The recent review by the UK Government on cybersecurity skills in the labor market has revealed an alarming statistic – the representation of women in the cyber workforce has dropped to a mere 17%, down from the previous year’s 22%. This underrepresentation compounds a persistent skills gap in the sector, making it crucial for us to address this issue to effectively combat the rising tide of cyber-attacks.
The ongoing struggle for women to break through in this male-dominated field can feel demoralizing. It also exacerbates the scarcity of skilled professionals in the face of increased cyber-attacks. We need to tap into a broader talent pool to keep this world connected safely.
Partnering in Education
There has been a push to get new graduates into cybersecurity undergraduate and diploma courses, but demand is still outstripping supply. The gender gap persists in education – only 12% of graduates are female at the undergraduate level, and 23% at postgraduate.
As IT and cyber security professionals, we can actively partner with schools and universities to promote these courses to women and girls. Those already in the field can collaborate with these institutions to make courses more attractive to women. We can work through questions such as how they can improve their course prospectuses, open days, and application process and adjust course syllabi to reflect the impact of women and minorities in the field.
A broader range of talent coming out of these institutions will benefit our firms in the years to come.
Supporting Career Transition
The UK Government report cites managers saying they have open positions and staff keen to retrain but no budget or time to spare from the ‘day job’ to get it done. Many individuals reflected that taking the time to go back into education and undergo new training while losing out on pay, especially with the continued cost of living crisis and increased costs of student loans, is too risky. For parents, these risks can be compounded by childcare costs and responsibilities.
Employers also say they fear they will train up their staff, losing some productivity while they do so – and then those people will leave before their company can benefit from their experience.
We should encourage our firms to develop mid-career transition programs combining intensive training and real-world job responsibilities. Safeguards can ensure candidates stay with the company for a minimum period. These approaches can break down those barriers for women looking to move into the sector, including women already at their firm.
As employers, we need to weigh leaving these posts unfilled and making ourselves vulnerable to attack against the costs of training and the risk of churn.
Transferable Skills
While technical skills like coding are vital in cybersecurity, many other skills are valuable, too. When we write our job ads and descriptions and shape our recruitment campaigns, we should persuade those who may not feel confident to take the plunge. With a considerable skills gap in the labor market, we are unlikely to find ‘unicorns’ with both hard and soft skills for every job we post.
Sectors like marketing and accounting – two industries with more women represented – place a strong emphasis on data analysis and critical thinking. If we can better emphasize the value of transferable skills like these and that technical skills can be gained from on-the-job training, then cyber can become a more diverse space.
My own experience joining the cyber industry is a great example. I started my career in tech-adjacent roles in the public sector, university publishing and educational software. I was drawn to cyber because of its mission to keep everyone connected and safe online. A colleague encouraged me to give it a try even without direct cyber experience, and I’m glad I did.
Diverse Voices
Having more diverse voices in the room is crucial to ensuring everyone is equally protected against cyber threats. Our readiness depends on the teams working behind the scenes, and without a diverse team, we will miss opportunities. With machine learning technology becoming more common, it’s also important to be aware of the potential biases in these tools.
While you might not have women in your team (yet!), you can still seek feedback from a wide range of perspectives to improve your tooling, products and services. Techniques can include eliciting user feedback, focus grouping, surveys, presenting at conferences, tracking user behavior and reviewing research and open-source intelligence. Proactively seeking out diverse voices for these activities can mitigate the impact of a gender gap in your team.
Act Now
Different perspectives are crucial in the industry’s mission to protect the public from cyber-attacks. A diverse workforce infuses fresh ideas, creative solutions and innovative approaches that might otherwise remain untapped. With so few women in the cyber workforce, there is a significant gap in this regard to protect the privacy and safety of everyone online adequately.
In an increasingly connected world, cyber is at the forefront of ensuring governments and businesses can operate securely and deliver for the public. A lot is at stake, so proactivity in boosting female representation is imperative so that teams are in the best possible position to protect us all.