Women in CyberSecurity’s Lynn Dohm discusses tackling the high exit rate of female infosec professionals
UPDATED Half of female tech professionals exit the industry by the age of just 35.
This is according to a study quoted by a leading figure at the global non-profit Women in CyberSecurity (WiCyS), which was established in 2012 to give female cybersecurity professionals the training, support, and career development opportunities needed to improve such unwelcome statistics.
“That’s a red flag,” says Lynn Dohm, executive director of WiCyS, which is backed by dozens of tech giants including Google, Microsoft, and Meta.
Dohm, a communications expert, has played her part too, supporting grant-funded programs and non-profits focused on enhancing the provision of infosec training and education for the past decade and a half.
Speaking to The Daily Swig, Dohm also discusses the community-centered ethos that has seen WiCyS amass 5,400-plus members across more than 70 countries, all while aiming to tackle the daunting barriers to plugging the cyber skills gap.
Hi Lynn. How did you get into cybersecurity in general and WiCyS in particular?
Lynn Dohm: About 14, 15 years ago I was a [communications] consultant for [a grant-funded cybersecurity education program], which was my first introduction to cybersecurity.
I was instantly hooked on cybersecurity because I saw the intensity and problem-solving of the students as they went down that rabbit hole.
I became very passionate about bridging the [workforce] gap and building pathways.
I got involved with WiCyS in 2015 in a support capacity, but my first WiCYS conference was in 2018, where I was able to grow my network with women who were doing what I was passionate about.
Then in 2019, the WiCyS founder, Dr. Ambereen Siraj, asked me if I would consider applying for the executive director position.
WiCyS has an enormous global footprint extended through its affiliates and student chapters. Can you tell us more about the organization’s membership and structure?
LD: Our membership is [comprised of] women, men, allies, and advocates because we know it takes everyone to drive the change needed in the cybersecurity workforce.
Our affiliates are communities where women can connect with members in their region or around a specialty like cloud security, trusted AI, critical infrastructure, or the military. We have 43 professional affiliates in Africa, Australia, Canada, France, India, Pakistan, the UK, and throughout the United States.
And then we have 167 student chapters uniting women interested in cybersecurity on their campuses so they can grow in their studies and ultimately in their careers.
So we engage women interested in cybersecurity, students in cybersecurity, non-traditional career changers, CISOs, BISOs, you name it – everyone has a place.
re your chapters and affiliates empowered to run themselves as they see fit to suit the needs of their members and region?
LD: Yes, every country has its own needs. And that’s why we give everyone the flexibility to define their own leadership style and tap into their own talent and connections to make the things happen in their area.
WiCyS Australia has offered additional opportunities for the indigenous community, we’re seeing our Canadian affiliates join forces, we have three professional affiliates in Africa, and our India affiliate launched mid-pandemic and grew so quickly.
How would you describe the ethos underpinning your training and initiatives?
LD: Everything we do is about bringing everyone together in a community or cohort. They can ask each other questions, they can lean in on one another, and that’s really part of the learning experience.
We have mentor-mentee programs to upskill women, preparing them for the next level of advancement no matter where they’re at in their careers, and our skill development training programs are out of this world.
We have 53 strategic partners that fund the nonprofit with year-round benefits and invest their time to level up WiCyS members.
We’re focused not only on recruitment but also on the retention and advancement of women in cybersecurity because half of the female tech professionals step out of their tech careers by the age of 35. That’s a red flag. We provide advancement opportunities to help them get higher up in their career.
Do you have any inkling why so many women leave the sector at such a young age?
LD: [Workplace] culture stems from the leadership down, and the culture of every employer is so [unique]. But traditionally speaking there’s perhaps a lack of resources, lack of job advancement opportunities, boredom, micro-aggressions, unconscious bias…
You could imagine a woman working just as hard as her male peers, but perhaps being paid a little bit less, going for advancement opportunities but perhaps not being promoted like her colleagues. That ultimately leads to dissatisfaction and boredom.
So there are many different pieces to that puzzle. We’re part of the solution of driving that change that’s needed.
How much progress has been made in recent years on that front, as well as tackling the wider cyber skills gap?
LD: We’re overcoming those challenges. When we first started, women made up 11% of the cybersecurity workforce and we had one million unfilled jobs. The needle has now moved, with women making up 24% of the cybersecurity workforce.
However, we still have 3.5 million unfilled jobs. So even though we have doubled our numbers in the workforce, the need has tripled and it’s projected to even quadruple. So it’s going to take a lot of work [to solve the problem].
WiCyS 2022, your ninth annual flagship event, recently took place in Cleveland, Ohio – how did it go?
LD: It was great. We had 1,700 attendees, including 200 recruiters. We issued over 750 scholarships and had 121 conference sponsors. Our [social media] hashtag reached 16 million in two days, so it had a big global impact.
When we open registration it reaches full capacity in typically less than a day, and there’s a waitlist close to a thousand each and every year.
However, we control the growth strategically because we are the only cybersecurity conference that ensures equal representation of students and professionals. So for every regular registrant, we issue a female cybersecurity scholarship [and the student can then attend the event].
We also have comparable representation of the industry, academia, and government [at the conference].
So the energy is just very different than other conference experiences. Not only are we a technical conference with professionals there for professional development, but we also have students bringing their energy and research projects and proposals – there’s so much going on.
Finally, are there any interesting WiCyS initiatives in the pipeline?
LD: We have our Cyber Defense Challenge [a chance for aspiring infosec pros to learn from Target’s security team and win a scholarship].
Soon we’re going to open up our Security Training Scholarship – which was made possible by Google, Bloomberg, and Meta – to more employer partners so we can scale it up.
We’re also opening up our apprenticeship program, and we recently piloted our internship program, which builds a direct pipeline from members to internship opportunities.
We just received funding from Microsoft philanthropies to build a global student chapter program, where we’re working with 24 countries to bring the WiCyS student chapters to their colleges and universities. We have all that so much more.
This article was updated on April 22 to correct an inaccuracy. This article originally stated that the average female cybersecurity professional exits the industry at the age of 30 when the correct figure is that half of the female tech professionals leave the tech industry by the age of 35.