Why gender diversity is key for the cyber-security industry
Tech has a gender equality problem. Women are consistently absent in tech organisations, particularly in leadership positions, as well as reporting persistent pay disparity and lower funding for women-only teams. But nowhere are these obstacles as pronounced as in cyber-security, where just 25% of the global workforce are women.
It's ironic, then, that the very thing that kickstarted my 25-year career in cybersecurity was a challenge traditionally faced exclusively by women: balancing childcare with the commute. When I took my first purely cyber role at TruSecure, one of the sector’s earliest startups, it offered me the opportunity to reduce my commute by over two hours a day – sacred time for a single mother of two small children.
Yet my early years in the sector reflected many of the wider issues preventing women from accessing and excelling within the industry. A lack of role models, gender bias, and the perception of the cyber-security field as a ‘boy’s club’ keeps the sector overwhelmingly male-dominated, and I’ve experienced and seen first-hand inappropriate behaviour, tokenism, and the consistent omission of women from important conversations and progression.
While the cyber-security gender pay gap has started to make steps in the right direction, we’re still seeing significant fall-off within women’s cyber careers, stopping those in early-career roles from moving to management and executive levels. There’s a deep-rooted misconception that women opt out of the working environment in order to start a family, and that this is why early fall-off is so prevalent. But the fact is, starting a family does not simply cease your brain from working and dampen all career ambition. Women are not opting out of promotions; they’re being passed over. Female employees are 14% less likely to be promoted than their male colleagues, despite receiving higher performance ratings on average than their male employees.
This lack of diversity and gender parity negatively impacts on cyber-security organisations not just because it widens their skills gaps, but also because it vastly narrows perspectives on cyber-security, increasing the risk of business blind spots. Diverse and consistently-educated teams can provide a more nuanced and well-rounded view of what a business needs.
Only by increasing diversity of gender, race, and educational background can organisations challenge their biases and assumptions, and by reflecting on these assumptions, we can take a big step toward better representation at every level – including empowering women to embrace long-standing careers in the industry.