To address the lack of women in cyber security, a new book is out dealing with that in InSecurity: Why a Failure to Attract and Retain Women in Cybersecurity is Making Us All Less Safe (Rethink Press 978-1781332696) by Jane Frankland. In this interesting book, she brings to light detail about the lack of women in the information security field, and the importance the future of information requires to have them as part of a diverse workforce.
While women may be roughly half of the population, Frankland provides the figure that they make up but about 10 percent of the information security workforce. Think Different was an advertising slogan for Apple. Frankland takes it to mean that since women think and view information risk differently from men; their lack of representation in the information security field makes things more insecure. She makes this case by framing the conversation to state that women are generally much more risk averse than men. All the while much more attuned to embracing organizational controls than men.
People, processes and technology are often referred to as the three pillars of information security. The people aspect, as Frankland writes, is actually a multi-faceted issue. It’s not just that people make mistakes (both accidently and maliciously) that can obviate security hardware and software protections; when people are not given opportunities to fulfill their career potentials, the resiliency and defensibility of information security is not maximized and the industry as a whole suffers.
The author is a cybersecurity entrepreneur, and the book is part autobiography, sociological study, and potential solutions to the problem. To that, addressing gender inequality in information security is a serious issue. Frankland is bringing the topic to the forefront in hope that sociologists and statisticians will advance studies in this area to bring a fully scientific approach to the topic.
Frankland quotes research to show the importance of diversity. She writes that gender-diverse organizations are more productive and innovative. At the political level, she writes that when women are politically and economically empowered, it creates an overall stability to society.
As to information security and risk, Frankland writes that since women are generally more risk averse and compliance focused, that will improve the overall level of security. In the event of an incident or breach, she notes that their ability to remain calm can assist in incident remediation.
Frankland makes a compelling case for diversity and inclusion in the information security space. Her story is both discouraging from the adversity she’s had to face and inspiring from what she has achieved. If the information security industry is serious about attracting and retaining more women in the workforce (with countless open job requisitions), it’s well advised to take the advice detailed in this book to heart.