Article written by Shinesa Cambric
By now, most of the world has become aware of the eye-opening statistics related to women in cyber and compliance. In 2020, it was estimated that women held just 20% of the roles in this area and that over 3.5 million cyber jobs worldwide continue to go unfilled.
To add to this, SC Magazine estimated that over $1 Trillion (yes, trillion with a T) was lost to cybercrime in 2020 alone and this number will continue to grow. Could the cost of cybercrime and the lack of women in the cyber/compliance industry be related? I think so. There is a substantial cost to businesses failing to develop a stronger pipeline for women to enter security and privacy careers.
This year for International Women’s Day, not only should we celebrate how far women have come, but for those of us who are women actively working in cyber and compliance fields as everyday superheroes for our companies.
I am challenging you to take a stand and actively lead, be visible to, and encourage other women so that they too will put on their superhero capes and join us in the cyber fight to protect our systems and our data.
In growing my career and mentoring other women interested in cyber and compliance, there are a few foundational things I have discovered I need to both share and model for them to be successful in this field and help to begin building a talent pipeline one woman at a time. Similar to teaching children their alphabets and preparing them with the foundation for the rest of their educational career, there are some basic ‘ABCs’ to be shared with other women looking to build a career in cyber and compliance.
Considering there are so few women in the cyber and compliance industry, it’s easy for other women to get discouraged about what it takes for them to find a place. As a woman currently in cyber, this is the reason I am so passionate about mentoring other women and helping them to understand the options that are available to them and sharing the lessons I’ve learned while paving a way for more women like me to join this career field. Here I’ll cover some of the basic lessons I like to teach.
To start, it’s important that women in cyber have a bias towards ACTION.
ADVOCATE consistently for themselves and other women, expect to both encounter and learn from ADVERSITY, and proactively ASK for both feedback and opportunities to grow. Next, they need to focus on the BIG picture, BRING solutions, BUILD BRIDGES to and for others, BREAK BARRIERS, and maintain a BRAG Sheet that highlights their successes along the way.
Finally, women in cyber and compliance need to mentally prepare for CHALLENGES, strongly CONSIDER what they say yes and no to.
CELEBRATE their wins, and understand that CONFLICT is not necessarily a bad thing - especially if it’s helping you to build CONFIDENCE and COURAGE.
All of these lessons not only help a woman get into the cyber industry and build a niche while she’s there, but they are also designed to help her establish a support network, and when things get difficult, these will also serve to remind her of the value she provides to the field, the struggles she has already overcome, and her ability to make a difference.
Once she’s gotten through these initial ‘ABCs’, it’s time for her to extend her hand forward and be pulled up to the next level by other women in leadership roles. She then needs to simultaneously extend a hand back to pull other women into the cyber and compliance pipeline so that the cycle continues.
And as each of us plays a role in both reaching back and reaching forward, we will be living and modeling the change that we want to see.
Shinesa Cambric (CISSP, CISA, CDPSE, CIAM), is an IT Security Architect and Manager with over 18 years of strategic expertise on the intersection of security architecture and development with governance, risk, privacy, and compliance. As a BIPOC woman, Shinesa actively works to inspire a positive shift toward greater diversity and inclusion in the cybersecurity, compliance and cloud industry through empowering and mentoring women in tech. Shinesa is an active member of several organizations, including CloudGirls, Women’s Society of CyberJutsu, Women in CyberSecurity (WiCyS), ISACA, ISC2, Information Systems Security Association (ISSA), International Association of Privacy Professionals (IAPP), Women’s Cyber Security Society, Executive Women’s Forum and the Identity Management Institute.