Boosting gender diversity in the cyber industry

Cyber security as a sector has not been known for being balanced in terms of gender and diversity, and women have historically been underrepresented. There is no one single reason for this imbalance, and so there is no single solution to the problem either. We must understand the gender gap is caused by a complex and multifaceted set of practices, from unconscious biases in recruitment practices, a lack of female role models, to the industry being perceived as predominantly male. 

With the occasion of International Women’s Day, we asked female leaders in cybersecurity about their perspectives on the topic of the cybersecurity gender gap, and their suggestions for improvement. 

Sam King

Big strides towards diversity

Although female employee numbers are far from where they could be, there has been a notable improvement. “The cybersecurity industry has made progress over the last decade with 10% of the workforce being female in 2013 to 25% in 2022”, says Sam King, CEO of Veracode. “Things are moving in the right direction with more work yet to be done, especially around providing advancement opportunities to women so we see a greater percentage in the c-suite.”

Progress is good, but we aren’t done yet

Kara Sprague

Kara Sprague, Executive Vice President and Chief Product Officer at F5, spoke about having, “experienced several occasions in which my voice was not heard, or ideas acknowledged as mine,” despite having worked in cybersecurity for over 25 years.

This example shows women are presented with a range of obstacles, not only when they are trying to enter the cybersecurity industry, but also when they are already part of it. Sprague comments, “International Women’s Day serves as a reminder that we need a wider variety of voices and perspectives across all organisations. To achieve that, we need more women and people of underrepresented gender identities to rise through the ranks as leaders. Yet, the path to progression doesn’t come without challenges.”

Clare Loveridge

Funding women in security

We should start preparing women and girls to enter the STEM workforce from when they are in school. Clare Loveridge, Vice President and EMEA general manager at Arctic Wolf argues, “schools need to start equipping girls with the skills needed to excel in STEM careers, including teamwork, problem solving and critical thinking. Increasing the number of female role models in the sector will also inspire more women and girls to consider pursuing a STEM career.” 

Alongside this, trying to attract women into the cybersecurity industry should not end when they enter the workforce, even if they don’t choose a STEM career from the get-go. King has several suggestions for businesses to accelerate the progress made over the last decade. She says, “first, businesses looking for potential candidates should cast the net beyond STEM backgrounds. From my experience in cyber, there are many useful skillsets people from a range of backgrounds could bring to the industry. We also need companies and governments to invest more resources into cybersecurity training, internship and apprenticeship programmes which can be particularly effective for early-stage career candidates.” 

It is also important for organisations to invest in mentorship programmes and bolster industry networks, King argues. “One of the most powerful ways to inspire inclusion is through industry networks and support from mentors, which is an effective way to elevate the representation of women in senior roles. I have greatly benefited from engaging with and learning from other women in the cybersecurity industry by sharing our experiences and best practices with each other,” she adds.

Claire Pitman

Putting theory to practice

By now businesses know having more women in their workforce is not just the right thing from a moral perspective, but it is also good for business. However, putting theory into practice is proving to be complicated. Claire Pitman, VP of field and digital marketing, EMEA at Ping Identity argues, “both men and women should lead by example when it comes to overcoming the current imbalance in equality and inclusion for future generations. Authenticity, humility, and openness to guidance are crucial in equal measures if prejudices are to be eradicated.”

Thankfully, some organisations are already succeeding in implementing inclusive policies that help in their efforts to recruit more women. Loveridge is proud of the steps Arctic Wolf is taking to support its female employees, “our maternity policy significantly enhances the support available to women working within the business. Initiatives such as these will support women in achieving their career goals and allow them to thrive in the wider workplace.”

Slowly but steadily

Many in cybersecurity are trying to fix the gender diversity gap that has characterised the industry for many years. Progress has definitely been made, but there is still a lot to be done before we can truly see equal gender diversity. Among the suggested solutions from the cybersecurity leaders we spoke to, organisations must, invest in STEM training programmes for women and girls to gain the necessary skills for a career in cybersecurity and encourage women to expand and join mentorship networks. Together, we can make inclusivity work for all.