Subscribe
About

Tackling the cyber security gender imbalance

Women are underrepresented in the global cyber security profession, even though women matter in cyber security because of the way they view and deal with risk.
Sandro Bucchianeri
By Sandro Bucchianeri, Absa group chief security officer
Johannesburg, 07 Aug 2020

There is no doubt there is a shortage of cyber security professionals around the globe, which is somewhat problematic, considering that cyber attacks are among the top 10 mostly likely risks to occur (and have far-reaching impact), according to the World Economic Forum’s 2020 Global Risks Report.

Global cyber security skills shortages have now surpassed 4.07 million, according to the (ISC)², an international association for information security leaders. What’s more, the requirement for sector experts is expected to grow daily.

Dig a little deeper into the numbers, and you’ll see that it’s not just about how many cyber security professionals we need, but also about how that industry is skewed towards males.

I’ve written before about how cyber security as a profession can help alleviate poverty, and nowhere is this more true than when it comes to female professionals being elevated out of stereotypes and into positions where they can earn a good living, while making a notable contribution to society. As my good friend Jane Frankland says in her book “Insecurity”: “Women matter in cyber security because of the way they view and deal with risk.”

According to the (ISC), cyber security professionals are more than twice as likely to be male, meaning there is an under-tapped demographic available for recruiting if companies can position the role in a way that overcomes common misconceptions. .

This startling – to me anyway – statistic is contained in its Cyber Security Workforce Study, 2019 – the latest available research on what the global cyber security sector looks like. It states that, among respondents with security-specific titles, 23% were women. The highest percentage of women cyber security professionals came from Latin America (39%) and North America (34%). And that’s based on online survey data collected in June and July 2019 from 3 237 individuals responsible for security/cyber security at work throughout North America, Europe, Latin America and Asia-Pacific.

Globally, men are four times more likely to hold cyber security C-suite and executive level positions.

Although outdated, a PwC report from 2017 investigates gender imbalances more closely. The 2017 Global Information Security Workforce Study: Women in Cyber Security demonstrated there is much to do when it comes to female representation in cyber security.

Globally, men are four times more likely to hold cyber security C-suite and executive level positions, and nine times more likely to hold managerial positions than women, it found.

Other glaring findings include:

  • Women are underrepresented in the global cyber security profession, at 11% – much lower than the representation of women in the overall global workforce.
  • 51% of women report various forms of discrimination in the cyber security workforce.
  • In 2016, women in cyber security earned less than men at every level.
  • Women who feel valued in the workplace have also benefitted from leadership development programmes in greater numbers than women who feel undervalued.

Making a difference

There are, however, ways in which we can encourage more women to join the sector: through making skills development programmes available that specifically target those who are marginalised and valuing the women we do have in our teams.

I am exceptionally fortunate to work with some amazing women in my team. That’s why I am very pleased to see that two female colleagues made the Top 50 Women in Cyber Security Africa list. This accolade recognises women in cyber security in Africa who are making significant contributions to the industry and profession across the continent.

The list is compiled in collaboration with the Women in Security & Resilience Alliance , a sub-network of the Security Partners’ Forum. Other objectives of the recognition include creating and/or shedding light on female role models; giving more attention to the women in cyber security agenda at the continental level; fostering women’s voices and influence in cyber security in Africa; boosting women’s profile for career and professional growth; and starting a culture of awards in cyber security in Africa.

The inaugural accolade attracted more than 300 submissions from over 10 African countries. The most represented countries in the nominations and finalists were South Africa, Nigeria, Kenya and Tunisia, in that order.

Ina Steyn, our head of resilience and cyber security awareness, has been an amazing mentor to many of our young women in the organisation, guiding them along the way in their passion for cyber security. This led Ina to lead the creation of our "Women in Engineering Services" programme, which looks at empowering our woman in our technology, risk and security functions. Her passion for learning as well as developing others is phenomenal, and she is definitely a leader who I am very lucky to have on my team.

Ronnel Moodley, our lead security consultant, has inspired our team through her leadership, where she influences both technical and non-technical professionals worldwide. She is driven, proactive, and her passion for cyber security is profoundly inspiring. Her secret is a gift in explaining complex topics in a clear and simplified way, and when combined with her enthusiastic approach, triggers curiosity and inspires action.

Without the support of these amazing women, and many others, my role would be much more complicated. This diversity drives problem solving and productivity.

Share