As you know, I’ve been studying how the sisterhood works in cybersecurity for quite a few years now—that’s why I’m working to better the world by training and educating businesses in cybersecurity, specifically by focusing on gender inclusion in science through the IN Security Movement.
You see, I founded it following years of research that I ploughed into my best-selling book, IN Security, which is built on the premise of…
“a more gender balanced workforce will enable greater security, innovations and all-round happiness.”
The IN Security Movement lobbies for change so our working environments are more conducive for the integration of women in our cybersecurity workforce. The code of conduct serves as a perfect example. And, if you’re in the IN Security Tribe, you’ll know that it serves to connect, inspire and empower ALL who want to take part in the mission.
Championing women in cybersecurity, inspiring change through my thought leadership blogs, videos, keynote speeches, and interviews facilitates a deeper understanding and more useful action. Like others in the cybersecurity sisterhood, by paving the way for other women in this manner, it gives us a means to help women develop their skills, confidence and grit, so more remain in the cybersecurity workforce and achieve their career ambitions. It also gives men an opportunity to be a part of the solution, too, and a way to support women. And, by uniting both parties rather than by dividing, it brings us closer to being able to perform to a higher standard, which is necessary considering the threat landscape.
Focusing on women in cybersecurity is much-needed, because although the data shows that gender and cultural diversity can offer a 35% performance improvement, which is significant, the numbers of women in cybersecurity haven’t yet reached a tipping point, typically, 30%.
So, let's look at how we're doing.
According to reports from organisations like (ISC)², Forrester Research, and Cybersecurity Ventures, there are more women are in cybersecurity than last year—the figures range from 15% to 24% of the workforce—a rise from 11% and previous research. Note, (ISC)² did widen its survey pool and by taking a more holistic look at who was doing cybersecurity work, and included both certified cybersecurity professionals as well as IT/ICT professionals who were spending at least 25% of their time on cybersecurity tasks. Their data set was smaller too, being only 1,452.
They also found that 45% of the women surveyed were millennials, compared to 33% of men; 52% of women surveyed held a post-graduate degree, compared to 44% of the men; 7% of women were CTOs versus 2% of men; 9% of women were vice presidents of IT compared to 5% of men; 18% of women were IT directors versus 14% of men; and 28% of women were C-level executives compared to 19% of men.
- Forrester Research predicts that by this year (2019) 20% of Fortune 500 CISOs will be women.
- The 2018 McAfee Cybersecurity Talent Study states that Australia's cybersecurity workforce is 25% female.
- Out of all of the newly established cybersecurity teams in Israel in 2017, 15% had a female founder, an increase from 5% the previous year.
- At RSAC 2019—the world’s largest cybersecurity event with more than 40,000 people and 740 speakers—46% of all keynote speakers were women and women made up 32% of their overall speakers.
The data is looking good with more women entering and succeeding in cybersecurity, however, (ISC)²'s report did find pay inequalities. For example, 29% of men in the field reported annual salaries between $50,000-$90,000 compared to 17% of women. It was a smiliar case for those in higher salary bands with some 20% of men in cyber saying they earnt between $100,000-$499,999, compared to 15% of women.
I asked Karla Reffold, the International Managing Director and Founder of recruitment firm Beecher Madden, about her take on the situation, and you can find out what she said (and more, like trends and stats) in the video here.
Other studies, outside of cyber report that women make up about a quarter of the computing workforce but just 11% of leadership roles, according to a study by McKinsey and Company. And, whilst the overall global gender pay gap could be closed in exactly 100 years, according to the World Economic Forum, women will now have to wait 217-years (47-years longer than predicted) for the pay gap to close.
Here, in the UK, start-ups led by all-female founders secured just £118m of VC funding in 2018, out of a total of more than £7bn that was raised. The VC Female Founders Report showed that for every £1 of venture capital (VC) investment in the UK, all-male founder teams received 89p compared to all-female founder teams who got less than 1p.
Whilst FitT's (Females in Information Technology and Telecommunications) Gender Diversity Report quite rightly stated,
“Equity is constantly being derailed by a range of largely cultural factors. Initiatives don’t work unless organisations also address resistance to change, implications of culture, unconscious bias, societal norm.”
Now, I wrote about the importance of voice recently, but I also fervently believe that the visibility of women’s success at every level in our industry, not just at leadership, is one of the major factors in us changing the data and making progress as a whole.
"You have to see it to be it. Women can't be what they can't see."
Aside from the financial, thought-diversity, and risk mitigation gains for our industry, visible female role models do the following:
#1. Establish norms, encouragment and empowerment
Visible female role models establishes norms for women and lets others know of women's talents. They empower women and encourage them to go for it, to achieve their ambitions, to be the best they can be, and to celebrate their successes when they do. This is important as women tend not to be braggers, and by celebrating what they've achieved for themselves it helps to change gender stereotypes and unconsious bias.
#2. Provide inspiration and insight
When women see other women breaking the mold, it provides inspiration and insight for a whole new generation, who are trying to understand their roles in a rapidly changing workforce that values equality as well as performance.
#3. Provide opportunities and ensure equal pay for equal work
Performance Support bias is where top employees don’t necessarily do better because of their natural ability, rather it’s because they get more attention, receive better opportunities, or working conditions. Women are well known for working twice as hard (or more) as men and yet women in cybersecurity are still being underpaid. Whilst the pay gap is improving for women in executive positions data reports it's still widening for those in non managerial roles. Being known and promoting visible work, in the right manner, can change this.
#4. Educate the next generation
Visible female role models help to educate the next generation, and to correct the misperception that is often unconsciously instilled into girls and boys very early on—that women aren't capable of amazing achievements, particularly in tech.
So, how do we move forward?
The answer is by knowing how to use female role models more effectively, and if you're a woman, by becoming a VISIBLE one. From my research, female role models need to be used differently depending on whether they're being hired or retained. I covered this in my book, but I'll briefly summarise my discoveries:
- When targeting female teenagers, beware of using role models that portray more than one competing stereotype.
- When hiring fresh talent, it’s OK to use male role models with or without female role models, so long as you showcase shared values and beliefs, and non-technical stereotypes.
- When retaining talent, use female role models who are at each stage of a cybersecurity career, not just those at the height.
Without a shadow of a doubt, visible role models, when used effectively, make a difference and influence the roles women occupy. And, that's why it’s vital we better understand the extent to which others see women (as well as other people from diverse backgrounds) engaging in cybersecurity— both in the media and in their own lives.
It's why I work so hard to encourage more women to make themselves visible and why we, as a collective, must make it safe for them to do so. For the sad truth of the matter is this: women are subjected to more online abuse and harrassment - from both men and women - than men. So, this means not turning a blind eye to harrassment, reporting it and acting upon it.
It's ironic to think that in a time when there has never been as much technoology that enables this, women are still invisible and silenced. Women must free themselves so they can claim their rightful power alongside men. This means women need to learn how to raise their profile and voices — what I refer to as their visibility — authentically and in line with their career aspirations and have a support mechanism in place when they do. Only when we do this, and with training on how to, will more visible role models in cybersecurity be created. And, only then will we reap the advantages for our profession and society.
Take the next step...
- If you are keen to better position yourself and build your personal brand, go here to register for my online, free MASTERCLASS. This has only ever happened once a year, so don't miss it!