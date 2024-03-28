By Claire Trimble, Chief Marketing Officer at security testing company Synack.

Business leaders often frame the need for greater diversity in cybersecurity in terms of raw job numbers: There are over 570,000 open cyber positions in the U.S. alone, and more women security experts are clearly needed to close the gap.

But what’s the next step for women who have already reached a cybersecurity leadership position? How can the cyber industry ensure that their expertise reaches the highest level in the corporate world – inside the boardroom? And how can women who have never held a board position hope to secure a seat at a major company?

I had the privilege last week to sit down with an esteemed group of women cybersecurity leaders in the Bay Area to talk about board-level challenges and opportunities in our sector. This first meeting of the Firstboard.io Cyber Council – sponsored by Synack in partnership with the Firstboard.io curated collective of female tech leaders – included C-level executives from organizations like Juniper Networks, Okta and Nextdoor.

Other board-ready leaders joining the event work at tech giants Google, Juniper Networks, Palo Alto Networks, HP and Oracle. Our goal is to raise awareness of cyber issues at the board level, an urgent priority in light of escalating cyberattacks disrupting our healthcare systems and even threatening our water utilities.

At the event, we recognized that paving the way for women to secure a seat on the board is no simple task. Reaching the boardroom can be an opaque and intimidating process. But it’s clear cybersecurity still hasn’t gotten its rightful due: Why else would the Securities and Exchange Commission propose a rule that would require boards to disclose if they have any directors with cybersecurity expertise?

Though the SEC ultimately dropped that provision in its final rule on cyber risk management last year, we have entered an era of heightened scrutiny of boardroom cyber experience in publicly traded companies.

It’s baffling that boards are still overlooking qualified women in cybersecurity who could deliver urgently needed expertise. Women hold only about a quarter of U.S. board seats overall, and cybersecurity specialists are no exception. During a Synack-Nasdaq panel event last year focused on empowering women cyber leaders to enter the boardroom, Bethany Mayer, Chairman of the Board of Box, put the dilemma into perspective: “We live and breathe this, but a lot of companies don’t, and then they get attacked. They have a ransomware attack, a big breach, lose all their IP or personal information, and that’s a big wakeup call for them.”

Board buy-in brings better security

To that end, getting more qualified women cybersecurity professionals on boards aligns with U.S. Cybersecurity and Infrastructure Security Agency’s push for Secure by Design software products.

Let’s back up a moment: CISA, the top U.S. civilian cybersecurity agency, is pushing for software manufacturers to bake good security practices into their products from the very beginning. “Every technology provider must take ownership at the executive level to ensure their products are secure by design,” CISA said.

I would take that quote a step further and say the board members of every technology provider need to understand how their companies are applying secure-by-design principles.

Setting security on the right path from the start is even more essential as AI-enabled cyberthreats put even the best defenses to the test.

A key takeaway from the Cyber Council meeting was the need for engineering teams to work more closely with cybersecurity practitioners from the outset. Cyber professionals can leverage board seats to make sure frontline operators are empowered in the fight against attackers.

There is a unique window of opportunity to drive awareness of both diversity and the need for cybersecurity in boardrooms. Our collective success in addressing cybersecurity challenges – a core business risk – depends on seizing the moment and getting more women in the boardroom.

