There’s a talent crisis in IT security. Simultaneously—and paradoxically—recent studies reveal equity and participation among women in IT is only getting worse. If the industry so desperately needs more people in the IT security talent pool, why does one half of the world’s population feel discouraged from joining that pool?
Several female security leaders who started their careers in an Israeli military intelligence unit believe their experience in defense forces have some answers to solving the gender participation gap in US IT departments. At RSA 2018, Shira Shamban of Dome9 Security, Maya Pizov of enSilo, and Lital Asher-Dotan of Cybereason hosted a highly popular panel discussion: In it, the three former intelligence officers discussed their time in Unit 8200, a prestigious intelligence branch of the Israeli military, and explained how those experiences prepared them for a cybersecurity career. The lessons they shared extend beyond the military and can apply to any organization looking to create a more equitable workplace.
Women in IT security: Statistically, things are getting worse
In the IT security field, women hold only 14 percent of jobs. They enter cybersecurity jobs with more education than their male coworkers but are less likely to hold management positions. Fifty-one percent of women in IT security have also experienced some level of workplace discrimination. When you look at IT and tech as a whole, the data is even worse—female participation in technology and computing has actually dropped since 1988. While women make up 57 percent of the US workforce, they’re leaving tech.
Let’s position all that data against the severe talent shortage in the tech field. Clearly, there’s space for women in the industry—and IT leaders need to make room for them. Israel hasn’t achieved gender parity in tech or information security, but at 24 percent representation, they’re doing better than most countries. More than half of Israel’s women in cybersecurity—and many other female security leaders around the world—started as teen recruits to the 8200.
Here’s what the 8200 can teach the industry about training women for cybersecurity success:
Lesson #1: Recruit for aptitude
Service in the Israeli Defense Forces is generally mandatory for citizens, and so, Unit 8200 begins their search for recruits among promising teenagers. Secondary, or high school, students are recruited to the 8200 based on their critical-thinking skills, rather than their computer skills—the ideal 8200 recruit doesn’t spend her weekends hacking as a hobby, which may be surprising. According to the RSA panelists, she may not even be much of a gamer or computer enthusiast. “You don’t have to be a good coder,” Asher-Dotan explained. Instead, recruiters want to see that you’re curious and not afraid to learn.
Takeaway: Look for more than coding skills
The 8200 selects members by conducting both critical-thinking and problem-solving tests, and they also test individuals to see if they can perform well in high-stress situations. Unit leaders believe programming skills can be taught, but the ability to analyze and perform well under pressure aren’t skills you can train. The business world should adopt a similar perspective: Interviews for tech positions often test for hard skills, but emphasizing the “soft” skills women statistically excel at could land you with better critical thinkers, more talented problem solvers—and more women.
Lesson #2: Women excel in a bias-free environment
There’s plenty of structure in the military, but there’s also very few secrets about ranking, authority, or pay. All new recruits to the 8200 are paid the same, regardless of gender. Rank also matters more in a military unit than someone’s age or gender when it comes to what they have to say.
“You are all starting at same level,” said Asher-Dotan. Female 8200 recruits who’d never worked a “normal” job had no issues speaking confidently or collaborating with more senior employees. However, when she and others left the 8200, they were shocked to realize just how much bias they had to fight.
“Only after I left the military did I start understanding what the problem was. The way people at work communicate and the jokes they make around the table make women feel uncomfortable,” said Shamban.
The takeaway: Make efforts to fight bias
Unfair treatment in the workplace is the single biggest cause of tech sector turnover, according to the Kapor Center for Social Impact. In total, it costs the tech industry $16 billion a year. Women, minorities, and LGBTQ employees are most likely to experience workplace bias.
Creating a workplace where everyone feels welcome is a complex goal, and it’s an organization-wide effort, without a doubt. However, IT leaders can emulate the 8200 by actively participating in efforts toward pay equity, bias-free hiring and recruitment practices, and supporting diverse collaboration practices.
Lesson #3: Mentors matter
Lital Asher-Dotan believes encouraging young women to pursue tech careers means making a commitment to take women in IT seriously. She said, “That is something that will create a huge movement.” When fielding questions from the audience at RSA 2018, the panelists encouraged women in tech to actively develop relationships with mentors to get the experience they need to further their careers as security leaders. They also encouraged security pros to mentor young women with potential.
The takeaway: Encourage women
If the panelists hadn’t been recruited by the 8200, they wouldn’t be a part of the cybersecurity talent force today. Asher-Dotan feels that’s a valuable lesson for IT leaders. “Women don’t know they can do it,” she said. However, she believes a bit of promise and commitment from leaders can solve the tech talent crisis and the gender parity problem.
Create an equitable environment
As organizations work to reimagine and evolve the workplace of the future, the 8200’s lessons could play an integral role in building a more innovative culture. Here are a few ideas how you can break down barriers in office IT:
- Commit to gender parity and strive to eliminate unconscious bias in your workplace.
- Turn to tools and services that automate and streamline workflows, like SaaS or managed print services, so you can free up the time and energy needed to improve your workplace culture.
- Implement mentoring programs to give women in your department role models.
Skills, technology, and security threats are in a constant state of flux. The coding skills you needed on your security team yesterday may be obsolete tomorrow. However, critical thinkers and fantastic team players will always have a seat at the table in IT—regardless of gender.
Searching for more stories and insights from RSA? Check out our follow-up piece on this year’s RSA event here: “RSA 2018: 5 ways to make security awareness trainings effective,” and check out the most important takeaways from last year’s conference here: “It’s a wrap! Top takeaways from the 2017 RSA security conference.”