Few IT leaders would deny that having staff with a wide range of backgrounds is an advantage. But with men still dominating the field it isnโt easy, and trying to get more women into cybersecurity is even harder.
But it can be done, says Rinki Sethi, senior director of information security at Palo Alto Networks, who is in Western Canada this week meeting customers.
On Tuesday she talked to ITWorldCanada.com about the challenges of being a woman in the infosec sector and what educators and employers need to do to increase the numbers.
Unfortunately, she said, โboysโ clubsโ still exist in some organizations no matter how diverse staff are. And, she added, managers often are promoted from this group.
As she describes it, Sethi got into IT by accident. Exposed at an early age to programming through her father, a mechanical engineer who learned to program in Java, Sethi wanted to go into law. But her father said she should first get a degree in something she was good at.
While taking computer science engineering at the University of California at Davis (where she was usually the only woman in a class) she took a cryptography course and enjoyed it. After she graduated in 2004 that led to a job at the utility as an information protection staffer.
From there Sethi went to Walmart.com, which was in early stages of building its ecommerce site, then eBay, where she rose to chief of staff of security, and to Intuit where she became senior manager of information security and core security services.
At Palo Alto Networks, she is responsible for corporate and product security.
Itโs hard to find figures on the number of Canadian women in cyber security. The just released forecast of the Information and Communications Technology Council (ICTC), which conducts labor market research, women still account for only 24 per cent of the ICT workforce, a trend thatโs held steady for at least a decade.
Last month the Centre for Cyber Safety and Education and the Executive Womenโs Forum on Information Security, Risk Management & Privacy released a reportย that said in North America women represent 14 per cent of the cyber security workforce.
Part of the problem is ICT is still looked at as a career for geeks. Another is sexism.
Daina Warren, now director of client and service management at IT services company CGI, where she oversees a team delivering information technology including cyber security to customers, recalled in an interview Tuesday going into a presentation years ago and being asked to remember to bring the cream for beverages. โHe assumed I was there to bring the coffee.โ She was there to lead the presentation.
Then there was a colleague who said, โCould you come and talk to security to this client. It would be great because youโre a woman, and they only ever talk to men. They might listen more because youโre a woman.โ
That could be interpreted as a backhanded compliment โฆ
Industry groups here have a number of efforts designed to increase the participation of women in technology generally, and cyber security specifically. They include the Information Technology Association of Canadaโs (ITAC) WConnecting Women Leaders in Technology program.
At the education level last year the ICTC launched the CyberTitan program, a Canadian version of the U.S. CyberPatriot effort to encourage high school students to consider careers in technology including cyber security. Sandra Saric, vice-president of talent innovation at the ICTC, said her group wants to increase the number of all-girl Canadian teams entering the annual North American skills competition, to be held next year in Ottawa.
If Canadian enterprises and governments are serious about encouraging women on staff to go into cyber security then sponsorship and mentor programs are โtablestakesโ to break down traditional barriers women feel are in their way, says Sylvia Kingsmill, partner and director of strategic initiatives for financial advisory (chief of staff) at Deloitte Canada.
Kingsmill, who recently headed the consulting firmโs national privacy and data protection practice, said efforts at Deloitte include a #GoSponsorHer program, to create opportunities for women.
โWe challenge the traditional gender stereotype thinking about women canโt do something in cyber security because itโs IT or male dominated.โ
Daina Warren shrugged off the colleague who asked her to present to a group because sheโs a woman, taking the attitude that, yes, she is different, and may be more relatable than a man. โBe confident, be confident in that diversityโฆ. But I bring something different to the table, so embrace that.โ
As for the guy who asked her to bring cream to meetings, โI didnโt make a spectacle, but I did kind of lean in and say โIโll make sure they know that at reception. And by the way, my nameโs Daina and I look forward to presenting today.โโ
Rinki Sethi said itโs important managers recognize if there is a boyโs club in their organization, making sure they arenโt part of it and when considering promotions look at staff widely. โAnd then making sure youโre creating an environment โ and Iโve seen the best leaders do this โ where they donโt allow for it,โ she added.
Itโs also important leaders advise outsiders to such groups โ who may not just be women โ how to navigate how to navigate around them and not accept it, she said.