Increasing Women’s Career Opportunities
When I attained the Certified Information Security Manager (CISM) designation from the Information Systems Audit and Control Association (ISACA), I received friendly ribbing from colleagues, who started calling me the “Computer Crime Fighter” and “Cyber Xena.” While I understand their humor, it is extremely important for professionals in all industries and at all levels to pursue advanced certifications. Women in particular often need to be more qualified and have a greater depth of expertise in their specific area to level the playing field in a business that is still male-dominated.
Despite great strides in recent years, there are still low numbers of women in senior IT roles and indeed in all senior business positions. According to Catalyst, a nonprofit research and advisory organization, women comprise only 1.2 percent of Fortune 500 CEOs, and although women occupy half (50.5 percent) of managerial and professional specialty positions in the United States, they hold only 15.7 percent of corporate officer positions in the Fortune 500.
It is unfortunate that there are not more women executives and business owners: Studies have shown that women tend to be forward-thinking when it comes to IT and security. According to the Center for Women’s Business Research, women owners of firms with $1 million or more in revenues are more likely than their male counterparts to embrace technology as integral to their business strategy. Women also are more likely to have a Web site with transaction capability.
Aside from some notable exceptions, women have traditionally not been visible in the IT world. This is slowly changing, and by gaining appropriate certification, women can establish their credibility and increase their leadership opportunities.
The world is changing quickly, and organizations need to know that they are hiring and promoting people with the most meaningful credentials for their specific responsibilities. Geographic distribution is more common in the business world, but the resulting networked systems add extra layers of risk. As a result, executives need to make sure that the person in charge of information security can effectively meet the demands of the business and mitigate security threats. Plus, many potential clients request information about accreditations as a prerequisite before undertaking serious discussions about consultancy projects. It is especially helpful for a woman to hold one or more high-level certifications to assert her authority and capabilities right from the start.
While it is traditional for education to be undertaken during a professional’s early years, accreditations, qualifications and certifications should be career-long accomplishments. Education and skills-building should be part of an ongoing career plan, rather than one-time events. For example, many professionals who hold the Certified Information Systems Security Professional (CISSP) have found it a natural progression to attain other security certifications as they move into the management ranks.
In addition, most highly regarded certification programs demand continual education and training as a core requirement for retaining the designation. This ongoing effort pays off, because it helps women establish themselves professionally as having up-to-date knowledge and skills in a traditionally male-dominated technical area, as well as a commitment to an established code of ethics.
“Information security can be compared to the medical profession. We want every medical practitioner to have the fundamentals, but we don’t expect our family doctor to perform a heart transplant, nor a neurosurgeon to treat a case of athlete’s foot,” said Leslie Macartney, chair of the CISM Certification Board for ISACA. “Security can be just as complex. Certifications tell a great deal about the person and the areas in which they are expert. Women in particular can benefit from this, as it shows they have an expertise in a specific area, particularly one that has historically been associated with male employees.”
Women should be encouraged from an early stage to pursue schooling and careers in IT. Organizations are increasingly implementing IT governance activities, especially in light of increased privacy, security and control legislation around the world, and the need for qualified professionals will continue to grow swiftly. IT security and governance programs are reaching the board-of-directors level. Holding a recognized, internationally respected designation will help position more women to lead these efforts.
Jo Stewart-Rattray, CISA, CISM, is director of Information Security for Vectra Corp., and is vice president of the South Australian Chapter of the Information Systems Audit and Control Association (ISACA). She can be reached at firstname.lastname@example.org.