The Unicorn Extinction Series: An Introspective Analysis of Women in Cybersecurity, Part 1

Posted on by MacKenzie Brown

More than a “Diversity” Problem

RSA Conference 2017, San Francisco; I paced from vendor booth to vendor booth mentally notating specific technical marketing differentiation among each presented Cybersecurity solution (both startup and established). Yet as I took in this setting, subconsciously, there was one thing I couldn’t help but observe. Where were all the women? There was an observable number of competent sales force who were female, but it appeared to be lacking technical roles filled with women like me, pursuing additional research and information exploration. 

Upon initial arrival to the RSAC, my scheduled and most anticipated stop, the Securing Diversity: Women in Cybersecurity session, was next on the agenda. I rushed to attend in hopes of absorbing some significant first hand inspiration, yet I was still surprised to find that the seats were only staggered with occupancy. The women and some men who were in attendance were like me; leaning forward in their seats, feverishly taking notes, and waiting to ask prepared questions once the speakers had concluded their presentations. 

Last on the Securing Diversity agenda: Valerie Plame, former covert CIA Operations Officer and author presented, “Women in Intelligence,” her account of being not only a woman in a very male-dominated industry, but also providing specific instances of what she, as a female, was able to uniquely bring to covert-operations that her fellow male colleagues could not provide. 

Plame noted that only 4.2% of Fortune 500 firms are headed by women (also observing that number was at an all-time high). She further noted a 2011 Harvard Business School study which concluded that by adding one woman to an all-male team found the total collective IQ rise significantly.  “It kind of sounds like a setup to a joke, but it’s not.” she reassures. The study showed it was not the absolute score of IQs, but rather the fact that having more women on the team, makes everyone smarter. 

Plame goes on to describe how over the years she observed first-hand what adding one woman to a collective group could accomplish. “Put simply,” she said, “the group dynamics improve remarkably, competition gives weight to cooperation, and a set of individuals, each vying for attention and dominance, become a much more collaborative team. And it’s the trust. The trust that powers better performance of the group.” Plame describes how this distinguishing factor of “trust” plays both a role in team dynamics and inspiration of companies, who can expect to see improvement in operational efficiency overall. 

While Plame focused on statistics reflecting women in all facets of an organization, the theme of her exposition demonstrated that the mere participation of women provided a quantifiable positive effect.  Valerie Plame’s presentation was a watershed moment as I considered my own career and gender roles, but mostly it added fuel to my inquiry of how this organizational upset mirrors upon the gender gap within the Cybersecurity industry. 

Why is this even a thing? Because it is still a thing.  

The Unicorn Law

During hours of research and writing, I kept coming across a peculiar yet comically exact tokenism deemed, The Unicorn Law. I had heard this in my industry before, attributed to me, “unicorn,” which is described (even in the cybersecurity industry) as: a woman-in-tech, eventually noticed for their rarity and the assemblage toward other females within the industry. In technology and cybersecurity, this is a leading observation many come across based upon the current metrics. When applied to the predicted demand of employment openings for years to come, we can see an enormous opportunity for women. 

  • Overall, [only] 25% of women hold occupations in technology alone.(2)
  • Women’s Society of Cyberjutsu (WSC), a nonprofit for empowering women in cybersecurity, states that females make up 11% of the cybersecurity workforce while (ISC)2, a non-profit specializing in education and certification, reports a whopping estimation of 10%.(1)
  • Lastly, put those current numbers against the 1 million employment opportunities predicted for 2017, with a global demand of up to 6 million by 2019.(3) 

Needless to say, the cybersecurity industry, a market predicted to have global expenditure exceeding $1 trillion between now and 2021(4), will have plenty of demand for not only information security professionals. How can we proceed to find solutions and a fixed approach towards resolving this gender gap and optimizing this employment fluctuation? Well, we promote unicorn extinction. 

The problem of a lack of technically developed and specifically qualified women in Cybersecurity is not unique to this industry alone; however the proliferation of women in tangential roles associated with our industry shows that there is a barrier to entry, whatever that barrier may be.  In the next part of this series we will examine the ideas and conclusions of senior leadership and technical women in the industry in order to gain a woman’s point of view.







MacKenzie Brown

Associate Research Principal, Optiv

Blogs posted to the website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.

Share With Your Community

Related Blogs