We hear a lot about gender parity when it comes to cybersecurity, particularly as it relates to closing the gender gap in the workforce. Although the current workforce numbers are encouraging, they still leave vast opportunity for improvement. New research from Cybersecurity Ventures predicts up to 3.5 million job openings in cybersecurity by 2021. Women, however, currently make up only 20 percent of the global cybersecurity workforce. This statistic is even more notable when compared to a recent estimate from the U.S. Department of Labor Bureau of Labor Statistics that nearly half of the U.S. labor force is composed of women.
This year’s International Women’s Day theme, “Balance for Better,” called for gender parity across all industries worldwide. Why is this so important? Because getting women to fully participate in the global economy, according to a 2017 World Economic Forum report, is essential to “the growth, competitiveness and future-readiness of economies and businesses worldwide.” The report estimates that closing the gender gap in economic participation by 25 percent between 2017 and 2025 will result in a U.S. $5.3 trillion increase in the global gross domestic product (GDP).
Mobile and internet security are a must for full economic participation
An important indicator of women’s ability to contribute to the global economy is safe and secure use of technology, particularly mobile handheld devices and wireless internet connectivity. The ubiquitous nature of the internet and mobile devices provides the paradigm by which our society works, plays, communicates and stays connected, and accessibility can empower more women to become part of the global business world. Leveraging technology to advance the world economy requires an information-managed process focused on information assurance and security. As the number of women in the global workforce continues to rise, the use of technology must prioritize security.
Smart devices are both personalized (smartphones, wearables) and embedded, as with sensors and Internet of Things (IoT) appliances. All of these connected conveniences create pervasive information systems that go where we go, record what we do, and easily connect to any wireless network in range – sometimes without people knowing it is happening. Mobile devices are capable of collecting large quantities of personal data and sending it into “the cloud,” exposing data to malicious activity with or without explicit consent between the user and the provider.
Secure human behaviors empowered by publicly available information will guide the users of smart technology in protecting confidential business data, as well as personal identity and privacy. Human behavior is repetitive and predictable; therefore, people need to be diligent in using mobile devices, downloading apps and content, and wirelessly connecting to the Internet by using prevention, deterrence, and defense (PDD), especially in the workplace.
Security and privacy are intrinsically collective behaviors. For example, one employee clicks on a malicious email and infects the entire network. Protecting personal data from nefarious activity starts with choosing behavior over technology. Users who practice personal security techniques to mitigate exposure will develop secure habits and behaviors, including:
- Using strong and unique passwords.
- Avoiding connecting removable devices to a network.
- Patching and updating software.
- Avoiding suspicious emails.
Practicing secure human behavior alleviates a false sense of security that is dependent on technology alone. For instance, instead of assuming the security your email provider applies will identify and stop suspicious content, being diligent when opening messages and clicking only on links that you know are safe is the best way to avoid falling prey. By making this behavior a habit, users will avoid one of the most common and deceptive cyber techniques: phishing. Typically, phishing emails involve an attacker purportedly from an official source who attempts to elicit personal information, such as account login credentials. For example, women are more susceptible to phishing emails than males.[i]
The explosive growth of online social networks (OSNs) and built-in webcams are also prime targets for cyber criminals. Women tend to use OSNs more than men, sharing personal data and locations for public view. Webcams are included in most mobile devices, and hackers have been successful in using these cameras to covertly watch and record individuals, groups, or institutions in an attempt to do harm. Cyber criminals use artificial intelligence and other advanced technologies to track and target users who are vulnerable on the internet. Most businesses have a bring-your-own-device (BYOD) policy, which allows those same mobile devices used for social networking, including using a webcam, to come into the workplace.
Secure use of technology starts with education
Mobile devices and the internet are tools for efficiency and connectivity. As women’s use of technology helps them further participate in the global economy, they must do so in a way that also ensures the security of business and personal data. The key to safeguarding data is open and available education on cybersecurity for all, so that users understand the vulnerabilities and threats that come with these technologies. And the key to education is cybersecurity learning tools that are dynamic, publicly available and web-based in a platform to reach everyone in a practical and accessible way. Armed with knowledge, women can improve the cyber ethics practiced by individuals and businesses across the world. Cybersecurity learning tools need to be dynamic, publicly available and web-based in a platform to reach everyone in a practical and accessible way.
Studies have shown that gender plays a role in online privacy concerns, and that women show greater concern for privacy than men.[ii] Assured identity and privacy, protected by authentication and access control systems used to verify account credentials, are critical elements in engendering trust among women using mobile technology and the internet and, hence, in their participating fully in the global economy.
In constant tension, however, is the need to balance confidence and trust among users and online entities with the need to protect the privacy rights of these users and entities. One promising new technology to address this tension is the use of flexible signatures, whereby a verification algorithm validates credentials in a systematic manner that is quantifiable and trusted. Ultimately, the level to which a person can be confident that their data, identity and privacy are protected directly correlates to their own efforts to stay informed of threats, vulnerabilities, and actions to minimize vulnerabilities based on human behavior.
According to USAID, providing online and mobile access to 600 million women could contribute $18 billion to GDP growth in 144 developing countries. Clearly, access to all information systems, technologies and connectivity is essential to women’s full economic participation in the global economy. Participation must go hand-in-hand with broader awareness of behaviors and threat vulnerabilities. Most efforts to improve cybersecurity focus primarily on incorporating new technological approaches in devices, software, and processes. However, the key element of cybersecurity involves acknowledging the importance of human behavior when designing, building and using mobile and online technologies.
[i] McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and Information Security Awareness. Computers in Human Behavior, 69, 151–156.
[ii] Anwar, M., He, W., Ash, I., Yuan, X., Li, L., & Xu, L. (2017). Gender difference and employees’ cybersecurity behaviors. Computers in Human Behavior, 69, 437–443.
PERSPECTIVE: Choose Both Security and Privacy When it Comes to Data