertise

Keren Elazari, cybersecurity researcher and founder of BSides TLV and Leading Cyber Ladies, urged the infosec community to tackle a “longevity” problem by helping to instill a “lifelong passion for security”.

“Let’s make sure women stay in this space, that they’re not burnt out or feel like this career loses its interest or relevance as they start families or their lives take a different turn,” she said.

YOU MAY ALSO LIKE Cybersecurity conferences 2022: A rundown of online, in person, and ‘hybrid’ events

For those wanting to support women in infosec, Annika Erikson, senior security manager at Salesforce, suggested that if their employer is “not particularly proactive” on this front, then “find other opportunities of ways that you contribute outside of your prescribed work streams or specialties – and that’s often a byproduct of building relationships within the organization”.

Doing so can “build that expertise” and “might contribute to that longevity in your career”, she added.

RELATED Decrypting diversity: One in five UK infosec professionals say they’ve experienced discrimination at work