Boosting gender diversity in cybersecurity

Over the past century, women have fought social, political and economic battles to receive the same rights as men. The First World War in 1914 initially triggered a dramatic change in both the professional and domestic status of women, as female workers proved they were more than capable at carrying out typically ‘male’ engineering and manufacturing jobs.

The twentieth century saw huge progress in gender equality as increasing numbers of women embarked upon professional career paths. Certainly, in some sectors such as education, medicine and law, women are increasingly prominent in the general workforce and leadership roles, but other industries appear to be a long way off from achieving full equity.

Unfortunately, cybersecurity is one such industry with much progress to be made in terms of diversity and gender parity. While cybersecurity is one of the most fast-paced, rapidly evolving modern industries, this evolution does not appear to apply to the number of women involved in the field. Back in 2013, research firm Frost and Sullivan produced data showing that women made up just 11% of the global cybersecurity workforce. Seven years on in 2020, and according to Cybersecurity Ventures, the figure now stands at 20%. Although this is a slight increase, uptake has been slow compared to the industry’s own rapid internal advancement.

The global reliance on working from home and remote schooling during the COVID-19 pandemic underlines the importance of anticipating and responding to potential cybersecurity threats, as work and education infrastructures continue to operate on a mostly digital level. While the uncertainty of the pandemic dominates our work and education set-ups with the potential of further lockdowns or even a second wave, the need to defend these infrastructures from any cyber threats is paramount.

And yet, in the U.K. alone, over two million more engineers (including those in the cybersecurity industry) are needed by 2025 to meet demand and support the country’s economic growth and expansion. A 2020 report conducted by the Department for Digital, Culture, Media & Sport into cybersecurity skills in the U.K. labor market revealed that over half (51%) of cybersecurity companies have struggled to fill generalist cyber roles. It is clear that the engineering and technology sectors are continuing to overlook the potential of underrepresented groups like women or BAME communities – who may hold the key to unlocking innovation in both engineering and cybersecurity.

It is crucial to recognize that this lack of diversity in cybersecurity does not stem from an intrinsic lack of opportunities or capabilities on women’s part, but rather a systemic perception of cybersecurity as a ‘male-dominated’ field. After all, from Ada Lovelace, the world’s first computer programmer, to Margaret Hamilton, who was instrumental in NASA’s moon landing, cybersecurity history is packed with women who have overseen giant leaps in technological advances. Stereotypes surrounding Silicon Valley in popular culture and the media may fuel these perceptions, in addition to societal norms and expectations.

In order to effectively tackle the issue head-on, it is vital to raise awareness and invest in the ongoing drive for equality. Robust education to make cybersecurity – and generally, roles in STEM – more accessible to women is key in breaking down barriers and dispelling misconceptions around the sector. Delivering events, work experience and careers talks in both schools and universities allows students a real insight into the day-to-day life of an engineering professional and making the industry accessible for all.

Education is of course an essential part in boosting gender diversity in cybersecurity, but companies must consider their own gender split before lecturing on the importance of equality! For example, cybersecurity experts at Surevine - which builds secure and scalable collaboration solutions for the most security conscious organizations including the U.K. Government – has pioneered females in the cybersecurity industry with their first employee and first executive director both being female.

Improve gender, socio-economic and race equality has been the driving force behind The Smallpeice Trust since we started out more than 50 years ago. Established by brilliant British engineer Dr. Cosby Smallpeice, who ploughed £1.6m of his personal fortune into setting up The Smallpeice Trust, we work with partner organizations, such as Surevine, to give young people, especially girls, these role models and experiences to fuel their passion for the STEM subjects; thankfully we are starting to see things change. Registrations for our wide range of engineering, STEM and cybersecurity residential training sessions and seminars (currently provided online) are now achieving a 50:50 balance between girls and boys.

Through The Trust, there is a wide range of scholarship programs available to school pupils interested in pursuing a career in STEM, where some of the country’s brightest young people can pursue their dreams of changing the world through engineering and gain hands-on career experience. Programs like these also often provide targeted mentoring support and are a great boost to supplement university applications. We as an industry must continue to support programs that can act as a lifeline for children from underrepresented backgrounds and disadvantaged communities.

Increasing numbers of large corporations around the world are recognizing the importance of dismantling harmful gender stereotypes and roles. Industry collaboration is a key part of this process, and The Smallpeice Trust is proud to collaborate with numerous partner organizations including cybersecurity developer Surevine, Siemens, Jaguar Land Rover, Shell and the RAF. Continuing to establish positive relationships between organizations across the sector will benefit both young people setting out on new career paths – as well as the STEM industry itself.

Our partners are not only offering invaluable support to the work we do but they also fuel the pipeline of new talent for their industry and potentially their organization. Our Arkwright Engineering Scholarship students, in particular, tend to be those who are proving to be high achieving future employees of our partner organizations.

Education, engagement and collaboration are all important parts of opening up the world of cybersecurity to individuals who may have ruled it out as a career path, including women and those from underrepresented backgrounds. Research shows that more diverse teams tend to perform better compared to homogenous teams. Cybersecurity can tackle both its skills shortage and gender diversity problem through the recruitment and inclusion of more women in the space, to simultaneously plug gaps and create higher performing organizations.

If COVID-19 has taught us anything, it is to swiftly adapt existing systems to fit new ways of life – and I have faith that the talented people working across the STEM sectors and in cybersecurity will be able to rise to the challenge of making the field a more inclusive place for all.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.