Women make up just 11 percent of information security professionals. Just increasing that number to 22 percent would solve the industry's staffing shortage problem.
Unfortunately, at most companies, the recruitment process is designed to attract the kind of people who already work there. Changing that requires conscious effort. Here are some tips that might help.
1. Build a pipeline of women entering the profession
Support educational programs aimed at girls and young women in schools and colleges in your area and around the country.
Although this may seem like a long-term approach, there is a present-time side benefit — this kind of activity helps create a woman-friendly atmosphere at a company.
Latha Maripuri, director of IBM Security Services, says this is one of the reasons why she's stayed with IBM for almost twenty years.
"They're involved in a lot of the women in technology initiatives, a lot with education," she said. "I've gone locally into schools talking to women about science and technology and doing shows to show that science can be fun that it doesn't have to be uncool, to show what the possibilities are."
2. Set up internships for young women
An internship program aimed at attracting young women to a company can help dispel some of the myths surrounding information technology careers.
It can also help women adjust their studies, if needed, to correspond to workplace requirements.
"In October, I was at the Grace Hopper conference," said Julie Talbot-Hubbard, Chief Security Officer at Symantec. "We had a recruiting table for college-age women intersted in a job or internship. A lot of them are in IT or engineers, but some are psychology or sociology majors — and I think that's going to become more prevalent in the security world."
Companies can work more closely with educational institutions in other ways, as well.
"I think we'll also see more training programs where companies work directly with colleges to help develop the channel," said Julie Peeler, foundation director of the International Information Systems Security Certification Consortium — (ISC)2.
3. Participate in women's professional organizations
A company can actively participate in both national and regional professional women's groups in order to give back to the community, create networking opportunities, showcase its own female leaders, and position itself as a woman-friendly company to work for.
GoDaddy, for example, which recently appointed the first woman to its board of directors, also just announced a partnership with the Anita Borg Institute.
"At GoDaddy, more than one third of the leadership is comprised of women, who are actively involved with a variety of nonprofit organizations," said GoDaddy's CTO Elissa Murphy. "In fact, GoDaddy CEO Blake Irving has long been involved with the Society of Women Engineers and the Grace Hopper Celebration of Women in Computing."
Sign up for CIO Asia eNewsletters.