Cybersecurity has a diversity problem: Here’s why

I’ve gotten really good at listing really depressing and disheartening stats over the years. It’s not what I want to be good at, but I’ve found that it’s necessary to help people understand that the gender gap is real, especially for women in cybersecurity. Did you know that women only represent about 20% of cybersecurity professionals worldwide? That’s less than 1/4.

Sometimes the stats I rattle off startle people (usually men), and more often than not, I get a nod of understanding, followed by a tech founder telling me her story about harassment, discrimination, or oppression. For example:

  • Did you know that 32% of cybersecurity professionals of color have experienced discrimination?
  • Did you know that 44% of women founders Women Who Tech surveyed have experienced harassment in the tech sector?
  • Did you know that only 1.9% of all Venture Capital (VC) funding went to women-led startups in 2017 while 98.1% of that funding went to startups led by men?
  • Did you know that, according to Project Diane, a measly .0006% of all tech venture funding, since 2009, has gone to founders who are black women?

When I read that employment among cybersecurity professionals who identify as people of color tends to be concentrated in non-management positions, with fewer occupying leadership roles, despite being highly educated, I was reminded just how far we have to go. This isn’t a women problem. This isn’t a race problem. This is a cybersecurity problem. This is an issue that affects every single individual who uses the internet, whether they realize it or not.

As Winifred R. Poster, lecturer in international affairs at Washington University, outlined:

  • “A million more US women than men had their identities stolen in 2014.
  • People of African American and Latino descent are, on average, 2-3x more likely than white people to be victims of fraud related to debt or income.
  • And women and girls are more likely than men to be targets of ‘remote sexual abuse’ — coerced into posing nude online or being stalked through the Internet.”

The people most often affected by fraud and harassment online are women. And these women are, more often than not, not in c-suite, founder, or decision-making positions. Without marginalized people on leadership teams, problems are not being solved for the masses. If we don’t demand that founding teams and leadership positions be filled with diverse people, we are going to continue this vicious, inequitable cycle. Being proactive about hiring diverse teams is going to help our preparedness for preventing the next big cybersecurity breach.

Greater diversity in cybersecurity is critical to catering to a more diverse consumer base, which in turn, increases the bottom line. For example:

  • Venture-backed, women-led tech firms bring in 12% higher revenue than male-owned tech firms, according to research by the Kauffman Foundation.
  • Founding teams that include a woman outperform their all-male peers by 63%, according to First Round Capital.

When I look at the emerging technologies and cybersecurity industries, I want to be excited about the diverse perspectives, and I want security in knowing that the industries that are having the biggest impact on our world right now are being built by people of all backgrounds, genders, races and ethnicities, ages, and abilities. But I don’t have that security, and I’m concerned about the future. And, I’m especially concerned because inequality breeds inequality. If we aren’t ensuring that there are diverse voices and experiences in cybersecurity, we aren’t building products and systems for the masses. White cisgender men cannot build products that work for everyone, nor would we want them to.

As Poster said, “Cybercrime exacerbates inequalities.” To fight those inequalities, we need to ensure inclusion and diversity from the top down in pre-existing companies, and we need to be building it into the roots of the companies that are just being founded.