More Women Needed In Cyber Security

Directors Report:  This Premium article is free to view temporarily. For unrestricted website access please Subscribe: £5 monthly / £50 annual.

The participation of women in tech and cyber security sectors is rising too slowly and yet cyber crime is recognised as one of the greatest threats to businesses around the world. And now, with company and government data becoming increasingly reliant on the Internet, it is critical that their computer systems are protected from malicious attacks or data breaches.

Currently more than 1 million security jobs worldwide are unfilled and of those employed as cyber security professionals, women represent only 11 percent of the workforce.  These unfilled cyber security jobs aren’t just a staffing issue - they’re a matter of national security and women can help us solve the problem quickly. 

Our current need for women in cyber security is no different from when we needed women to work in what were then considered to be stereo-typically male roles during WWII. As a result of the ongoing pandemic, the cyber security industry has continued to accelerate, and has no indication of slowing down anytime soon. 
With new and innovative methods of hacking affecting businesses of all kinds, the number of cyber attacks is also increasing. 

A report by the the British Government's Department for Digital, Culture, Media and Sport (DCMS) showed that the UK’s cyber security industry is now worth around £8.3 billion, but lacks female representatives for an industry so high in demand.

The industry predominantly remains male-dominated, and this lack of diversity, in turn, means less available talent to help keep up with the rise in mounting cyber threats. 

Women currently represent about 20% of people working in the field of cybersecurity, and the number of women in cyber security is growing; organisations must address the diversity debt to capture and retain this new labor force. Even at the very beginning of a ‘tech’ based career pathway, a woman’s success is already limited. Females make up only 28% of the workforce in science, technology, engineering and math (STEM) subjects, and are systematically tracked away from these subjects throughout their learning, and pushed towards written and creative arts, narrowing their training and potential positions to go into these fields later in life.

The (ISC)2 Cybersecurity Workforce Study 2021, based on data obtained from thousands of cyber security professionals in North America, Europe, LATAM, and APAC regions, estimates that the global cyber security workforce is approximately 4.19 million at present, up from 2.8 million in 2019 and 3.48 million in 2020. 
The average salary before taxes in the US has also increased from $83,000 in 2020 to $90,900 this year. However, the percentage of women among cyber security professionals in these regions is still approximately 25%. 

Considering the cyber security industry still needs 2.72 million more professionals urgently so that organisations can fill up crucial vacancies, the lack of women in the industry is contributing to the burgeoning cyber security gap that organisations aren’t able to address at the scale required.  (ISC)2 said that even though 700,000 professionals entered the workforce in the past year, the workforce gap reduced by just 400,000, indicating that the global demand continues to outpace supply.

Another factor that remains to be addressed is the percentage of women in leadership roles in the cyber security industry. In 2021, women made up just 17% of Fortune 500 CISO positions and there is only one female CISO in the top ten US companies. However, it cannot be said that the participation of women isn’t improving quickly. The percentage of women in Fortune 500 CISO positions was a paltry 14% last year.

STEM subjects are traditionally considered as masculine by many. All too often, teachers and parents may steer girls away from pursuing such areas, with females making up 34% of STEM graduates in 2021 but only 13% make up the overall workforce. 

Furthermore, women who have been successful in entering the industry often receive different treatment compared to males who work in technology, and can occasionally be mistaken for having a less ‘dominant’ role. From engineers to analysts, consultants and technologists, the roles are unlimited in cybersecurity. It is clear for women entering the industry that the profession is not limited to just one type of job, and requires a range of skill sets, most of which can now be done remotely – which has been heightened due to COVID-19.

However, research demonstrates that 66% of women reported that there is no path of progression for them in their career at their current tech companies, suggesting the very reason why women tend to end up in the more ‘customer facing’ roles, such as marketing, sales or customer support. How can females continue to advance once they have a foot in the door into more technical or product focused roles?

Despite girls outperforming boys in maths and science, the presumption remains that women are not equipped to take on ‘complex’ tasks and roles. 

Girls who attend an ‘all-girls’ school and see their female peers also participating in technology subjects, therefore do not have lower-esteem when pursuing that industry, and are in a learning environment free from gender stereotyping, unconscious bias and social pressure. Even if a female is successful within these areas, we continue to see a lack of women represented in senior leadership roles on boards, as CEOs and in STEM careers. We need to dispel the myths that women cannot take on ‘tech-heavy’ jobs.

Maternity leave or taking a break to raise a family is another challenge women face later on in their career. Employers might question the gap in their CV when they eventually want to return to work after taking a break from such a demanding industry to start and raise a family. 

To ensure that women gain equal footing in stereotypically male-dominated industries, there is an often-overlooked factor, men need equality too. 

Businesses need to offer the same level of paternity leave and support to men as they do women when it comes to looking after a family. This then leads to the need for flexibility within working hours for school runs, for example, as it needs to be understood that men have children too, and women are not always the number one caregiver. Having a diverse workforce allows for a balance of input, more creativity, new perspectives and fresh ideas. From different learning paths, to ways of approaching problems, and bringing in wider viewpoints, women bring an array of different skills, attributes and experience to cyber security roles. 

