CS Nov-Dec 2020
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
gender inequality<br />
The report suggests the primary reason<br />
for the under-representation of women in<br />
the cyber security industry is down to a lack<br />
of interest in the subject from school age.<br />
When considering ways to make change,<br />
the report recommends that industry<br />
leaders - including directors, CEOs and<br />
accreditation bodies - could and should be<br />
responsible for approaching schools help<br />
educate and encourage students. Schools<br />
could also promote initiatives such as<br />
CyberFirst's online Girls Competition,<br />
which aims to inspire the next generation<br />
of young women to consider computer<br />
science as an option, with a view to<br />
a future career in cyber security.<br />
Findings by CREST also point to issues<br />
with current recruitment practices,<br />
including the way job descriptions are<br />
written, the language used and arguably<br />
even candidate requirements. Female<br />
representatives at the workshops agreed<br />
that the inclusion of training options<br />
on the job advert would encourage<br />
more female applicants, as would flexible<br />
working hours, good maternity policies<br />
and back to work support.<br />
Another key finding is the demand for<br />
an industry-wide female mentoring and<br />
coaching scheme to create a stronger,<br />
closer female community, while enabling<br />
women to grow and develop in their<br />
careers.<br />
MUCH MORE TO BE DONE<br />
"It is encouraging that as an industry we<br />
are making progress, but there is a lot<br />
more to do and improving the visibility<br />
of female role models will allow us to<br />
challenge the perception of the cyber<br />
security industry," says Ian Glover, president<br />
of CREST. "Schools hold the key and we<br />
need to help them to encourage more<br />
girls into the industry. Furthermore, the<br />
mentoring scheme would give a platform<br />
on which role models can help to coach<br />
and guide others, which in turn will help<br />
to challenge the perception of gender as<br />
it relates to the industry," adds Glover.<br />
"The actions are well-thought through,<br />
they are doable, but just need the support<br />
of industry, education and recruiters."<br />
FORTUNES TO BE MADE<br />
Interestingly, increasing the number of<br />
women working in cybersecurity could<br />
boost the UK economy by £12.6 billion<br />
according to a new report from Tessian,<br />
the human layer security company. The<br />
report also reveals that closing the 24%<br />
gender pay gap in the UK cybersecurity<br />
industry, and equalising women's salaries<br />
to men's, could add a further £4.4 billion<br />
to the UK economy, albeit such thoughts<br />
must now be tempered by the on-going<br />
ravages inflicted by the pandemic.<br />
The firm carried out a survey of 200<br />
female cybersecurity professionals in both<br />
the US and UK, and interviewed more than<br />
one dozen practitioners from some of the<br />
world's largest organisations about their<br />
personal experiences. The Tessian report<br />
highlights what it sees as the potential<br />
impact of expanding gender diversity in<br />
cybersecurity, as well as current perceptions<br />
around gender bias in the field.<br />
Key findings:<br />
82% of female cybersecurity<br />
professionals in the US believed that<br />
cybersecurity had a gender bias<br />
problem, compared with 49% of<br />
those in the UK<br />
The cybersecurity gender pay gap in<br />
the US was 17%; in the UK, 19%<br />
US respondents were three times as<br />
likely (68%) to believe that a more<br />
gender-balanced workforce would be<br />
an effective tool for recruiting more<br />
women to work in cybersecurity<br />
than UK respondents (22%)<br />
45% of US respondents said equal<br />
pay would help with recruitment,<br />
compared with just 10% of UK<br />
respondents<br />
61% of US respondents cited lack of<br />
qualified talent as a reason why 4m<br />
cybersecurity jobs would be left<br />
unfulfilled by 2021, while only 33% of<br />
UK women cited lack of qualified talent<br />
as a barrier. Once again, Covid-19 will<br />
have had its impact on all these figures.<br />
Factors discouraging women from joining<br />
the cybersecurity industry:<br />
42% of respondents (US. and UK)<br />
believed a cybersecurity skills gap<br />
existed, as the industry isn't considered<br />
'cool' or 'exciting'. This opinion was<br />
most commonly shared by millennials<br />
(46%), compared with 22% of 45-54-<br />
year-olds<br />
A lack of awareness or knowledge of<br />
the industry was the top challenge<br />
female professionals faced at the start<br />
of their career, with 43% citing this as<br />
a barrier<br />
43% of women said a lack of a clear<br />
development path was another<br />
challenge at the start of their<br />
cybersecurity career, while nearly<br />
a quarter (23%) cited a lack of role<br />
models<br />
Just 53% believed their organisations<br />
were doing enough to recruit women<br />
into security roles.<br />
GREATER VISIBILITY<br />
Sabrina Castiglione, senior executive at<br />
Tessian, comments: "For organisations to<br />
successfully recruit more women into<br />
security roles, they need to understand<br />
what's discouraging them from signing<br />
up, beyond just gender bias. We need to<br />
make women in cybersecurity more visible.<br />
We need to tell their stories and raise<br />
awareness of their roles and experiences.<br />
And, once through the door, managers<br />
need to clearly show women the<br />
opportunities available to them to progress<br />
and develop their careers."<br />
Shamla Naidoo, former CISO at IBM, has<br />
this to say: "To many people, cybersecurity<br />
www.computingsecurity.co.uk @<strong>CS</strong>MagAndAwards <strong>Nov</strong>/<strong>Dec</strong> <strong>2020</strong> computing security<br />
33