It is no secret that women are underrepresented in cybersecurity or wider STEM (science, technology, engineering and maths) industries when you look at the disparity in the education of girls in these subjects. The trend begins at school; when a ‘Women in Technology’ study in 2017 found that girls became steadily less likely than boys to study STEM subjects as they moved through school, to university – which ultimately resulted in 15% of male graduates saying a tech career was their first choice post-university, as opposed to just 3% of female graduates.
The picture is slightly better when we focus on the cybersecurity sector within the broader technology industry. According to an (ISC)² Cybersecurity Workforce Report, women working in cybersecurity currently only account for about one quarter (24%) of the overall workforce. This is an increase of just 11% in 2017. Furthermore, the study found that ‘compared to men, higher percentages of women cybersecurity professionals are reaching positions such as chief technology officer (7% of women vs. 2% of men), vice president of IT (9% vs. 5%), IT director (18% vs. 14%) and C-level/executive (28% vs.19%).’ So, while the proportion of women in cybersecurity is growing, and once they get there, they are moving to management positions.
However, there is clearly a long way to go to achieve gender parity. And parity is particularly important in the cybersecurity industry, because it is vital that the workforce fighting cybercrime encompass the diversity of perspectives, skills and experiences. Why? Because the people the industry is pursuing – the threat actors, hackers, digital vandals and cybercriminals – also have a wide variety of backgrounds and experiences.
‘You can’t be what you can’t see’ is a well-worn phrase when it comes to considering diversity and representation in different areas – and with good reason.
We believe that its important to start early in the campaign for encouraging more women into the sector. Beginning with education. A PWC study found that a hefty 78% of students couldn’t name a single famous female working in technology, and just 16% of female students had a career in technology suggested to them (the figure was twice as high amongst male students).
We need, then, a multi-pronged strategy. We need to elevate more women within the cybersecurity industry, supporting and encouraging them to rise to leadership positions – and we need to ensure that this elevation is made visible to women earlier on in their careers, as well as those still in education.
There are a number of great initiatives for girls in education to help inspire them into a career in tech and cybersecurity including WISE Initiative and of course, Girls Who Code.
When considering women in the workplace and elevating women into leadership positions, this depends on encouraging solid female talent into the industry in the first place – since the managers and leaders of tomorrow are the graduates and juniors of today.
Cybersecurity needs to be positioned, therefore, as an attractive career for women who are studying or early on in their careers. Employers can always do more in terms of partnering with colleges and universities and running events which demystify the industry and set out the incredible variety of careers within cybersecurity.
There is also an important role for employers when it comes to nurturing and supporting those women to remain in cybersecurity throughout their careers, developing their skills and taking on ever-greater responsibility. As outlined above, women in cybersecurity actually seem to be more successful than their male colleagues at rising to managerial and leadership positions – if they remain in the industry. This means not only offering tailored training and development, but also listening to what employees are actually saying they need.
Visibility can be achieved in many different ways. Consider the recent RSA Conference in San Francisco, the world’s largest cybersecurity event with more than 40,000 attendees and 740 speakers. 46% of all keynote speakers were women, a huge improvement on just a few years ago and a fantastic means of showing to the entire industry how women can build hugely successful and influential careers in cybersecurity. On a more local level, female-only networking events and mentoring schemes have already proven hugely powerful.
On a more local level, female-only networking events and mentoring schemes have already proven hugely powerful. Which is why we are holding a Women in Cybersecurity round table event on 9th March, exploring routes into the cybersecurity industry from school onwards. Throughout the webinar, we’ll explore themes such as single-sex learning environments, industry role models, the diversity of careers within cybersecurity and events which enable and empower women in STEM. Watch on demand the conversation with our Security Senoritas here.