The cyber workforce is one of the most challenging cybersecurity issues, and one of the key topics the Cyberspace Solarium Commission addressed in its final report on developing a new strategy to defend the United States in cyberspace. In its March 2020 report, the commission makes clear that its recommendations rest on the people that will inevitably work to implement them. While demand for cyber talent will grow in the coming years from the current level of more than half a million unfilled jobs, the U.S. government and private industry must, as a matter of national and economic security, eliminate the systemic barriers that prevent employers from tapping into women as a source of potential cybersecurity talent.
The math is simple and points to a clear solution: We must recruit more women into cybersecurity. America needs women in the workforce, especially during times of heightened national security challenges. During World War II, Rosie the Riveter was crucial to the war effort, maintaining continuity of manufacturing as men deployed to war. The government undertook immense efforts to get women into the workforce.
The current dearth of cyber talent at a time when the number of cyberattacks continues to increase on a day-to-day basis should encourage the government to embark on a similarly ambitious agenda of enticing women into the cybersecurity workforce to fill these vacancies and strengthen our defenses when and where we need it most.
We are currently letting a trillion-dollar economic engine sit idle. “If women participated in the U.S. workforce at the same rate as men, it would add $4.3 trillion to the American economy by 2025.” Cybersecurity is already a discipline limited by national security imperatives, so hiring more women expands the pipeline and increases the percentages of U.S. citizens contributing to this ecosystem. This huge, untapped population mixed with a dearth of cyber talent leads to a logical solution for boosting the economy and protecting America in cyberspace.
While women were among the first programmers, invented the science of cryptography and worked as “code girls” as early as 1941, the cybersecurity field in 2020 consists of only 24 percent women. In addition to being underrepresented in the workforce, women are also hired and promoted at rates lower than men. According to Priscilla Moriuchi, director of strategic threat development at Recorded Future, “the wider variety of people and experience we have defending our networks, the better our chances of success,” and systemic barriers are preventing women from participating fully in the cybersecurity field.
To resolve this imbalance, the United States must reinvent Rosie the Riveter for a new age: a “Claire the Coder” program, inspiring women to serve in the nation’s cyber ranks. Such a program will create the same “can do” spirit Rosie the Riveter inspired in the generation of women in World War II.
If this program is to be a success, the United States must create affordable solutions to provide child care to enable more women to join the workforce — the No. 1 concern of families in double-income households. A major success factor during the push in WWII was the federal program for child care, equally important now as we strive to strengthen participation in the workforce and invigorate our economy. As the pandemic makes glaringly obvious, there can be no functional economy and full workforce participation without adequate child care.
With proper, targeted investments, the U.S. government can incentivize women into the national cybersecurity workforce and infuse the industry with their diverse viewpoints and skills. We can capitalize on the talent emerging from U.S. educational systems, of which women make up 60 percent of graduates. The U.S. government and private industry can invest in programs that promote cybersecurity and computer skills in women and girls. Public and private sectors can reduce stereotypes of women in the workforce (and inspire women to serve) by exposing them to highly successful female cybersecurity leadership — such as the women who served on our commission, Ms. Suzanne Spaulding and Dr. Samantha Ravich.
Leveraging women’s perspectives and bringing balance to the cybersecurity workforce is not only the right thing to do — it’s the smart thing to do. Let the commission’s report encourage the United States to embark on what is necessary — a Rosie the Riveter for cyber programs — and make a significant investment in cybersecurity by bringing women into the workforce. The time to act is now.
Tatyana Bolton is the policy director for the U.S. Cyberspace Solarium Commission. Tatyana is detailed from the Cybersecurity and Infrastructure Security Agency, where she serves as the cyber policy lead in the Office of Strategy, Policy, and Plans. Frank Cilluffo is the director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security.