Working in an industry like cyber security, where everyone is impacted and everyone is a target, we need everyone to be involved in developing solutions which work to solve the problem. This is not just limited to gender, but also includes age, culture, race and religion. To truly mitigate the risk of cyber crime, we need a solution relevant to all the people impacted by the problem.

Taking Action

To begin with, whether this is from a younger age during school studies or university courses, offering varied entry pathways into the industry, or making it easier to return after a break, women must be encouraged into the field of cyber security. These hurdles into the sector have to be addressed.

Every business has a part to play when it comes to ensuring that their organisation meets the requirements of all of their employees. From remote or hybrid working, reduced hours or adequate maternity and paternity support, working hours should be more flexible to suit the needs of the employee.

  • A “return to work scheme” would greatly benefit women if companies were to implement them. This can help those who have had a break from the industry get back into work, and this doesn’t necessarily mean limiting them to roles such as customer support, sales and marketing. 
  • HR teams must also do better when it comes to job descriptions, ensuring they appeal to a wider audience, offer flexibility and that the recruitment pool is as diverse as can be. 

The UK government has started taking action by setting up a Cyber Security Skills Strategy. Businesses themselves have also started to enforce programmes to support those with gaps in their CV’s and are eager to return to their careers, such as Ziff Davis’s Restart Programme.  This programme is committed to those who have a gap in their experience and are keen to return to their careers, providing them with an employment opportunity which emphasises growth and training, helping professionals return to the workforce. When businesses step up and take matters into their own hands, it provides more available paths into the industry for everyone.

There is more of a need than ever before for more diverse teams, as cyber security threats become more varied. Becoming part of a gender-balanced cyber workforce is an efficient way to avoid unconscious bias and build a range of solutions to complex problems. 

Whilst the latest government initiatives and courses to attract diverse talent, and better the UK’s security and technology sectors is a great start, the only way to progress is more investment and emphasis on STEM as a career path. This will encourage both males and females, who are treated equally and can see themselves reflected in their senior management teams.

What the industry needs to look at is that the representation of women in computer science and in engineering is very similar to the percentage of women who graduated in these fields. 

According to Pew Research, women earned 53% of STEM college degrees in 2018, but formed just 22% of engineering graduates and 19% of computer science graduates. In contrast, 85% of the bachelor’s degrees in health-related fields were earned by women. As far as leadership roles are concerned, the 17% share of women in Fortune 500 CISO positions sounds incredible when compared to the representation of women in leadership roles in the tech industry as a whole. 

According to data collated by the Women Business Collaborative (WBC), women make up only 8.2% of Fortune 500 CEOs, 7.3% of Fortune 1000 CEOs, 5.6% of Russell 3000 CEOs, and 7.4% of CEOs at private companies with revenue over $1 billion. “While the numbers for women in leadership are moving in the right direction, with the Fortune 500 up to 8.2% from 6.6% in 2019, progress is still too slow and not reflective of the nation. Women of color hold only one percent of CEO positions across the Fortune 1000,” the report said.

  • Black and Hispanic workers remain underrepresented in the science, technology, engineering and math (STEM) workforce compared with their share of all workers, including in computing jobs, which have seen considerable growth in recent years. 
  • The representation of women varies widely across STEM occupations. Women make up a large majority of all workers in health-related jobs, but remain underrepresented in other job clusters, such as the physical sciences, computing and engineering.

The cyber security industry remains an attractive and lucrative career path, but more should be done to direct female students in the right way to pursue a job role within STEM and to support those who are returning to work.

References

Information-Age:    Cyber Security Ventures:    Toolbox:      Pew Reserach:      Microfocus:    Cisco:    

The Software Report:      UKTech:    Gartner:      Guardian:     (ISC)2:     Gov.UK:    Gov.UK:   

TechBeacon:    Sydney Morning Herald:     Ziff Davis:     University of Northunbria:  

You Might Also Read:  

Diversity In Cyber Security:

 

« SIM Swapping Attacks Caused T-Mobile Breach
Ukraine Government Hit By Massive Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Applied Engineering Solutions (aeSolutions)

Applied Engineering Solutions (aeSolutions)

aeSolutions offers performance-based process safety engineering and automation solutions. Services include industrial cybersecurity.

Sixgill

Sixgill

Sixgill is a cyber threat intelligence company that covertly and automatically analyzes Dark Web activity detecting and preventing cyber-attacks and sensitive data leaks before they occur.

Garland Technology

Garland Technology

Garland Technology specializes in network access points (TAPs) for 100% visibility allowing you to see every bit, byte, and packet flowing through your network.

Hallam-ICS

Hallam-ICS

Hallam-ICS designs MEP systems for facilities and plants, control and automation solutions, and ensures safety and regulatory compliance.

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative

Beryllium InfoSec Collaborative is an information security and cyber security company with 40-plus years of experience across industry & government.

BlockSafe Technologies

BlockSafe Technologies

BlockSafe Technologies is the only US-based company that secures the blockchain ecosystem from all angles: wallets, exchanges, and private blockchains.

GreyNoise Intelligence

GreyNoise Intelligence

GreyNoise Intelligence is a cyber security company that collects, labels, and analyzes Internet-wide scan and attack data.