Focusing on diversity and inclusion in the cybersecurity space is “paramount” to protecting the United States against cyber risks, female cyber leaders said April 6 during the Women Leaders in Cybersecurity Webinar hosted by the Cybersecurity and Infrastructure Security Agency (CISA).
Alexis K. Wales, the associate director in the cybersecurity division at CISA, noted that recent data suggests only 14 percent of the cybersecurity workforce are women.
“While cybersecurity is deeply integrated with technology, it’s also about collaborative problem-solving and good risk management practices. As we at CISA know, problem solving and risk management are skills and techniques that know no gender but are strengthened by the diversity of perspective,” Wales said during the webinar. “As we collectively work to establish long-term stability and security in cyberspace, our nation’s ability to attract, retain, and promote women in the field is vital.”
As a female leader at CISA – one of the government’s most technically-oriented organizations – Wales said she feels a “very strong responsibility” to “create conditions in which a variety of people from different backgrounds can be successful.”
“A lot of that is just improving the communications, creating the conditions for comfort of leaning in, or not leaning in if that’s not your comfort zone, and making sure that we’re getting that message out to the broadest community we can as responsible national security professionals,” Wales said. “Making sure that the national competency level in this space is achievable to make sure that we can truly continue to defend this nation is absolutely critical. Making sure that we focus on inclusion and diversity as much as possible is paramount.”
Jeanette Manfra, director of security and compliance at Google Cloud and formerly Assistant Secretary for Cybersecurity and Communications at the Department of Homeland Security, said she is thankful to work at an organization that values diversity and “such a diverse set of perspective and voices working together.”
The problem Manfra sees a lot, in both the private sector and government, is that organizations often don’t have an open mind when it comes to hiring someone with a different set of experiences or skills.
“We don’t think creatively when we’re talking about pipeline. When we’re talking about our recruiting practices, we tend to stick to our networks. Now, if you have an existing diverse population, you’ll probably get sort of a diverse network but even then you have to be cautious,” Manfra said.
“Everybody is always talking about this massive gap that we have in the workforce, but yet we have an entire potential population that might have the aptitude for it, but they need the training, they need the opportunities,” she added. “That’s where I think people really need to be looking hard at what are the skills that you’re really looking for and what’s trainable versus what’s not. There’s a lot of things that are trainable and there’s a lot of people who would just be so grateful for the opportunity.”
Val Cofield, deputy assistant director at the cybersecurity division at the Federal Bureau of Investigation (FBI) said her agency is currently “all hands on deck” when it comes to cybersecurity. Cofield said the FBI is actively “looking for people who have an interest [in cybersecurity], maybe they don’t have the technical background, but they have the interest.”
For other women looking to break into the IT and cybersecurity career space, Cofield said “don’t be afraid to ask the questions, to volunteer and try something new, and to learn about a new aspect” of current technology or cybersecurity issues.
“Pretty much everything that I’ve learned has been on the job and through series of conversations with people who are just willing to sit down with me and talk about it,” added Manfra. “So, don’t be afraid of it, don’t let it intimidate you, be assertive and confident in the value that you’re bringing to the conversation.”