A new report from the International Information Systems Security Certification Consortium (ISC)2 and the consulting firm of Frost & Sullivan, entitled Women in the Information Security Profession, suggests that the InfoSec field is suffering from a lack of diversity. Specifically while men in the industry tend to focus on technical skills above all else, women bring a variety of skills to the table, which enhance their effectiveness in a role, and create collateral benefits for their employers.
- Broad understanding of the security field
- Awareness and understanding of the latest security threats
- Security policy formulation and application
- Leadership skills
- Business management skills
- Technical knowledge
Julie Peel of (ISC)2 describes the issue as: "Security is becoming less about technology, and more about people—understanding their behavior, and protecting users as they do their work. The study shows that women tend to value skills such as communication and education—the skills that are currently in short supply.
Men currently account for 90% of InfoSec professionals.
The report recommends that companies should be aggressively recruiting women for Information Security roles. Do you agree? Why or why not? Let us know in the comments.